From 5b047223d17d0ce4c5e3fba3cadba4d546ef30cb Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 18 Aug 2023 15:33:15 +0200 Subject: [PATCH 001/908] accesslist-duplicates: use /terminal/ask This was introduced in RouterOS 7.12beta1. --- accesslist-duplicates.capsman.rsc | 8 ++++---- accesslist-duplicates.local.rsc | 8 ++++---- accesslist-duplicates.template.rsc | 8 ++++---- accesslist-duplicates.wifiwave2.rsc | 8 ++++---- doc/accesslist-duplicates.md | 2 ++ 5 files changed, 18 insertions(+), 16 deletions(-) diff --git a/accesslist-duplicates.capsman.rsc b/accesslist-duplicates.capsman.rsc index b986862..3fd688e 100644 --- a/accesslist-duplicates.capsman.rsc +++ b/accesslist-duplicates.capsman.rsc @@ -3,6 +3,8 @@ # Copyright (c) 2018-2023 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12beta1 +# # print duplicate antries in wireless access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md # @@ -12,16 +14,14 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global Read; - :local Seen ({}); :foreach AccList in=[ /caps-man/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ :local Mac [ /caps-man/access-list/get $AccList mac-address ]; :if ($Seen->$Mac = 1) do={ /caps-man/access-list/print where mac-address=$Mac; - :put "\nNumeric id to remove, any key to skip!"; - :local Remove [ :tonum [ $Read ] ]; + :local Remove [ :tonum [ /terminal/ask prompt="\nNumeric id to remove, any key to skip!" ] ]; + :if ([ :typeof $Remove ] = "num") do={ :put ("Removing numeric id " . $Remove . "...\n"); /caps-man/access-list/remove $Remove; diff --git a/accesslist-duplicates.local.rsc b/accesslist-duplicates.local.rsc index b136de3..c19be20 100644 --- a/accesslist-duplicates.local.rsc +++ b/accesslist-duplicates.local.rsc @@ -3,6 +3,8 @@ # Copyright (c) 2018-2023 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12beta1 +# # print duplicate antries in wireless access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md # @@ -12,16 +14,14 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global Read; - :local Seen ({}); :foreach AccList in=[ /interface/wireless/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ :local Mac [ /interface/wireless/access-list/get $AccList mac-address ]; :if ($Seen->$Mac = 1) do={ /interface/wireless/access-list/print where mac-address=$Mac; - :put "\nNumeric id to remove, any key to skip!"; - :local Remove [ :tonum [ $Read ] ]; + :local Remove [ :tonum [ /terminal/ask prompt="\nNumeric id to remove, any key to skip!" ] ]; + :if ([ :typeof $Remove ] = "num") do={ :put ("Removing numeric id " . $Remove . "...\n"); /interface/wireless/access-list/remove $Remove; diff --git a/accesslist-duplicates.template.rsc b/accesslist-duplicates.template.rsc index 1e5fc80..beb7ef2 100644 --- a/accesslist-duplicates.template.rsc +++ b/accesslist-duplicates.template.rsc @@ -3,6 +3,8 @@ # Copyright (c) 2018-2023 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12beta1 +# # print duplicate antries in wireless access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md # @@ -13,8 +15,6 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global Read; - :local Seen ({}); :foreach AccList in=[ /caps-man/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ @@ -27,8 +27,8 @@ /caps-man/access-list/print where mac-address=$Mac; /interface/wifiwave2/access-list/print where mac-address=$Mac; /interface/wireless/access-list/print where mac-address=$Mac; - :put "\nNumeric id to remove, any key to skip!"; - :local Remove [ :tonum [ $Read ] ]; + :local Remove [ :tonum [ /terminal/ask prompt="\nNumeric id to remove, any key to skip!" ] ]; + :if ([ :typeof $Remove ] = "num") do={ :put ("Removing numeric id " . $Remove . "...\n"); /caps-man/access-list/remove $Remove; diff --git a/accesslist-duplicates.wifiwave2.rsc b/accesslist-duplicates.wifiwave2.rsc index 4297898..c28a8f6 100644 --- a/accesslist-duplicates.wifiwave2.rsc +++ b/accesslist-duplicates.wifiwave2.rsc @@ -3,6 +3,8 @@ # Copyright (c) 2018-2023 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12beta1 +# # print duplicate antries in wireless access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md # @@ -12,16 +14,14 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global Read; - :local Seen ({}); :foreach AccList in=[ /interface/wifiwave2/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ :local Mac [ /interface/wifiwave2/access-list/get $AccList mac-address ]; :if ($Seen->$Mac = 1) do={ /interface/wifiwave2/access-list/print where mac-address=$Mac; - :put "\nNumeric id to remove, any key to skip!"; - :local Remove [ :tonum [ $Read ] ]; + :local Remove [ :tonum [ /terminal/ask prompt="\nNumeric id to remove, any key to skip!" ] ]; + :if ([ :typeof $Remove ] = "num") do={ :put ("Removing numeric id " . $Remove . "...\n"); /interface/wifiwave2/access-list/remove $Remove; diff --git a/doc/accesslist-duplicates.md b/doc/accesslist-duplicates.md index e3767e7..06295d9 100644 --- a/doc/accesslist-duplicates.md +++ b/doc/accesslist-duplicates.md @@ -3,6 +3,8 @@ Find and remove access list duplicates [⬅️ Go back to main README](../README.md) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12beta1-yellow?style=flat)](https://mikrotik.com/download/changelogs/) + > ℹ️️ **Info**: This script can not be used on its own but requires the base > installation. See [main README](../README.md) for details. From ebce360a4e0adeda3f43d0b6b322bfd12964b45d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 18 Aug 2023 15:40:22 +0200 Subject: [PATCH 002/908] doc/accesslist-duplicates: reference stable version --- doc/accesslist-duplicates.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/accesslist-duplicates.md b/doc/accesslist-duplicates.md index 06295d9..ba5ac4b 100644 --- a/doc/accesslist-duplicates.md +++ b/doc/accesslist-duplicates.md @@ -3,7 +3,7 @@ Find and remove access list duplicates [⬅️ Go back to main README](../README.md) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12beta1-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) > ℹ️️ **Info**: This script can not be used on its own but requires the base > installation. See [main README](../README.md) for details. From e36ac19c8b210ccdb83dc020ec0b381f310567da Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 18 Aug 2023 15:35:50 +0200 Subject: [PATCH 003/908] global-functions: drop $Read ... which is no longer required now that RouterOS 7.12beta1 provides /terminal/ask. --- global-functions.rsc | 6 ------ 1 file changed, 6 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 5c6e3c5..90ed0b6 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -53,7 +53,6 @@ :global ParseKeyValueStore; :global PrettyPrint; :global RandomDelay; -:global Read; :global RequiredRouterOS; :global ScriptFromTerminal; :global ScriptInstallUpdate; @@ -804,11 +803,6 @@ :delay ([ $GetRandomNumber $1 ] . [ $EitherOr $2 "s" ]); } -# read input from user -:set Read do={ - :return; -} - # check for required RouterOS version :set RequiredRouterOS do={ :local Caller [ :tostr $1 ]; From dcca53e449e95c10e7a7d5830d704b173ffc191c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 14 Nov 2023 10:41:01 +0100 Subject: [PATCH 004/908] hotspot-to-wpa: drop dead code --- hotspot-to-wpa.template.rsc | 1 - 1 file changed, 1 deletion(-) diff --git a/hotspot-to-wpa.template.rsc b/hotspot-to-wpa.template.rsc index f465722..c676fe6 100644 --- a/hotspot-to-wpa.template.rsc +++ b/hotspot-to-wpa.template.rsc @@ -101,7 +101,6 @@ $LogPrintExit2 info $0 ("Adding/updating access-list entry for mac address " . $ :local VlanMode [ $EitherOr ($UserInfo->"vlan-mode") ($Template->"vlan-mode") ]; :if ([ :len $VlanMode] > 0) do={ /caps-man/access-list/set $Entry vlan-mode=$VlanMode; - /interface/wifiwave2/access-list/set $Entry vlan-mode=$VlanMode; } # NOT /interface/wifiwave2 # From 64bae1fd1b740ca0c9b4d51b920840c59ce5a469 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 14 Nov 2023 14:04:30 +0100 Subject: [PATCH 005/908] doc/capsman-download-packages: hint on cleanup --- doc/capsman-download-packages.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/doc/capsman-download-packages.md b/doc/capsman-download-packages.md index 8174c13..f6e6f96 100644 --- a/doc/capsman-download-packages.md +++ b/doc/capsman-download-packages.md @@ -45,6 +45,9 @@ If no packages are found the script tries to download missing packages for legacy CAPsMAN by guessing from system log. For `wifiwave2` a default set of packages (`routeros` and `wifiwave2` for *arm* and *arm64*) is downloaded. +> ℹ️ **Info**: If you have packages in the directory and things go wrong for +> what ever unknown reason: Remove **all** packages and start over. + Usage and invocation -------------------- From 690953e4c53e6eef855de04659fefceb3906d2df Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 14 Nov 2023 15:13:12 +0100 Subject: [PATCH 006/908] doc/collect-wireless-mac: fix copy-and-paste error --- doc/collect-wireless-mac.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/collect-wireless-mac.md b/doc/collect-wireless-mac.md index 2b17055..6407c3a 100644 --- a/doc/collect-wireless-mac.md +++ b/doc/collect-wireless-mac.md @@ -28,7 +28,7 @@ or legacy wifi with CAPsMAN (`/caps-man`) or local wireless interface For `wifiwave2`: - $ScriptInstallUpdate collect-wireless-mac.capsman.wifiwave2; + $ScriptInstallUpdate collect-wireless-mac.wifiwave2; For legacy CAPsMAN: From 18360f92b377dbb42b9da5441270a6dcaee1bfbf Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 14 Nov 2023 17:31:34 +0100 Subject: [PATCH 007/908] capsman-download-packages: update template comment --- capsman-download-packages.template.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index 71bced0..80f1988 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -7,8 +7,8 @@ # download and cleanup packages for CAP installation from CAPsMAN # https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-download-packages.md # -# !! This is just a template! Replace '%PATH%' with 'caps-man', -# !! 'interface/wireless' or 'interface/wifiwave2'! +# !! This is just a template to generate the real script! +# !! Pattern '%TEMPL%' is replaced, paths are filtered. :local 0 "capsman-download-packages%TEMPL%"; :global GlobalFunctionsReady; From 0d530294f5f0608114c8f0cd409f0041bb2c1b74 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 14 Nov 2023 17:31:42 +0100 Subject: [PATCH 008/908] capsman-rolling-upgrade: update template comment --- capsman-rolling-upgrade.template.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/capsman-rolling-upgrade.template.rsc b/capsman-rolling-upgrade.template.rsc index 0890ad2..fc6872c 100644 --- a/capsman-rolling-upgrade.template.rsc +++ b/capsman-rolling-upgrade.template.rsc @@ -9,8 +9,8 @@ # upgrade CAPs one after another # https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-rolling-upgrade.md # -# !! This is just a template! Replace '%PATH%' with 'caps-man', -# !! 'interface/wireless' or 'interface/wifiwave2'! +# !! This is just a template to generate the real script! +# !! Pattern '%TEMPL%' is replaced, paths are filtered. :local 0 "capsman-rolling-upgrade%TEMPL%"; :global GlobalFunctionsReady; From 4f04fa73fceb8841b61e4adedaab3cd4925dad00 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 14 Nov 2023 22:26:22 +0100 Subject: [PATCH 009/908] mode-button: rename scheduler --- mode-button.rsc | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/mode-button.rsc b/mode-button.rsc index 87e8740..dae9d99 100644 --- a/mode-button.rsc +++ b/mode-button.rsc @@ -16,10 +16,10 @@ :set ($ModeButton->"count") ($ModeButton->"count" + 1); -:local Scheduler [ /system/scheduler/find where name="\$ModeButtonScheduler" ]; +:local Scheduler [ /system/scheduler/find where name="_ModeButtonScheduler" ]; :if ([ :len $Scheduler ] = 0) do={ - $LogPrintExit2 info $0 ("Creating scheduler \$ModeButtonScheduler, counting presses...") false; + $LogPrintExit2 info $0 ("Creating scheduler _ModeButtonScheduler, counting presses...") false; :global ModeButtonScheduler do={ :global ModeButton; @@ -44,7 +44,7 @@ :set ($ModeButton->"count") 0; :set ModeButtonScheduler; - /system/scheduler/remove [ find where name=$0 ]; + /system/scheduler/remove [ find where name="_ModeButtonScheduler" ]; :if ([ :len $Code ] > 0) do={ :if ([ $ValidateSyntax $Code ] = true) do={ @@ -68,9 +68,9 @@ $LogPrintExit2 info $0 ("No action defined for " . $Count . " mode-button presses.") false; } } - /system/scheduler/add name="\$ModeButtonScheduler" \ + /system/scheduler/add name="_ModeButtonScheduler" \ on-event=":global ModeButtonScheduler; \$ModeButtonScheduler;" interval=3s; } else={ - $LogPrintExit2 debug $0 ("Updating scheduler \$ModeButtonScheduler...") false; + $LogPrintExit2 debug $0 ("Updating scheduler _ModeButtonScheduler...") false; /system/scheduler/set $Scheduler start-time=[ /system/clock/get time ]; } From f7c72b6ed96e45bf1fbb54c46ce09e1fccc791be Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 14 Nov 2023 22:27:15 +0100 Subject: [PATCH 010/908] packages-update: rename scheduler --- packages-update.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages-update.rsc b/packages-update.rsc index caaac6a..85a241a 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -95,8 +95,8 @@ $ScriptLock $0; $RandomDelay 3600; /system/reboot; } - /system/scheduler/add name="\$RebootForUpdate" start-time=03:00:00 interval=1d \ - on-event=("/system/scheduler/remove \"\\\$RebootForUpdate\"; " . \ + /system/scheduler/add name="_RebootForUpdate" start-time=03:00:00 interval=1d \ + on-event=("/system/scheduler/remove \"_RebootForUpdate\"; " . \ ":global RebootForUpdate; \$RebootForUpdate;"); $LogPrintExit2 info $0 ("Scheduled reboot for update between 03:00 and 04:00.") true; } From a5e2282d0fb44b67bcb8dcc5bc7068b395fdd973 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 14 Nov 2023 22:34:45 +0100 Subject: [PATCH 011/908] mod/notification-email: rename scheduler --- mod/notification-email.rsc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index a505a50..774af4c 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -26,7 +26,7 @@ :local AllDone true; :local QueueLen [ :len $EmailQueue ]; - :local Scheduler [ /system/scheduler/find where name=$0 ]; + :local Scheduler [ /system/scheduler/find where name="_FlushEmailQueue" ]; :if ([ :len $Scheduler ] > 0 && [ /system/scheduler/get $Scheduler interval ] < 1m) do={ /system/scheduler/set interval=1m comment="Doing initial checks..." $Scheduler; @@ -152,8 +152,8 @@ [ $IfThenElse ([ :len ($Notification->"link") ] > 0) ("\n\n" . ($Notification->"link")) "" ] . \ [ $IfThenElse ([ :len $Signature ] > 0) ("\n-- \n" . $Signature) "" ]); \ attach=($Notification->"attach"); remove-attach=($Notification->"remove-attach") }; - :if ([ :len [ /system/scheduler/find where name="\$FlushEmailQueue" ] ] = 0) do={ - /system/scheduler/add name="\$FlushEmailQueue" interval=1s start-time=startup \ + :if ([ :len [ /system/scheduler/find where name="_FlushEmailQueue" ] ] = 0) do={ + /system/scheduler/add name="_FlushEmailQueue" interval=1s start-time=startup \ comment="Queuing new mail..." on-event=(":global FlushEmailQueue; \$FlushEmailQueue;"); } } @@ -162,7 +162,7 @@ :set PurgeEMailQueue do={ :global EmailQueue; - /system/scheduler/remove [ find where name="\$FlushEmailQueue" ]; + /system/scheduler/remove [ find where name="_FlushEmailQueue" ]; :set EmailQueue; } From 5c2454be8b767550251172c7b234585de1ded268 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 14 Nov 2023 22:35:06 +0100 Subject: [PATCH 012/908] mod/notification-matrix: rename scheduler --- mod/notification-matrix.rsc | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/mod/notification-matrix.rsc b/mod/notification-matrix.rsc index a8983a7..378faab 100644 --- a/mod/notification-matrix.rsc +++ b/mod/notification-matrix.rsc @@ -30,7 +30,7 @@ :local AllDone true; :local QueueLen [ :len $MatrixQueue ]; - :if ([ :len [ /system/scheduler/find where name=$0 ] ] > 0 && $QueueLen = 0) do={ + :if ([ :len [ /system/scheduler/find where name="_FlushMatrixQueue" ] ] > 0 && $QueueLen = 0) do={ $LogPrintExit2 warning $0 ("Flushing Matrix messages from scheduler, but queue is empty.") false; } @@ -52,7 +52,7 @@ } :if ($AllDone = true && $QueueLen = [ :len $MatrixQueue ]) do={ - /system/scheduler/remove [ find where name=$0 ]; + /system/scheduler/remove [ find where name="_FlushMatrixQueue" ]; :set MatrixQueue; } } @@ -147,8 +147,8 @@ :set ($MatrixQueue->[ :len $MatrixQueue ]) { room=$Room; \ accesstoken=$AccessToken; homeserver=$HomeServer; \ plain=$Plain; formatted=$Formatted }; - :if ([ :len [ /system/scheduler/find where name="\$FlushMatrixQueue" ] ] = 0) do={ - /system/scheduler/add name="\$FlushMatrixQueue" interval=1m start-time=startup \ + :if ([ :len [ /system/scheduler/find where name="_FlushMatrixQueue" ] ] = 0) do={ + /system/scheduler/add name="_FlushMatrixQueue" interval=1m start-time=startup \ on-event=(":global FlushMatrixQueue; \$FlushMatrixQueue;"); } } @@ -158,7 +158,7 @@ :set PurgeMatrixQueue do={ :global MatrixQueue; - /system/scheduler/remove [ find where name="\$FlushMatrixQueue" ]; + /system/scheduler/remove [ find where name="_FlushMatrixQueue" ]; :set MatrixQueue; } From 75c41501c270a4e6fd2db34323f38e12cfdf86d9 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 14 Nov 2023 22:35:23 +0100 Subject: [PATCH 013/908] mod/notification-ntfy: rename scheduler --- mod/notification-ntfy.rsc | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/mod/notification-ntfy.rsc b/mod/notification-ntfy.rsc index e2fc558..5c0e9e5 100644 --- a/mod/notification-ntfy.rsc +++ b/mod/notification-ntfy.rsc @@ -28,7 +28,7 @@ :local AllDone true; :local QueueLen [ :len $NtfyQueue ]; - :if ([ :len [ /system/scheduler/find where name=$0 ] ] > 0 && $QueueLen = 0) do={ + :if ([ :len [ /system/scheduler/find where name="_FlushNtfyQueue" ] ] > 0 && $QueueLen = 0) do={ $LogPrintExit2 warning $0 ("Flushing Ntfy messages from scheduler, but queue is empty.") false; } @@ -46,7 +46,7 @@ } :if ($AllDone = true && $QueueLen = [ :len $NtfyQueue ]) do={ - /system/scheduler/remove [ find where name=$0 ]; + /system/scheduler/remove [ find where name="_FlushNtfyQueue" ]; :set NtfyQueue; } } @@ -103,8 +103,8 @@ "This message was queued since " . [ /system/clock/get date ] . " " . \ [ /system/clock/get time ] . " and may be obsolete."); :set ($NtfyQueue->[ :len $NtfyQueue ]) { url=$Url; headers=$Headers; text=$Text }; - :if ([ :len [ /system/scheduler/find where name="\$FlushNtfyQueue" ] ] = 0) do={ - /system/scheduler/add name="\$FlushNtfyQueue" interval=1m start-time=startup \ + :if ([ :len [ /system/scheduler/find where name="_FlushNtfyQueue" ] ] = 0) do={ + /system/scheduler/add name="_FlushNtfyQueue" interval=1m start-time=startup \ on-event=(":global FlushNtfyQueue; \$FlushNtfyQueue;"); } } @@ -114,7 +114,7 @@ :set PurgeNtfyQueue do={ :global NtfyQueue; - /system/scheduler/remove [ find where name="\$FlushNtfyQueue" ]; + /system/scheduler/remove [ find where name="_FlushNtfyQueue" ]; :set NtfyQueue; } From 8c8f834179f0ab618f031ec50739bbafd4c4261e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 14 Nov 2023 22:35:38 +0100 Subject: [PATCH 014/908] mod/notification-telegram: rename scheduler --- mod/notification-telegram.rsc | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index b5729a4..66be7d3 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -29,7 +29,7 @@ :local AllDone true; :local QueueLen [ :len $TelegramQueue ]; - :if ([ :len [ /system/scheduler/find where name=$0 ] ] > 0 && $QueueLen = 0) do={ + :if ([ :len [ /system/scheduler/find where name="_FlushTelegramQueue" ] ] > 0 && $QueueLen = 0) do={ $LogPrintExit2 warning $0 ("Flushing Telegram messages from scheduler, but queue is empty.") false; } @@ -51,7 +51,7 @@ } :if ($AllDone = true && $QueueLen = [ :len $TelegramQueue ]) do={ - /system/scheduler/remove [ find where name=$0 ]; + /system/scheduler/remove [ find where name="_FlushTelegramQueue" ]; :set TelegramQueue; } } @@ -155,8 +155,8 @@ " " . [ /system/clock/get time ] . " and may be obsolete.") "plain" ]) ]); :set ($TelegramQueue->[ :len $TelegramQueue ]) { chatid=$ChatId; tokenid=$TokenId; text=$Text; silent=($Notification->"silent"); replyto=($Notification->"replyto") }; - :if ([ :len [ /system/scheduler/find where name="\$FlushTelegramQueue" ] ] = 0) do={ - /system/scheduler/add name="\$FlushTelegramQueue" interval=1m start-time=startup \ + :if ([ :len [ /system/scheduler/find where name="_FlushTelegramQueue" ] ] = 0) do={ + /system/scheduler/add name="_FlushTelegramQueue" interval=1m start-time=startup \ on-event=(":global FlushTelegramQueue; \$FlushTelegramQueue;"); } } @@ -166,7 +166,7 @@ :set PurgeTelegramQueue do={ :global TelegramQueue; - /system/scheduler/remove [ find where name="\$FlushTelegramQueue" ]; + /system/scheduler/remove [ find where name="_FlushTelegramQueue" ]; :set TelegramQueue; } From 448b44cde664a5da65c3b8726e8f512483693eca Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 14 Nov 2023 10:10:56 +0100 Subject: [PATCH 015/908] Makefile: support new wifi package... ... introduced with RouterOS 7.13beta1. --- Makefile | 25 ++++++++++++++++--------- capsman-download-packages.template.rsc | 8 ++++---- capsman-rolling-upgrade.template.rsc | 4 ++-- daily-psk.template.rsc | 2 +- hotspot-to-wpa-cleanup.template.rsc | 4 ++-- hotspot-to-wpa.template.rsc | 8 ++++---- 6 files changed, 29 insertions(+), 22 deletions(-) diff --git a/Makefile b/Makefile index 100aa78..b18b09a 100644 --- a/Makefile +++ b/Makefile @@ -4,31 +4,38 @@ CAPSMAN = $(wildcard *.capsman.rsc) LOCAL = $(wildcard *.local.rsc) +WIFI = $(wildcard *.wifi.rsc) WIFIWAVE2 = $(wildcard *.wifiwave2.rsc) MARKDOWN = $(wildcard *.md doc/*.md doc/mod/*.md) HTML = $(MARKDOWN:.md=.html) -all: $(CAPSMAN) $(LOCAL) $(WIFIWAVE2) $(HTML) +all: $(CAPSMAN) $(LOCAL) $(WIFI) $(WIFIWAVE2) $(HTML) %.html: %.md Makefile markdown $< | sed 's/href="\([-_\./[:alnum:]]*\)\.md"/href="\1.html"/g' > $@ -%.local.rsc: %.template.rsc Makefile - sed -e '/\/caps-man/d' -e '/\/interface\/wifiwave2/d' -e 's|%TEMPL%|.local|' \ - -e '/^# NOT \/interface\/wireless #$$/,/^# NOT \/interface\/wireless #$$/d' \ +%.capsman.rsc: %.template.rsc Makefile + sed -e '/\/interface\/wifi\//d' -e '/\/interface\/wifiwave2\//d' -e '/\/interface\/wireless\//d' -e 's|%TEMPL%|.capsman|' \ + -e '/^# NOT \/caps-man\/ #$$/,/^# NOT \/caps-man\/ #$$/d' \ -e '/^# !!/,/^# !!/c # !! Do not edit this file, it is generated from template!' \ < $< > $@ -%.capsman.rsc: %.template.rsc Makefile - sed -e '/\/interface\/wifiwave2/d' -e '/\/interface\/wireless/d' -e 's|%TEMPL%|.capsman|' \ - -e '/^# NOT \/caps-man #$$/,/^# NOT \/caps-man #$$/d' \ +%.local.rsc: %.template.rsc Makefile + sed -e '/\/caps-man\//d' -e '/\/interface\/wifi\//d' -e '/\/interface\/wifiwave2\//d' -e 's|%TEMPL%|.local|' \ + -e '/^# NOT \/interface\/wireless\/ #$$/,/^# NOT \/interface\/wireless\/ #$$/d' \ + -e '/^# !!/,/^# !!/c # !! Do not edit this file, it is generated from template!' \ + < $< > $@ + +%.wifi.rsc: %.template.rsc Makefile + sed -e '/\/caps-man\//d' -e '/\/interface\/wifiwave2\//d' -e '/\/interface\/wireless\//d' -e 's|%TEMPL%|.wifi|' \ + -e '/^# NOT \/interface\/wifi\/ #$$/,/^# NOT \/interface\/wifi\/ #$$/d' \ -e '/^# !!/,/^# !!/c # !! Do not edit this file, it is generated from template!' \ < $< > $@ %.wifiwave2.rsc: %.template.rsc Makefile - sed -e '/\/caps-man/d' -e '/\/interface\/wireless/d' -e 's|%TEMPL%|.wifiwave2|' \ - -e '/^# NOT \/interface\/wifiwave2 #$$/,/^# NOT \/interface\/wifiwave2 #$$/d' \ + sed -e '/\/caps-man\//d' -e '/\/interface\/wifi\//d' -e '/\/interface\/wireless\//d' -e 's|%TEMPL%|.wifiwave2|' \ + -e '/^# NOT \/interface\/wifiwave2\/ #$$/,/^# NOT \/interface\/wifiwave2\/ #$$/d' \ -e '/^# !!/,/^# !!/c # !! Do not edit this file, it is generated from template!' \ < $< > $@ diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index 80f1988..88fda60 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -55,7 +55,7 @@ $WaitFullyConnected; } } -# NOT /interface/wifiwave2 # +# NOT /interface/wifiwave2/ # :if ([ :len [ /system/logging/find where topics~"error" !(topics~"!error") \ !(topics~"!caps") action=memory !disabled !invalid ] ] < 1) do={ $LogPrintExit2 warning $0 ("Looks like error messages for 'caps' are not sent to memory. " . \ @@ -81,8 +81,8 @@ $WaitFullyConnected; :set Updated true; } } -# NOT /interface/wifiwave2 # -# NOT /caps-man # +# NOT /interface/wifiwave2/ # +# NOT /caps-man/ # :if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={ $LogPrintExit2 info $0 ("No packages available, downloading default set.") false; :foreach Arch in={ "arm"; "arm64" } do={ @@ -93,7 +93,7 @@ $WaitFullyConnected; } } } -# NOT /caps-man # +# NOT /caps-man/ # :if ($Updated = true) do={ :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade\n" ]->0); diff --git a/capsman-rolling-upgrade.template.rsc b/capsman-rolling-upgrade.template.rsc index fc6872c..7800eec 100644 --- a/capsman-rolling-upgrade.template.rsc +++ b/capsman-rolling-upgrade.template.rsc @@ -33,9 +33,9 @@ $ScriptLock $0; :local RemoteCapVal [ /caps-man/remote-cap/get $RemoteCap ]; :local RemoteCapVal [ /interface/wifiwave2/capsman/remote-cap/get $RemoteCap ]; :if ([ :len $RemoteCapVal ] > 1) do={ -# NOT /caps-man # +# NOT /caps-man/ # :set ($RemoteCapVal->"name") ($RemoteCapVal->"common-name"); -# NOT /caps-man # +# NOT /caps-man/ # $LogPrintExit2 info $0 ("Starting upgrade for " . $RemoteCapVal->"name" . \ " (" . $RemoteCapVal->"identity" . ")...") false; /caps-man/remote-cap/upgrade $RemoteCap; diff --git a/daily-psk.template.rsc b/daily-psk.template.rsc index ad9198a..1cb89d0 100644 --- a/daily-psk.template.rsc +++ b/daily-psk.template.rsc @@ -66,7 +66,7 @@ $WaitFullyConnected; :local Ssid [ /interface/wifiwave2/configuration/get $Configuration ssid ]; :local OldPsk [ /caps-man/access-list/get $AccList private-passphrase ]; :local OldPsk [ /interface/wifiwave2/access-list/get $AccList passphrase ]; - # /caps-man /interface/wifiwave2 above - /interface/wireless below + # /caps-man/ /interface/wifiwave2/ above - /interface/wireless/ below :local IntName [ /interface/wireless/access-list/get $AccList interface ]; :local Ssid [ /interface/wireless/get $IntName ssid ]; :local OldPsk [ /interface/wireless/access-list/get $AccList private-pre-shared-key ]; diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc index 8cc732b..d033b20 100644 --- a/hotspot-to-wpa-cleanup.template.rsc +++ b/hotspot-to-wpa-cleanup.template.rsc @@ -4,9 +4,9 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=80 -# NOT /caps-man # +# NOT /caps-man/ # # requires RouterOS, version=7.12beta3 -# NOT /caps-man # +# NOT /caps-man/ # # # manage and clean up private WPA passphrase after hotspot login # https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md diff --git a/hotspot-to-wpa.template.rsc b/hotspot-to-wpa.template.rsc index c676fe6..5443271 100644 --- a/hotspot-to-wpa.template.rsc +++ b/hotspot-to-wpa.template.rsc @@ -74,9 +74,9 @@ $LogPrintExit2 info $0 ("Adding/updating access-list entry for mac address " . $ :local Entry [ /caps-man/access-list/find where mac-address=$MacAddress \ :local Entry [ /interface/wifiwave2/access-list/find where mac-address=$MacAddress \ comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) ]; -# NOT /caps-man # +# NOT /caps-man/ # :set ($Template->"private-passphrase") ($Template->"passphrase"); -# NOT /caps-man # +# NOT /caps-man/ # :local PrivatePassphrase [ $EitherOr ($UserInfo->"private-passphrase") ($Template->"private-passphrase") ]; :if ([ :len $PrivatePassphrase ] > 0) do={ :if ($PrivatePassphrase = "ignore") do={ @@ -97,12 +97,12 @@ $LogPrintExit2 info $0 ("Adding/updating access-list entry for mac address " . $ /caps-man/access-list/set $Entry vlan-id=$VlanId; /interface/wifiwave2/access-list/set $Entry vlan-id=$VlanId; } -# NOT /interface/wifiwave2 # +# NOT /interface/wifiwave2/ # :local VlanMode [ $EitherOr ($UserInfo->"vlan-mode") ($Template->"vlan-mode") ]; :if ([ :len $VlanMode] > 0) do={ /caps-man/access-list/set $Entry vlan-mode=$VlanMode; } -# NOT /interface/wifiwave2 # +# NOT /interface/wifiwave2/ # :delay 2s; /caps-man/access-list/set $Entry action=accept; From ba406ae0fe7fedb60a80c6a142b2ec280d478984 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 14 Nov 2023 10:19:05 +0100 Subject: [PATCH 016/908] accesslist-duplicates: support new wifi package --- accesslist-duplicates.template.rsc | 4 ++++ accesslist-duplicates.wifi.rsc | 31 ++++++++++++++++++++++++++++++ doc/accesslist-duplicates.md | 15 ++++++++++----- 3 files changed, 45 insertions(+), 5 deletions(-) create mode 100644 accesslist-duplicates.wifi.rsc diff --git a/accesslist-duplicates.template.rsc b/accesslist-duplicates.template.rsc index beb7ef2..c83b428 100644 --- a/accesslist-duplicates.template.rsc +++ b/accesslist-duplicates.template.rsc @@ -18,13 +18,16 @@ :local Seen ({}); :foreach AccList in=[ /caps-man/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ +:foreach AccList in=[ /interface/wifi/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ :foreach AccList in=[ /interface/wifiwave2/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ :foreach AccList in=[ /interface/wireless/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ :local Mac [ /caps-man/access-list/get $AccList mac-address ]; + :local Mac [ /interface/wifi/access-list/get $AccList mac-address ]; :local Mac [ /interface/wifiwave2/access-list/get $AccList mac-address ]; :local Mac [ /interface/wireless/access-list/get $AccList mac-address ]; :if ($Seen->$Mac = 1) do={ /caps-man/access-list/print where mac-address=$Mac; + /interface/wifi/access-list/print where mac-address=$Mac; /interface/wifiwave2/access-list/print where mac-address=$Mac; /interface/wireless/access-list/print where mac-address=$Mac; :local Remove [ :tonum [ /terminal/ask prompt="\nNumeric id to remove, any key to skip!" ] ]; @@ -32,6 +35,7 @@ :if ([ :typeof $Remove ] = "num") do={ :put ("Removing numeric id " . $Remove . "...\n"); /caps-man/access-list/remove $Remove; + /interface/wifi/access-list/remove $Remove; /interface/wifiwave2/access-list/remove $Remove; /interface/wireless/access-list/remove $Remove; } diff --git a/accesslist-duplicates.wifi.rsc b/accesslist-duplicates.wifi.rsc new file mode 100644 index 0000000..4ca8be8 --- /dev/null +++ b/accesslist-duplicates.wifi.rsc @@ -0,0 +1,31 @@ +#!rsc by RouterOS +# RouterOS script: accesslist-duplicates.wifi +# Copyright (c) 2018-2023 Christian Hesse +# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# +# requires RouterOS, version=7.12beta1 +# +# print duplicate antries in wireless access list +# https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md +# +# !! Do not edit this file, it is generated from template! + +:local 0 "accesslist-duplicates.wifi"; +:global GlobalFunctionsReady; +:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } + +:local Seen ({}); + +:foreach AccList in=[ /interface/wifi/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ + :local Mac [ /interface/wifi/access-list/get $AccList mac-address ]; + :if ($Seen->$Mac = 1) do={ + /interface/wifi/access-list/print where mac-address=$Mac; + :local Remove [ :tonum [ /terminal/ask prompt="\nNumeric id to remove, any key to skip!" ] ]; + + :if ([ :typeof $Remove ] = "num") do={ + :put ("Removing numeric id " . $Remove . "...\n"); + /interface/wifi/access-list/remove $Remove; + } + } + :set ($Seen->$Mac) 1; +} diff --git a/doc/accesslist-duplicates.md b/doc/accesslist-duplicates.md index ba5ac4b..7cb0bc2 100644 --- a/doc/accesslist-duplicates.md +++ b/doc/accesslist-duplicates.md @@ -17,11 +17,16 @@ entries in wireless access list. Requirements and installation ----------------------------- -Depending on whether you use `wifiwave2` package (`/interface/wifiwave2`) -or legacy wifi with CAPsMAN (`/caps-man`) or local wireless interface -(`/interface/wireless`) you need to install a different script. +Depending on whether you use `wifi` package (`/interface/wifi`), `wifiwave2` +package (`/interface/wifiwave2`), legacy wifi with CAPsMAN (`/caps-man`) +or local wireless interface (`/interface/wireless`) you need to install a +different script. -For `wifiwave2`: +For `wifi` (RouterOS 7.13 and later): + + $ScriptInstallUpdate accesslist-duplicates.wifi; + +For `wifiwave2` (up to RouterOS 7.12): $ScriptInstallUpdate accesslist-duplicates.wifiwave2; @@ -38,7 +43,7 @@ Usage and invocation Run this script from a terminal: - /system/script/run accesslist-duplicates.local; + /system/script/run accesslist-duplicates.wifi; ![screenshot: example](accesslist-duplicates.d/01-example.avif) From 5eb130f0fc137bc3fa02d6a28b75f2c9a3b101de Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 14 Nov 2023 10:26:06 +0100 Subject: [PATCH 017/908] capsman-download-packages: support new wifi package --- capsman-download-packages.template.rsc | 9 ++++ capsman-download-packages.wifi.rsc | 74 ++++++++++++++++++++++++++ doc/capsman-download-packages.md | 29 +++++++--- 3 files changed, 104 insertions(+), 8 deletions(-) create mode 100644 capsman-download-packages.wifi.rsc diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index 88fda60..7b37c36 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -25,6 +25,7 @@ $ScriptLock $0; $WaitFullyConnected; :local PackagePath [ $CleanFilePath [ /caps-man/manager/get package-path ] ]; +:local PackagePath [ $CleanFilePath [ /interface/wifi/capsman/get package-path ] ]; :local PackagePath [ $CleanFilePath [ /interface/wifiwave2/capsman/get package-path ] ]; :local InstalledVersion [ /system/package/update/get installed-version ]; :local Updated false; @@ -55,6 +56,7 @@ $WaitFullyConnected; } } +# NOT /interface/wifi/ # # NOT /interface/wifiwave2/ # :if ([ :len [ /system/logging/find where topics~"error" !(topics~"!error") \ !(topics~"!caps") action=memory !disabled !invalid ] ] < 1) do={ @@ -82,11 +84,17 @@ $WaitFullyConnected; } } # NOT /interface/wifiwave2/ # +# NOT /interface/wifi/ # # NOT /caps-man/ # :if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={ $LogPrintExit2 info $0 ("No packages available, downloading default set.") false; :foreach Arch in={ "arm"; "arm64" } do={ +# NOT /interface/wifi/ # :foreach Package in={ "routeros"; "wifiwave2" } do={ +# NOT /interface/wifi/ # +# NOT /interface/wifiwave2/ # + :foreach Package in={ "routeros"; "wifi-qcom"; "wifi-qcom-ac" } do={ +# NOT /interface/wifiwave2/ # :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={ :set Updated true; } @@ -101,6 +109,7 @@ $WaitFullyConnected; /system/script/run $Script; } else={ /caps-man/remote-cap/upgrade [ find where version!=$InstalledVersion ]; + /interface/wifi/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ]; /interface/wifiwave2/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ]; } } diff --git a/capsman-download-packages.wifi.rsc b/capsman-download-packages.wifi.rsc new file mode 100644 index 0000000..3552924 --- /dev/null +++ b/capsman-download-packages.wifi.rsc @@ -0,0 +1,74 @@ +#!rsc by RouterOS +# RouterOS script: capsman-download-packages.wifi +# Copyright (c) 2018-2023 Christian Hesse +# Michael Gisbers +# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# +# download and cleanup packages for CAP installation from CAPsMAN +# https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-download-packages.md +# +# !! Do not edit this file, it is generated from template! + +:local 0 "capsman-download-packages.wifi"; +:global GlobalFunctionsReady; +:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } + +:global CleanFilePath; +:global DownloadPackage; +:global LogPrintExit2; +:global MkDir; +:global ScriptLock; +:global WaitFullyConnected; + +$ScriptLock $0; +$WaitFullyConnected; + +:local PackagePath [ $CleanFilePath [ /interface/wifi/capsman/get package-path ] ]; +:local InstalledVersion [ /system/package/update/get installed-version ]; +:local Updated false; + +:if ([ :len $PackagePath ] = 0) do={ + $LogPrintExit2 warning $0 ("The CAPsMAN package path is not defined, can not download packages.") true; +} + +:if ([ :len [ /file/find where name=$PackagePath type="directory" ] ] = 0) do={ + :if ([ $MkDir $PackagePath ] = false) do={ + $LogPrintExit2 warning $0 ("Creating directory at CAPsMAN package path (" . \ + $PackagePath . ") failed!") true; + } + $LogPrintExit2 info $0 ("Created directory at CAPsMAN package path (" . $PackagePath . \ + "). Please place your packages!") false; +} + +:foreach Package in=[ /file/find where type=package \ + package-version!=$InstalledVersion name~("^" . $PackagePath) ] do={ + :local File [ /file/get $Package ]; + :if ($File->"package-architecture" = "mips") do={ + :set ($File->"package-architecture") "mipsbe"; + } + :if ([ $DownloadPackage ($File->"package-name") $InstalledVersion \ + ($File->"package-architecture") $PackagePath ] = true) do={ + :set Updated true; + /file/remove $Package; + } +} + +:if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={ + $LogPrintExit2 info $0 ("No packages available, downloading default set.") false; + :foreach Arch in={ "arm"; "arm64" } do={ + :foreach Package in={ "routeros"; "wifi-qcom"; "wifi-qcom-ac" } do={ + :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={ + :set Updated true; + } + } + } +} + +:if ($Updated = true) do={ + :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade\n" ]->0); + :if ([ :len $Script ] > 0) do={ + /system/script/run $Script; + } else={ + /interface/wifi/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ]; + } +} diff --git a/doc/capsman-download-packages.md b/doc/capsman-download-packages.md index f6e6f96..ccd2ee5 100644 --- a/doc/capsman-download-packages.md +++ b/doc/capsman-download-packages.md @@ -18,11 +18,16 @@ This script automatically downloads these packages. Requirements and installation ----------------------------- -Just install the script on CAPsMAN device. Depending on whether you use -`wifiwave2` package (`/interface/wifiwave2`) or legacy wifi with CAPsMAN -(`/caps-man`) you need to install a different script. +Just install the script on CAPsMAN device. +Depending on whether you use `wifi` package (`/interface/wifi`), `wifiwave2` +package (`/interface/wifiwave2`) or legacy wifi with CAPsMAN (`/caps-man`) +you need to install a different script. -For `wifiwave2`: +For `wifi` (RouterOS 7.13 and later): + + $ScriptInstallUpdate capsman-download-packages.wifi; + +For `wifiwave2` (up to RouterOS 7.12): $ScriptInstallUpdate capsman-download-packages.wifiwave2; @@ -30,7 +35,12 @@ For legacy CAPsMAN: $ScriptInstallUpdate capsman-download-packages.capsman; -Optionally add a scheduler to run after startup. For `wifiwave2`: +Optionally add a scheduler to run after startup. For `wifi` (RouterOS 7.13 +and later): + + /system/scheduler/add name=capsman-download-packages on-event="/system/script/run capsman-download-packages.wifi;" start-time=startup; + +For `wifiwave2` (up to RouterOS 7.12): /system/scheduler/add name=capsman-download-packages on-event="/system/script/run capsman-download-packages.wifiwave2;" start-time=startup; @@ -42,8 +52,11 @@ Packages available in local storage in older version are downloaded unconditionally. If no packages are found the script tries to download missing packages for -legacy CAPsMAN by guessing from system log. For `wifiwave2` a default set -of packages (`routeros` and `wifiwave2` for *arm* and *arm64*) is downloaded. +legacy CAPsMAN by guessing from system log. For `wifi` and `wifiwave2` a +default set of packages is downloaded. + + * `wifi`: `routeros`, `wifi-qcom` and `wifi-qcom-ac` for *arm* and *arm64* + * `wifiwave2`: `routeros` and `wifiwave2` for *arm* and *arm64* > ℹ️ **Info**: If you have packages in the directory and things go wrong for > what ever unknown reason: Remove **all** packages and start over. @@ -53,7 +66,7 @@ Usage and invocation Run the script manually: - /system/script/run capsman-download-packages.wifiwave2; + /system/script/run capsman-download-packages.wifi; ... or from scheduler. From cf4f0c5c936ba895c6d17e580b61755ca8e6bdd5 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 14 Nov 2023 10:28:12 +0100 Subject: [PATCH 018/908] capsman-rolling-upgrade: support new wifi package --- capsman-rolling-upgrade.template.rsc | 4 +++ capsman-rolling-upgrade.wifi.rsc | 41 ++++++++++++++++++++++++++++ doc/capsman-rolling-upgrade.md | 15 ++++++---- 3 files changed, 55 insertions(+), 5 deletions(-) create mode 100644 capsman-rolling-upgrade.wifi.rsc diff --git a/capsman-rolling-upgrade.template.rsc b/capsman-rolling-upgrade.template.rsc index 7800eec..10245b5 100644 --- a/capsman-rolling-upgrade.template.rsc +++ b/capsman-rolling-upgrade.template.rsc @@ -24,13 +24,16 @@ $ScriptLock $0; :local InstalledVersion [ /system/package/update/get installed-version ]; :local RemoteCapCount [ :len [ /caps-man/remote-cap/find ] ]; +:local RemoteCapCount [ :len [ /interface/wifi/capsman/remote-cap/find ] ]; :local RemoteCapCount [ :len [ /interface/wifiwave2/capsman/remote-cap/find ] ]; :if ($RemoteCapCount > 0) do={ :local Delay (600 / $RemoteCapCount); :if ($Delay > 120) do={ :set Delay 120; } :foreach RemoteCap in=[ /caps-man/remote-cap/find where version!=$InstalledVersion ] do={ + :foreach RemoteCap in=[ /interface/wifi/capsman/remote-cap/find where version!=$InstalledVersion ] do={ :foreach RemoteCap in=[ /interface/wifiwave2/capsman/remote-cap/find where version!=$InstalledVersion ] do={ :local RemoteCapVal [ /caps-man/remote-cap/get $RemoteCap ]; + :local RemoteCapVal [ /interface/wifi/capsman/remote-cap/get $RemoteCap ]; :local RemoteCapVal [ /interface/wifiwave2/capsman/remote-cap/get $RemoteCap ]; :if ([ :len $RemoteCapVal ] > 1) do={ # NOT /caps-man/ # @@ -39,6 +42,7 @@ $ScriptLock $0; $LogPrintExit2 info $0 ("Starting upgrade for " . $RemoteCapVal->"name" . \ " (" . $RemoteCapVal->"identity" . ")...") false; /caps-man/remote-cap/upgrade $RemoteCap; + /interface/wifi/capsman/remote-cap/upgrade $RemoteCap; /interface/wifiwave2/capsman/remote-cap/upgrade $RemoteCap; } else={ $LogPrintExit2 warning $0 ("Remote CAP vanished, skipping upgrade.") false; diff --git a/capsman-rolling-upgrade.wifi.rsc b/capsman-rolling-upgrade.wifi.rsc new file mode 100644 index 0000000..3e13bf4 --- /dev/null +++ b/capsman-rolling-upgrade.wifi.rsc @@ -0,0 +1,41 @@ +#!rsc by RouterOS +# RouterOS script: capsman-rolling-upgrade.wifi +# Copyright (c) 2018-2023 Christian Hesse +# Michael Gisbers +# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# +# provides: capsman-rolling-upgrade +# +# upgrade CAPs one after another +# https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-rolling-upgrade.md +# +# !! Do not edit this file, it is generated from template! + +:local 0 "capsman-rolling-upgrade.wifi"; +:global GlobalFunctionsReady; +:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } + +:global LogPrintExit2; +:global ScriptLock; + +$ScriptLock $0; + +:local InstalledVersion [ /system/package/update/get installed-version ]; + +:local RemoteCapCount [ :len [ /interface/wifi/capsman/remote-cap/find ] ]; +:if ($RemoteCapCount > 0) do={ + :local Delay (600 / $RemoteCapCount); + :if ($Delay > 120) do={ :set Delay 120; } + :foreach RemoteCap in=[ /interface/wifi/capsman/remote-cap/find where version!=$InstalledVersion ] do={ + :local RemoteCapVal [ /interface/wifi/capsman/remote-cap/get $RemoteCap ]; + :if ([ :len $RemoteCapVal ] > 1) do={ + :set ($RemoteCapVal->"name") ($RemoteCapVal->"common-name"); + $LogPrintExit2 info $0 ("Starting upgrade for " . $RemoteCapVal->"name" . \ + " (" . $RemoteCapVal->"identity" . ")...") false; + /interface/wifi/capsman/remote-cap/upgrade $RemoteCap; + } else={ + $LogPrintExit2 warning $0 ("Remote CAP vanished, skipping upgrade.") false; + } + :delay ($Delay . "s"); + } +} diff --git a/doc/capsman-rolling-upgrade.md b/doc/capsman-rolling-upgrade.md index 5c038e9..bbc8e14 100644 --- a/doc/capsman-rolling-upgrade.md +++ b/doc/capsman-rolling-upgrade.md @@ -20,11 +20,16 @@ parallel. Requirements and installation ----------------------------- -Just install the script on CAPsMAN device. Depending on whether you use -`wifiwave2` package (`/interface/wifiwave2`) or legacy wifi with CAPsMAN -(`/caps-man`) you need to install a different script. +Just install the script on CAPsMAN device. +Depending on whether you use `wifi` package (`/interface/wifi`), `wifiwave2` +package (`/interface/wifiwave2`) or legacy wifi with CAPsMAN (`/caps-man`) +you need to install a different script. -For `wifiwave2`: +For `wifi` (RouterOS 7.13 and later): + + $ScriptInstallUpdate capsman-rolling-upgrade.wifi; + +For `wifiwave2` (up to RouterOS 7.12): $ScriptInstallUpdate capsman-rolling-upgrade.wifiwave2; @@ -41,7 +46,7 @@ that script when required. Alternatively run it manually: - /system/script/run capsman-rolling-upgrade.wifiwave2; + /system/script/run capsman-rolling-upgrade.wifi; See also -------- From d598b2d70e27df5376f4433cef3dc2e6b34c0f0a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 14 Nov 2023 10:29:42 +0100 Subject: [PATCH 019/908] collect-wireless-mac: support new wifi package --- collect-wireless-mac.template.rsc | 8 +++ collect-wireless-mac.wifi.rsc | 90 +++++++++++++++++++++++++++++++ doc/collect-wireless-mac.md | 13 +++-- 3 files changed, 107 insertions(+), 4 deletions(-) create mode 100644 collect-wireless-mac.wifi.rsc diff --git a/collect-wireless-mac.template.rsc b/collect-wireless-mac.template.rsc index 75073a4..97760d6 100644 --- a/collect-wireless-mac.template.rsc +++ b/collect-wireless-mac.template.rsc @@ -29,23 +29,28 @@ $ScriptLock $0 false 10; :if ([ :len [ /caps-man/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ +:if ([ :len [ /interface/wifi/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ :if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ :if ([ :len [ /interface/wireless/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ /caps-man/access-list/add comment="--- collected above ---" disabled=yes; + /interface/wifi/access-list/add comment="--- collected above ---" disabled=yes; /interface/wifiwave2/access-list/add comment="--- collected above ---" disabled=yes; /interface/wireless/access-list/add comment="--- collected above ---" disabled=yes; $LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- collected above ---'.") false; } :local PlaceBefore ([ /caps-man/access-list/find where comment="--- collected above ---" disabled ]->0); +:local PlaceBefore ([ /interface/wifi/access-list/find where comment="--- collected above ---" disabled ]->0); :local PlaceBefore ([ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ]->0); :local PlaceBefore ([ /interface/wireless/access-list/find where comment="--- collected above ---" disabled ]->0); :foreach Reg in=[ /caps-man/registration-table/find ] do={ +:foreach Reg in=[ /interface/wifi/registration-table/find ] do={ :foreach Reg in=[ /interface/wifiwave2/registration-table/find ] do={ :foreach Reg in=[ /interface/wireless/registration-table/find where ap=no ] do={ :local RegVal; :do { :set RegVal [ /caps-man/registration-table/get $Reg ]; + :set RegVal [ /interface/wifi/registration-table/get $Reg ]; :set RegVal [ /interface/wifiwave2/registration-table/get $Reg ]; :set RegVal [ /interface/wireless/registration-table/get $Reg ]; } on-error={ @@ -54,11 +59,13 @@ $ScriptLock $0 false 10; :if ([ :len ($RegVal->"mac-address") ] > 0) do={ :local AccessList ([ /caps-man/access-list/find where mac-address=($RegVal->"mac-address") ]->0); + :local AccessList ([ /interface/wifi/access-list/find where mac-address=($RegVal->"mac-address") ]->0); :local AccessList ([ /interface/wifiwave2/access-list/find where mac-address=($RegVal->"mac-address") ]->0); :local AccessList ([ /interface/wireless/access-list/find where mac-address=($RegVal->"mac-address") ]->0); :if ([ :len $AccessList ] > 0) do={ $LogPrintExit2 debug $0 ("MAC address " . $RegVal->"mac-address" . " already known: " . \ [ /caps-man/access-list/get $AccessList comment ]) false; + [ /interface/wifi/access-list/get $AccessList comment ]) false; [ /interface/wifiwave2/access-list/get $AccessList comment ]) false; [ /interface/wireless/access-list/get $AccessList comment ]) false; } @@ -87,6 +94,7 @@ $ScriptLock $0 false 10; "first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface"); $LogPrintExit2 info $0 $Message false; /caps-man/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; + /interface/wifi/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; /interface/wifiwave2/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; /interface/wireless/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; $SendNotification2 ({ origin=$0; \ diff --git a/collect-wireless-mac.wifi.rsc b/collect-wireless-mac.wifi.rsc new file mode 100644 index 0000000..40ad4d2 --- /dev/null +++ b/collect-wireless-mac.wifi.rsc @@ -0,0 +1,90 @@ +#!rsc by RouterOS +# RouterOS script: collect-wireless-mac.wifi +# Copyright (c) 2013-2023 Christian Hesse +# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# +# provides: lease-script, order=40 +# +# collect wireless mac adresses in access list +# https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md +# +# !! Do not edit this file, it is generated from template! + +:local 0 "collect-wireless-mac.wifi"; +:global GlobalFunctionsReady; +:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } + +:global Identity; + +:global EitherOr; +:global FormatLine; +:global FormatMultiLines; +:global GetMacVendor; +:global LogPrintExit2; +:global ScriptLock; +:global SendNotification2; +:global SymbolForNotification; + +$ScriptLock $0 false 10; + +:if ([ :len [ /interface/wifi/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ + /interface/wifi/access-list/add comment="--- collected above ---" disabled=yes; + $LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- collected above ---'.") false; +} +:local PlaceBefore ([ /interface/wifi/access-list/find where comment="--- collected above ---" disabled ]->0); + +:foreach Reg in=[ /interface/wifi/registration-table/find ] do={ + :local RegVal; + :do { + :set RegVal [ /interface/wifi/registration-table/get $Reg ]; + } on-error={ + $LogPrintExit2 debug $0 ("Device already gone... Ignoring.") false; + } + + :if ([ :len ($RegVal->"mac-address") ] > 0) do={ + :local AccessList ([ /interface/wifi/access-list/find where mac-address=($RegVal->"mac-address") ]->0); + :if ([ :len $AccessList ] > 0) do={ + $LogPrintExit2 debug $0 ("MAC address " . $RegVal->"mac-address" . " already known: " . \ + [ /interface/wifi/access-list/get $AccessList comment ]) false; + } + + :if ([ :len $AccessList ] = 0) do={ + :local Address "no dhcp lease"; + :local DnsName "no dhcp lease"; + :local HostName "no dhcp lease"; + :local Lease ([ /ip/dhcp-server/lease/find where active-mac-address=($RegVal->"mac-address") dynamic=yes status=bound ]->0); + :if ([ :len $Lease ] > 0) do={ + :set Address [ /ip/dhcp-server/lease/get $Lease active-address ]; + :set HostName [ $EitherOr [ /ip/dhcp-server/lease/get $Lease host-name ] "no hostname" ]; + :set DnsName "no dns name"; + :local DnsRec ([ /ip/dns/static/find where address=$Address ]->0); + :if ([ :len $DnsRec ] > 0) do={ + :set DnsName ({ [ /ip/dns/static/get $DnsRec name ] }); + :foreach CName in=[ /ip/dns/static/find where type=CNAME cname=($DnsName->0) ] do={ + :set DnsName ($DnsName, [ /ip/dns/static/get $CName name ]); + } + } + } + :local DateTime ([ /system/clock/get date ] . " " . [ /system/clock/get time ]); + :local Vendor [ $GetMacVendor ($RegVal->"mac-address") ]; + :local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \ + "first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface"); + $LogPrintExit2 info $0 $Message false; + /interface/wifi/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; + $SendNotification2 ({ origin=$0; \ + subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \ + message=("A device with unknown MAC address connected to " . $RegVal->"ssid" . " on " . $Identity . ".\n\n" . \ + [ $FormatLine "Controller" $Identity ] . "\n" . \ + [ $FormatLine "Interface" ($RegVal->"interface") ] . "\n" . \ + [ $FormatLine "SSID" ($RegVal->"ssid") ] . "\n" . \ + [ $FormatLine "MAC" ($RegVal->"mac-address") ] . "\n" . \ + [ $FormatLine "Vendor" $Vendor ] . "\n" . \ + [ $FormatLine "Hostname" $HostName ] . "\n" . \ + [ $FormatLine "Address" $Address ] . "\n" . \ + [ $FormatMultiLines "DNS name" $DnsName ] . "\n" . \ + [ $FormatLine "Date" $DateTime ]) }); + } + } else={ + $LogPrintExit2 debug $0 ("No mac address available... Ignoring.") false; + } +} diff --git a/doc/collect-wireless-mac.md b/doc/collect-wireless-mac.md index 6407c3a..e73cf58 100644 --- a/doc/collect-wireless-mac.md +++ b/doc/collect-wireless-mac.md @@ -22,11 +22,16 @@ and modify it to your needs. Requirements and installation ----------------------------- -Depending on whether you use `wifiwave2` package (`/interface/wifiwave2`) -or legacy wifi with CAPsMAN (`/caps-man`) or local wireless interface -(`/interface/wireless`) you need to install a different script. +Depending on whether you use `wifi` package (`/interface/wifi`), `wifiwave2` +package (`/interface/wifiwave2`), legacy wifi with CAPsMAN (`/caps-man`) +or local wireless interface (`/interface/wireless`) you need to install a +different script. -For `wifiwave2`: +For `wifi` (RouterOS 7.13 and later): + + $ScriptInstallUpdate collect-wireless-mac.wifi; + +For `wifiwave2` (up to RouterOS 7.12): $ScriptInstallUpdate collect-wireless-mac.wifiwave2; From 53103be32469cd58f0eafff64dbaa4a34fd29a3f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 14 Nov 2023 10:31:40 +0100 Subject: [PATCH 020/908] daily-psk: support new wifi package --- daily-psk.template.rsc | 9 ++++- daily-psk.wifi.rsc | 85 ++++++++++++++++++++++++++++++++++++++++++ doc/daily-psk.md | 22 ++++++++--- 3 files changed, 109 insertions(+), 7 deletions(-) create mode 100644 daily-psk.wifi.rsc diff --git a/daily-psk.template.rsc b/daily-psk.template.rsc index 1cb89d0..e7d9b54 100644 --- a/daily-psk.template.rsc +++ b/daily-psk.template.rsc @@ -56,17 +56,22 @@ $WaitFullyConnected; :local NewPsk [ $GeneratePSK $Date ]; :foreach AccList in=[ /caps-man/access-list/find where comment~$DailyPskMatchComment ] do={ +:foreach AccList in=[ /interface/wifi/access-list/find where comment~$DailyPskMatchComment ] do={ :foreach AccList in=[ /interface/wifiwave2/access-list/find where comment~$DailyPskMatchComment ] do={ :foreach AccList in=[ /interface/wireless/access-list/find where comment~$DailyPskMatchComment ] do={ :local SsidRegExp [ /caps-man/access-list/get $AccList ssid-regexp ]; + :local SsidRegExp [ /interface/wifi/access-list/get $AccList ssid-regexp ]; :local SsidRegExp [ /interface/wifiwave2/access-list/get $AccList ssid-regexp ]; :local Configuration ([ /caps-man/configuration/find where ssid~$SsidRegExp ]->0); + :local Configuration ([ /interface/wifi/configuration/find where ssid~$SsidRegExp ]->0); :local Configuration ([ /interface/wifiwave2/configuration/find where ssid~$SsidRegExp ]->0); :local Ssid [ /caps-man/configuration/get $Configuration ssid ]; + :local Ssid [ /interface/wifi/configuration/get $Configuration ssid ]; :local Ssid [ /interface/wifiwave2/configuration/get $Configuration ssid ]; :local OldPsk [ /caps-man/access-list/get $AccList private-passphrase ]; + :local OldPsk [ /interface/wifi/access-list/get $AccList passphrase ]; :local OldPsk [ /interface/wifiwave2/access-list/get $AccList passphrase ]; - # /caps-man/ /interface/wifiwave2/ above - /interface/wireless/ below + # /caps-man/ /interface/wifi/ /interface/wifiwave2/ above - /interface/wireless/ below :local IntName [ /interface/wireless/access-list/get $AccList interface ]; :local Ssid [ /interface/wireless/get $IntName ssid ]; :local OldPsk [ /interface/wireless/access-list/get $AccList private-pre-shared-key ]; @@ -75,10 +80,12 @@ $WaitFullyConnected; :if ($NewPsk != $OldPsk) do={ $LogPrintExit2 info $0 ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false; /caps-man/access-list/set $AccList private-passphrase=$NewPsk; + /interface/wifi/access-list/set $AccList passphrase=$NewPsk; /interface/wifiwave2/access-list/set $AccList passphrase=$NewPsk; /interface/wireless/access-list/set $AccList private-pre-shared-key=$NewPsk; :if ([ :len [ /caps-man/actual-interface-configuration/find where configuration.ssid=$Ssid !disabled ] ] > 0) do={ + :if ([ :len [ /interface/wifi/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={ :if ([ :len [ /interface/wifiwave2/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={ :if ([ :len [ /interface/wireless/find where name=$IntName !disabled ] ] = 1) do={ :if ($Seen->$Ssid = 1) do={ diff --git a/daily-psk.wifi.rsc b/daily-psk.wifi.rsc new file mode 100644 index 0000000..a8b1320 --- /dev/null +++ b/daily-psk.wifi.rsc @@ -0,0 +1,85 @@ +#!rsc by RouterOS +# RouterOS script: daily-psk.wifi +# Copyright (c) 2013-2023 Christian Hesse +# Michael Gisbers +# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# +# update daily PSK (pre shared key) +# https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md +# +# !! Do not edit this file, it is generated from template! + +:local 0 "daily-psk.wifi"; +:global GlobalFunctionsReady; +:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } + +:global DailyPskMatchComment; +:global DailyPskQrCodeUrl; +:global Identity; + +:global FormatLine; +:global LogPrintExit2; +:global ScriptLock; +:global SendNotification2; +:global SymbolForNotification; +:global UrlEncode; +:global WaitForFile; +:global WaitFullyConnected; + +$ScriptLock $0; +$WaitFullyConnected; + +# return pseudo-random string for PSK +:local GeneratePSK do={ + :local Date [ :tostr $1 ]; + + :global DailyPskSecrets; + + :global ParseDate; + + :set Date [ $ParseDate $Date ]; + + :local A ((14 - ($Date->"month")) / 12); + :local B (($Date->"year") - $A); + :local C (($Date->"month") + 12 * $A - 2); + :local WeekDay (7000 + ($Date->"day") + $B + ($B / 4) - ($B / 100) + ($B / 400) + ((31 * $C) / 12)); + :set WeekDay ($WeekDay - (($WeekDay / 7) * 7)); + + :return (($DailyPskSecrets->0->(($Date->"day") - 1)) . \ + ($DailyPskSecrets->1->(($Date->"month") - 1)) . \ + ($DailyPskSecrets->2->$WeekDay)); +} + +:local Seen ({}); +:local Date [ /system/clock/get date ]; +:local NewPsk [ $GeneratePSK $Date ]; + +:foreach AccList in=[ /interface/wifi/access-list/find where comment~$DailyPskMatchComment ] do={ + :local SsidRegExp [ /interface/wifi/access-list/get $AccList ssid-regexp ]; + :local Configuration ([ /interface/wifi/configuration/find where ssid~$SsidRegExp ]->0); + :local Ssid [ /interface/wifi/configuration/get $Configuration ssid ]; + :local OldPsk [ /interface/wifi/access-list/get $AccList passphrase ]; + :local Skip 0; + + :if ($NewPsk != $OldPsk) do={ + $LogPrintExit2 info $0 ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false; + /interface/wifi/access-list/set $AccList passphrase=$NewPsk; + + :if ([ :len [ /interface/wifi/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={ + :if ($Seen->$Ssid = 1) do={ + $LogPrintExit2 debug $0 ("Already sent a mail for SSID " . $Ssid . ", skipping.") false; + } else={ + :local Link ($DailyPskQrCodeUrl . \ + "?scale=8&level=1&ssid=" . [ $UrlEncode $Ssid ] . "&pass=" . [ $UrlEncode $NewPsk ]); + $SendNotification2 ({ origin=$0; \ + subject=([ $SymbolForNotification "calendar" ] . "daily PSK " . $Ssid); \ + message=("This is the daily PSK on " . $Identity . ":\n\n" . \ + [ $FormatLine "SSID" $Ssid ] . "\n" . \ + [ $FormatLine "PSK" $NewPsk ] . "\n" . \ + [ $FormatLine "Date" $Date ] . "\n\n" . \ + "A client device specific rule must not exist!"); link=$Link }); + :set ($Seen->$Ssid) 1; + } + } + } +} diff --git a/doc/daily-psk.md b/doc/daily-psk.md index f551e46..6eb656c 100644 --- a/doc/daily-psk.md +++ b/doc/daily-psk.md @@ -21,12 +21,18 @@ Requirements and installation Just install this script. -Depending on whether you use `wifiwave2` package (`/interface/wifiwave2`) -or legacy wifi with CAPsMAN (`/caps-man`) or local wireless interface -(`/interface/wireless`) you need to install a different script and add -schedulers to run the script: +Depending on whether you use `wifi` package (`/interface/wifi`), `wifiwave2` +package (`/interface/wifiwave2`), legacy wifi with CAPsMAN (`/caps-man`) +or local wireless interface (`/interface/wireless`) you need to install a +different script and add schedulers to run the script: -For `wifiwave2`: +For `wifi` (RouterOS 7.13 and later): + + $ScriptInstallUpdate daily-psk.wifi; + /system/scheduler/add interval=1d name=daily-psk on-event="/system/script/run daily-psk.wifi;" start-time=03:00:00; + /system/scheduler/add name=daily-psk@startup on-event="/system/script/run daily-psk.wifi;" start-time=startup; + +For `wifiwave2` (up to RouterOS 7.12): $ScriptInstallUpdate daily-psk.wifiwave2; /system/scheduler/add interval=1d name=daily-psk on-event="/system/script/run daily-psk.wifiwave2;" start-time=03:00:00; @@ -58,7 +64,11 @@ The configuration goes to `global-config-overlay`, these are the parameters: > [`global-config`](../global-config.rsc) (the one without `-overlay`) to > your local `global-config-overlay` and modify it to your specific needs. -Then add an access list entry. For `wifiwave2`: +Then add an access list entry. For `wifi` (RouterOS 7.13 and later): + + /interface/wifi/access-list/add comment="Daily PSK" ssid-regexp="-guest\$" passphrase="ToBeChangedDaily"; + +For `wifiwave2` (up to RouterOS 7.12): /interface/wifiwave2/access-list/add comment="Daily PSK" ssid-regexp="-guest\$" passphrase="ToBeChangedDaily"; From fe1f4385029f4ab43880eebfd2491ba668caa7e5 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 14 Nov 2023 10:35:17 +0100 Subject: [PATCH 021/908] dhcp-lease-comment: support new wifi package --- dhcp-lease-comment.template.rsc | 2 ++ dhcp-lease-comment.wifi.rsc | 33 +++++++++++++++++++++++++++++++++ doc/dhcp-lease-comment.md | 13 +++++++++---- 3 files changed, 44 insertions(+), 4 deletions(-) create mode 100644 dhcp-lease-comment.wifi.rsc diff --git a/dhcp-lease-comment.template.rsc b/dhcp-lease-comment.template.rsc index 0f16285..05b1254 100644 --- a/dhcp-lease-comment.template.rsc +++ b/dhcp-lease-comment.template.rsc @@ -24,10 +24,12 @@ $ScriptLock $0; :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; :local NewComment; :local AccessList ([ /caps-man/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); + :local AccessList ([ /interface/wifi/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); :local AccessList ([ /interface/wifiwave2/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); :local AccessList ([ /interface/wireless/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); :if ([ :len $AccessList ] > 0) do={ :set NewComment [ /caps-man/access-list/get $AccessList comment ]; + :set NewComment [ /interface/wifi/access-list/get $AccessList comment ]; :set NewComment [ /interface/wifiwave2/access-list/get $AccessList comment ]; :set NewComment [ /interface/wireless/access-list/get $AccessList comment ]; } diff --git a/dhcp-lease-comment.wifi.rsc b/dhcp-lease-comment.wifi.rsc new file mode 100644 index 0000000..fe34b09 --- /dev/null +++ b/dhcp-lease-comment.wifi.rsc @@ -0,0 +1,33 @@ +#!rsc by RouterOS +# RouterOS script: dhcp-lease-comment.wifi +# Copyright (c) 2013-2023 Christian Hesse +# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# +# provides: lease-script, order=60 +# +# update dhcp-server lease comment with infos from access-list +# https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md +# +# !! Do not edit this file, it is generated from template! + +:local 0 "dhcp-lease-comment.wifi"; +:global GlobalFunctionsReady; +:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } + +:global LogPrintExit2; +:global ScriptLock; + +$ScriptLock $0; + +:foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={ + :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; + :local NewComment; + :local AccessList ([ /interface/wifi/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); + :if ([ :len $AccessList ] > 0) do={ + :set NewComment [ /interface/wifi/access-list/get $AccessList comment ]; + } + :if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={ + $LogPrintExit2 info $0 ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment) false; + /ip/dhcp-server/lease/set comment=$NewComment $Lease; + } +} diff --git a/doc/dhcp-lease-comment.md b/doc/dhcp-lease-comment.md index cd29641..ae0edfb 100644 --- a/doc/dhcp-lease-comment.md +++ b/doc/dhcp-lease-comment.md @@ -15,11 +15,16 @@ from wireless access list. Requirements and installation ----------------------------- -Depending on whether you use `wifiwave2` package (`/interface/wifiwave2`) -or legacy wifi with CAPsMAN (`/caps-man`) or local wireless interface -(`/interface/wireless`) you need to install a different script. +Depending on whether you use `wifi` package (`/interface/wifi`), `wifiwave2` +package (`/interface/wifiwave2`), legacy wifi with CAPsMAN (`/caps-man`) +or local wireless interface (`/interface/wireless`) you need to install a +different script. -For `wifiwave2`: +For `wifi` (RouterOS 7.13 and later): + + $ScriptInstallUpdate dhcp-lease-comment.wifi; + +For `wifiwave2` (up to RouterOS 7.12): $ScriptInstallUpdate dhcp-lease-comment.wifiwave2; From 97383dfbfb872b62ec68e654c2966745943d4cca Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 14 Nov 2023 10:36:22 +0100 Subject: [PATCH 022/908] hotspot-to-wpa{,-cleanup}: support new wifi package --- doc/hotspot-to-wpa.md | 28 ++++++++-- hotspot-to-wpa-cleanup.template.rsc | 6 ++ hotspot-to-wpa-cleanup.wifi.rsc | 69 +++++++++++++++++++++++ hotspot-to-wpa.template.rsc | 16 ++++++ hotspot-to-wpa.wifi.rsc | 86 +++++++++++++++++++++++++++++ 5 files changed, 199 insertions(+), 6 deletions(-) create mode 100644 hotspot-to-wpa-cleanup.wifi.rsc create mode 100644 hotspot-to-wpa.wifi.rsc diff --git a/doc/hotspot-to-wpa.md b/doc/hotspot-to-wpa.md index 4909eef..f0ffce9 100644 --- a/doc/hotspot-to-wpa.md +++ b/doc/hotspot-to-wpa.md @@ -19,11 +19,18 @@ Requirements and installation You need a properly configured hotspot on one (open) SSID and a WP2 enabled SSID with suffix "`-wpa`". -Then install the script. Depending on whether you use `wifiwave2` package -(`/interface/wifiwave2`) or legacy wifi with CAPsMAN (`/caps-man`) you need -to install a different script and set it as `on-login` script in hotspot. +Then install the script. +Depending on whether you use `wifi` package (`/interface/wifi`), `wifiwave2` +package (`/interface/wifiwave2`) or legacy wifi with CAPsMAN (`/caps-man`) +you need to install a different script and set it as `on-login` script in +hotspot. -For `wifiwave2`: +For `wifi` (RouterOS 7.13 and later): + + $ScriptInstallUpdate hotspot-to-wpa.wifi; + /ip/hotspot/user/profile/set on-login="hotspot-to-wpa.wifi" [ find ]; + +For `wifiwave2` (up to RouterOS 7.12): $ScriptInstallUpdate hotspot-to-wpa.wifiwave2; /ip/hotspot/user/profile/set on-login="hotspot-to-wpa.wifiwave2" [ find ]; @@ -39,7 +46,12 @@ With just `hotspot-to-wpa` installed the mac addresses will last in the access list forever. Install the optional script for automatic cleanup and add a scheduler. -For `wifiwave2`: +For `wifi` (RouterOS 7.13 and later): + + $ScriptInstallUpdate hotspot-to-wpa-cleanup.wifi,lease-script; + /system/scheduler/add interval=1d name=hotspot-to-wpa-cleanup on-event="/system/script/run hotspot-to-wpa-cleanup.wifi;" start-time=startup; + +For `wifiwave2` (up to RouterOS 7.12): $ScriptInstallUpdate hotspot-to-wpa-cleanup.wifiwave2,lease-script; /system/scheduler/add interval=1d name=hotspot-to-wpa-cleanup on-event="/system/script/run hotspot-to-wpa-cleanup.wifiwave2;" start-time=startup; @@ -86,7 +98,11 @@ Additionally templates can be created to give more options for access list: * `vlan-mode`: set the VLAN mode for device For a hotspot called `example` the template could look like this. For -`wifiwave2`: +`wifi` (RouterOS 7.13 and later): + + /interface/wifi/access-list/add comment="hotspot-to-wpa template example" disabled=yes private-passphrase="ignore" ssid-regexp="^example\$" vlan-id=10; + +For `wifiwave2` (up to RouterOS 7.12): /interface/wifiwave2/access-list/add comment="hotspot-to-wpa template example" disabled=yes private-passphrase="ignore" ssid-regexp="^example\$" vlan-id=10; diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc index d033b20..0f89cec 100644 --- a/hotspot-to-wpa-cleanup.template.rsc +++ b/hotspot-to-wpa-cleanup.template.rsc @@ -36,8 +36,10 @@ $ScriptLock $0 false 10; } :foreach Client in=[ /caps-man/registration-table/find where comment~"^hotspot-to-wpa:" ] do={ +:foreach Client in=[ /interface/wifi/registration-table/find where comment~"^hotspot-to-wpa:" ] do={ :foreach Client in=[ /interface/wifiwave2/registration-table/find where comment~"^hotspot-to-wpa:" ] do={ :local ClientVal [ /caps-man/registration-table/get $Client ]; + :local ClientVal [ /interface/wifi/registration-table/get $Client ]; :local ClientVal [ /interface/wifiwave2/registration-table/get $Client ]; :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \ mac-address=($ClientVal->"mac-address") ] do={ @@ -51,15 +53,18 @@ $ScriptLock $0 false 10; } :foreach Client in=[ /caps-man/access-list/find where comment~"^hotspot-to-wpa:" \ +:foreach Client in=[ /interface/wifi/access-list/find where comment~"^hotspot-to-wpa:" \ :foreach Client in=[ /interface/wifiwave2/access-list/find where comment~"^hotspot-to-wpa:" \ !(comment~[ /system/clock/get date ]) ] do={ :local ClientVal [ /caps-man/access-list/get $Client ]; + :local ClientVal [ /interface/wifi/access-list/get $Client ]; :local ClientVal [ /interface/wifiwave2/access-list/get $Client ]; :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \ mac-address=($ClientVal->"mac-address") ] ] = 0) do={ $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \ " did not connect to WPA, removing from access list.") false; /caps-man/access-list/remove $Client; + /interface/wifi/access-list/remove $Client; /interface/wifiwave2/access-list/remove $Client; } } @@ -71,6 +76,7 @@ $ScriptLock $0 false 10; $LogPrintExit2 info $0 ("Client with mac address " . ($LeaseVal->"mac-address") . \ " was not seen for " . ($LeaseVal->"last-seen") . ", removing.") false; /caps-man/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ + /interface/wifi/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ /interface/wifiwave2/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ mac-address=($LeaseVal->"mac-address") ]; /ip/dhcp-server/lease/remove $Lease; diff --git a/hotspot-to-wpa-cleanup.wifi.rsc b/hotspot-to-wpa-cleanup.wifi.rsc new file mode 100644 index 0000000..1cee316 --- /dev/null +++ b/hotspot-to-wpa-cleanup.wifi.rsc @@ -0,0 +1,69 @@ +#!rsc by RouterOS +# RouterOS script: hotspot-to-wpa-cleanup.wifi +# Copyright (c) 2021-2023 Christian Hesse +# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# +# provides: lease-script, order=80 +# requires RouterOS, version=7.12beta3 +# +# manage and clean up private WPA passphrase after hotspot login +# https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md +# +# !! Do not edit this file, it is generated from template! + +:local 0 "hotspot-to-wpa-cleanup.wifi"; +:global GlobalFunctionsReady; +:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } + +:global EitherOr; +:global LogPrintExit2; +:global ParseKeyValueStore; +:global ScriptLock; + +$ScriptLock $0 false 10; + +:local DHCPServers ({}); +:foreach Server in=[ /ip/dhcp-server/find where comment~"hotspot-to-wpa" ] do={ + :local ServerVal [ /ip/dhcp-server/get $Server ] + :local ServerInfo [ $ParseKeyValueStore ($ServerVal->"comment") ]; + :if (($ServerInfo->"hotspot-to-wpa") = "wpa") do={ + :set ($DHCPServers->($ServerVal->"name")) \ + [ :totime [ $EitherOr ($ServerInfo->"timeout") 4w ] ]; + } +} + +:foreach Client in=[ /interface/wifi/registration-table/find where comment~"^hotspot-to-wpa:" ] do={ + :local ClientVal [ /interface/wifi/registration-table/get $Client ]; + :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \ + mac-address=($ClientVal->"mac-address") ] do={ + :if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) > 0s) do={ + $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \ + " connected to WPA, making lease static.") false; + /ip/dhcp-server/lease/make-static $Lease; + /ip/dhcp-server/lease/set comment=($ClientVal->"comment") $Lease; + } + } +} + +:foreach Client in=[ /interface/wifi/access-list/find where comment~"^hotspot-to-wpa:" \ + !(comment~[ /system/clock/get date ]) ] do={ + :local ClientVal [ /interface/wifi/access-list/get $Client ]; + :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \ + mac-address=($ClientVal->"mac-address") ] ] = 0) do={ + $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \ + " did not connect to WPA, removing from access list.") false; + /interface/wifi/access-list/remove $Client; + } +} + +:foreach Server,Timeout in=$DHCPServers do={ + :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \ + server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={ + :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; + $LogPrintExit2 info $0 ("Client with mac address " . ($LeaseVal->"mac-address") . \ + " was not seen for " . ($LeaseVal->"last-seen") . ", removing.") false; + /interface/wifi/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ + mac-address=($LeaseVal->"mac-address") ]; + /ip/dhcp-server/lease/remove $Lease; + } +} diff --git a/hotspot-to-wpa.template.rsc b/hotspot-to-wpa.template.rsc index 5443271..a858285 100644 --- a/hotspot-to-wpa.template.rsc +++ b/hotspot-to-wpa.template.rsc @@ -36,22 +36,28 @@ $ScriptLock $0; :local Hotspot [ /ip/hotspot/host/get [ find where mac-address=$MacAddress authorized ] server ]; :if ([ :len [ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ +:if ([ :len [ /interface/wifi/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ :if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ /caps-man/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; + /interface/wifi/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; /interface/wifiwave2/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; $LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'.") false; } :local PlaceBefore ([ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); +:local PlaceBefore ([ /interface/wifi/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); :local PlaceBefore ([ /interface/wifiwave2/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); :if ([ :len [ /caps-man/access-list/find where \ +:if ([ :len [ /interface/wifi/access-list/find where \ :if ([ :len [ /interface/wifiwave2/access-list/find where \ comment=("hotspot-to-wpa template " . $Hotspot) disabled ] ] = 0) do={ /caps-man/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; + /interface/wifi/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; /interface/wifiwave2/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; $LogPrintExit2 warning $0 ("Added template in access-list for hotspot '" . $Hotspot . "'.") false; } :local Template [ /caps-man/access-list/get ([ find where \ +:local Template [ /interface/wifi/access-list/get ([ find where \ :local Template [ /interface/wifiwave2/access-list/get ([ find where \ comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ]; @@ -65,13 +71,16 @@ $ScriptLock $0; $LogPrintExit2 info $0 ("Adding/updating access-list entry for mac address " . $MacAddress . \ " (user " . $UserName . ").") false; /caps-man/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; +/interface/wifi/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; /interface/wifiwave2/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; /caps-man/access-list/add private-passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ +/interface/wifi/access-list/add passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ /interface/wifiwave2/access-list/add passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ mac-address=$MacAddress comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \ action=reject place-before=$PlaceBefore; :local Entry [ /caps-man/access-list/find where mac-address=$MacAddress \ +:local Entry [ /interface/wifi/access-list/find where mac-address=$MacAddress \ :local Entry [ /interface/wifiwave2/access-list/find where mac-address=$MacAddress \ comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) ]; # NOT /caps-man/ # @@ -81,29 +90,36 @@ $LogPrintExit2 info $0 ("Adding/updating access-list entry for mac address " . $ :if ([ :len $PrivatePassphrase ] > 0) do={ :if ($PrivatePassphrase = "ignore") do={ /caps-man/access-list/set $Entry !private-passphrase; + /interface/wifi/access-list/set $Entry !passphrase; /interface/wifiwave2/access-list/set $Entry !passphrase; } else={ /caps-man/access-list/set $Entry private-passphrase=$PrivatePassphrase; + /interface/wifi/access-list/set $Entry passphrase=$PrivatePassphrase; /interface/wifiwave2/access-list/set $Entry passphrase=$PrivatePassphrase; } } :local SsidRegexp [ $EitherOr ($UserInfo->"ssid-regexp") ($Template->"ssid-regexp") ]; :if ([ :len $SsidRegexp ] > 0) do={ /caps-man/access-list/set $Entry ssid-regexp=$SsidRegexp; + /interface/wifi/access-list/set $Entry ssid-regexp=$SsidRegexp; /interface/wifiwave2/access-list/set $Entry ssid-regexp=$SsidRegexp; } :local VlanId [ $EitherOr ($UserInfo->"vlan-id") ($Template->"vlan-id") ]; :if ([ :len $VlanId ] > 0) do={ /caps-man/access-list/set $Entry vlan-id=$VlanId; + /interface/wifi/access-list/set $Entry vlan-id=$VlanId; /interface/wifiwave2/access-list/set $Entry vlan-id=$VlanId; } +# NOT /interface/wifi/ # # NOT /interface/wifiwave2/ # :local VlanMode [ $EitherOr ($UserInfo->"vlan-mode") ($Template->"vlan-mode") ]; :if ([ :len $VlanMode] > 0) do={ /caps-man/access-list/set $Entry vlan-mode=$VlanMode; } # NOT /interface/wifiwave2/ # +# NOT /interface/wifi/ # :delay 2s; /caps-man/access-list/set $Entry action=accept; +/interface/wifi/access-list/set $Entry action=accept; /interface/wifiwave2/access-list/set $Entry action=accept; diff --git a/hotspot-to-wpa.wifi.rsc b/hotspot-to-wpa.wifi.rsc new file mode 100644 index 0000000..f7c99a9 --- /dev/null +++ b/hotspot-to-wpa.wifi.rsc @@ -0,0 +1,86 @@ +#!rsc by RouterOS +# RouterOS script: hotspot-to-wpa.wifi +# Copyright (c) 2019-2023 Christian Hesse +# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# +# add private WPA passphrase after hotspot login +# https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md +# +# !! Do not edit this file, it is generated from template! + +:local 0 "hotspot-to-wpa.wifi"; +:global GlobalFunctionsReady; +:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } + +:global EitherOr; +:global LogPrintExit2; +:global ParseKeyValueStore; +:global ScriptLock; + +$ScriptLock $0; + +:local MacAddress $"mac-address"; +:local UserName $username; + +:if ([ :typeof $MacAddress ] = "nothing" || [ :typeof $UserName ] = "nothing") do={ + $LogPrintExit2 error $0 ("This script is supposed to run from hotspot on login.") true; +} + +:local Date [ /system/clock/get date ]; +:local UserVal ({}); +:if ([ :len [ /ip/hotspot/user/find where name=$UserName ] ] > 0) do={ + :set UserVal [ /ip/hotspot/user/get [ find where name=$UserName ] ]; +} +:local UserInfo [ $ParseKeyValueStore ($UserVal->"comment") ]; +:local Hotspot [ /ip/hotspot/host/get [ find where mac-address=$MacAddress authorized ] server ]; + +:if ([ :len [ /interface/wifi/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ + /interface/wifi/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; + $LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'.") false; +} +:local PlaceBefore ([ /interface/wifi/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); + +:if ([ :len [ /interface/wifi/access-list/find where \ + comment=("hotspot-to-wpa template " . $Hotspot) disabled ] ] = 0) do={ + /interface/wifi/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; + $LogPrintExit2 warning $0 ("Added template in access-list for hotspot '" . $Hotspot . "'.") false; +} +:local Template [ /interface/wifi/access-list/get ([ find where \ + comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ]; + +:if ($Template->"action" = "reject") do={ + $LogPrintExit2 info $0 ("Ignoring login for hotspot '" . $Hotspot . "'.") true; +} + +# allow login page to load +:delay 1s; + +$LogPrintExit2 info $0 ("Adding/updating access-list entry for mac address " . $MacAddress . \ + " (user " . $UserName . ").") false; +/interface/wifi/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; +/interface/wifi/access-list/add passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ + mac-address=$MacAddress comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \ + action=reject place-before=$PlaceBefore; + +:local Entry [ /interface/wifi/access-list/find where mac-address=$MacAddress \ + comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) ]; +:set ($Template->"private-passphrase") ($Template->"passphrase"); +:local PrivatePassphrase [ $EitherOr ($UserInfo->"private-passphrase") ($Template->"private-passphrase") ]; +:if ([ :len $PrivatePassphrase ] > 0) do={ + :if ($PrivatePassphrase = "ignore") do={ + /interface/wifi/access-list/set $Entry !passphrase; + } else={ + /interface/wifi/access-list/set $Entry passphrase=$PrivatePassphrase; + } +} +:local SsidRegexp [ $EitherOr ($UserInfo->"ssid-regexp") ($Template->"ssid-regexp") ]; +:if ([ :len $SsidRegexp ] > 0) do={ + /interface/wifi/access-list/set $Entry ssid-regexp=$SsidRegexp; +} +:local VlanId [ $EitherOr ($UserInfo->"vlan-id") ($Template->"vlan-id") ]; +:if ([ :len $VlanId ] > 0) do={ + /interface/wifi/access-list/set $Entry vlan-id=$VlanId; +} + +:delay 2s; +/interface/wifi/access-list/set $Entry action=accept; From 4c3430fbb66489e11174caed38ccf8593d5903cb Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 14 Nov 2023 17:39:41 +0100 Subject: [PATCH 023/908] notify about parted scripts for wifi package --- global-functions.rsc | 2 +- news-and-changes.rsc | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 90ed0b6..f0446bd 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -12,7 +12,7 @@ :local 0 "global-functions"; # expected configuration version -:global ExpectedConfigVersion 113; +:global ExpectedConfigVersion 114; # global variables not to be changed by user :global GlobalFunctionsReady false; diff --git a/news-and-changes.rsc b/news-and-changes.rsc index 64e114f..d0b3820 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -27,6 +27,7 @@ 111="Modified 'dhcp-to-dns' to allow multiple records for one mac address."; 112="Enhanced 'mod/ssh-keys-import' to record the fingerprint of keys."; 113="Added helper functions for easier setup to Matrix notification module."; + 114="All relevant scripts were ported to new wifi package for RouterOS 7.13 and later. Migration is complex and thus not done automatically!"; }; # Migration steps to be applied on script updates From 890cd6c58d3de7e91a95c4593243d30f1b6234af Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 11:36:47 +0100 Subject: [PATCH 024/908] global-functions: introduce $HumanReadableNum --- global-functions.rsc | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index f0446bd..090269d 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -38,6 +38,7 @@ :global GetRandomNumber; :global Grep; :global HexToNum; +:global HumanReadableNum; :global IfThenElse; :global IsDefaultRouteReachable; :global IsDNSResolving; @@ -465,6 +466,36 @@ :return $Return; } +# return human readable number +:global HumanReadableNum do={ + :local Input [ :tonum $1 ]; + :local Base [ :tonum $2 ]; + + :global EitherOr; + + :local Prefix "kMGTPE"; + :local Pow 1; + + :set Base [ $EitherOr $Base 1024 ]; + + :if ($Input < $Base) do={ + :return $Input; + } + + :for I from=0 to=[ :len $Prefix ] do={ + :set Pow ($Pow * $Base); + :if ($Input / $Base < $Pow) do={ + :set Prefix [ :pick $Prefix $I ]; + :local Tmp1 ($Input * 100 / $Pow); + :local Tmp2 ($Tmp1 / 100); + :if ($Tmp2 >= 100) do={ + :return ($Tmp2 . $Prefix); + } + :return ($Tmp2 . "." . [ :pick $Tmp1 [ :len $Tmp2 ] ([ :len $Tmp1 ] - [ :len $Tmp2 ] + 1) ] . $Prefix); + } + } +} + # mimic conditional/ternary operator (condition ? consequent : alternative) :set IfThenElse do={ :if ([ :tostr $1 ] = "true" || [ :tobool $1 ] = true) do={ From 180d6b8733504cab058aaf4928a54e24b980c696 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 11:44:38 +0100 Subject: [PATCH 025/908] backup-cloud: use $HumanReadableNum for file size --- backup-cloud.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/backup-cloud.rsc b/backup-cloud.rsc index 934edb9..c1bbe11 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -18,6 +18,7 @@ :global DeviceInfo; :global FormatLine; +:global HumanReadableNum; :global LogPrintExit2; :global RandomDelay; :global ScriptFromTerminal; @@ -51,7 +52,7 @@ $WaitFullyConnected; message=("Uploaded backup for " . $Identity . " to cloud.\n\n" . \ [ $DeviceInfo ] . "\n\n" . \ [ $FormatLine "Name" ($Cloud->"name") ] . "\n" . \ - [ $FormatLine "Size" ($Cloud->"size" . " B (" . ($Cloud->"size" / 1024) . " KiB)") ] . "\n" . \ + [ $FormatLine "Size" ([ $HumanReadableNum ($Cloud->"size") 1024 ] . "iB") ] . "\n" . \ [ $FormatLine "Download key" ($Cloud->"secret-download-key") ]); silent=true }); } on-error={ $SendNotification2 ({ origin=$0; \ From 4d70b7fea4f744df13591b0535a68cd48a092165 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 14:06:40 +0100 Subject: [PATCH 026/908] backup-upload: give more info on files --- backup-upload.rsc | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) diff --git a/backup-upload.rsc b/backup-upload.rsc index 4c8af4a..46b4c7b 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -26,6 +26,7 @@ :global CharacterReplace; :global DeviceInfo; :global FormatLine; +:global HumanReadableNum; :global IfThenElse; :global LogPrintExit2; :global MkDir; @@ -70,7 +71,8 @@ $WaitFullyConnected; :do { /tool/fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".backup") \ user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".backup"); - :set BackupFile ($FileName . ".backup"); + :set BackupFile [ /file/get ($FilePath . ".backup") ]; + :set ($BackupFile->"name") ($FileName . ".backup"); } on-error={ $LogPrintExit2 error $0 ("Uploading backup file failed!") false; :set BackupFile "failed"; @@ -88,7 +90,8 @@ $WaitFullyConnected; :do { /tool/fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".rsc") \ user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".rsc"); - :set ExportFile ($FileName . ".rsc"); + :set ExportFile [ /file/get ($FilePath . ".rsc") ]; + :set ($ExportFile->"name") ($FileName . ".rsc"); } on-error={ $LogPrintExit2 error $0 ("Uploading configuration export failed!") false; :set ExportFile "failed"; @@ -108,7 +111,8 @@ $WaitFullyConnected; :do { /tool/fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".conf") \ user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".conf.txt"); - :set ConfigFile ($FileName . ".conf"); + :set ConfigFile [ /file/get ($FilePath . ".conf") ]; + :set ($ConfigFile->"name") ($FileName . ".conf"); } on-error={ $LogPrintExit2 error $0 ("Uploading global-config-overlay failed!") false; :set ConfigFile "failed"; @@ -124,9 +128,18 @@ $SendNotification2 ({ origin=$0; \ ([ $SymbolForNotification "floppy-disk,up-arrow" ] . "Backup & Config upload") ]; \ message=("Backup and config export upload for " . $Identity . ".\n\n" . \ [ $DeviceInfo ] . "\n\n" . \ - [ $FormatLine "Backup file" $BackupFile ] . "\n" . \ - [ $FormatLine "Export file" $ExportFile ] . "\n" . \ - [ $FormatLine "Config file" $ConfigFile ]); silent=true }); + [ $IfThenElse ([ :typeof $BackupFile ] = "array") \ + ("Backup file:\n" . [ $FormatLine " name" ($BackupFile->"name") ] . "\n" . \ + [ $FormatLine " size" [ $HumanReadableNum ($BackupFile->"size") 1024 ] ]) \ + [ $FormatLine "Backup file" $BackupFile ] ] . "\n" . \ + [ $IfThenElse ([ :typeof $ExportFile ] = "array") \ + ("Export file:\n" . [ $FormatLine " name" ($ExportFile->"name") ] . "\n" . \ + [ $FormatLine " size" [ $HumanReadableNum ($ExportFile->"size") 1024 ] ]) \ + [ $FormatLine "Export file" $ExportFile ] ] . "\n" . \ + [ $IfThenElse ([ :typeof $ConfigFile ] = "array") \ + ("Config file:\n" . [ $FormatLine " name" ($ConfigFile->"name") ] . "\n" . \ + [ $FormatLine " size" [ $HumanReadableNum ($ConfigFile->"size") 1024 ] ]) \ + [ $FormatLine "Config file" $ConfigFile ] ]); silent=true }); :if ($Failed = 1) do={ :error "An error occured!"; From 5f457e5c37ee58f592ca677766515725212a5fad Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 14:22:55 +0100 Subject: [PATCH 027/908] backup-upload: build file info in a function --- backup-upload.rsc | 32 ++++++++++++++++++-------------- 1 file changed, 18 insertions(+), 14 deletions(-) diff --git a/backup-upload.rsc b/backup-upload.rsc index 46b4c7b..5c5e37e 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -25,8 +25,6 @@ :global CharacterReplace; :global DeviceInfo; -:global FormatLine; -:global HumanReadableNum; :global IfThenElse; :global LogPrintExit2; :global MkDir; @@ -122,24 +120,30 @@ $WaitFullyConnected; /file/remove ($FilePath . ".conf.txt"); } +:local FileInfo do={ + :local Name $1; + :local File $2; + + :global FormatLine; + :global HumanReadableNum; + :global IfThenElse; + + :return \ + [ $IfThenElse ([ :typeof $File ] = "array") \ + ($Name . ":\n" . [ $FormatLine " name" ($File->"name") ] . "\n" . \ + [ $FormatLine " size" ([ $HumanReadableNum ($File->"size") 1024 ] . "iB") ]) \ + [ $FormatLine $Name $File ] ]; +} + $SendNotification2 ({ origin=$0; \ subject=[ $IfThenElse ($Failed > 0) \ ([ $SymbolForNotification "floppy-disk,warning-sign" ] . "Backup & Config upload with failure") \ ([ $SymbolForNotification "floppy-disk,up-arrow" ] . "Backup & Config upload") ]; \ message=("Backup and config export upload for " . $Identity . ".\n\n" . \ [ $DeviceInfo ] . "\n\n" . \ - [ $IfThenElse ([ :typeof $BackupFile ] = "array") \ - ("Backup file:\n" . [ $FormatLine " name" ($BackupFile->"name") ] . "\n" . \ - [ $FormatLine " size" [ $HumanReadableNum ($BackupFile->"size") 1024 ] ]) \ - [ $FormatLine "Backup file" $BackupFile ] ] . "\n" . \ - [ $IfThenElse ([ :typeof $ExportFile ] = "array") \ - ("Export file:\n" . [ $FormatLine " name" ($ExportFile->"name") ] . "\n" . \ - [ $FormatLine " size" [ $HumanReadableNum ($ExportFile->"size") 1024 ] ]) \ - [ $FormatLine "Export file" $ExportFile ] ] . "\n" . \ - [ $IfThenElse ([ :typeof $ConfigFile ] = "array") \ - ("Config file:\n" . [ $FormatLine " name" ($ConfigFile->"name") ] . "\n" . \ - [ $FormatLine " size" [ $HumanReadableNum ($ConfigFile->"size") 1024 ] ]) \ - [ $FormatLine "Config file" $ConfigFile ] ]); silent=true }); + [ $FileInfo "Backup file" $BackupFile ] . "\n" . \ + [ $FileInfo "Export file" $ExportFile ] . "\n" . \ + [ $FileInfo "Config file" $ConfigFile ]); silent=true }); :if ($Failed = 1) do={ :error "An error occured!"; From 23c5c461a6a3a6eb26df0e34b67bf537287c096a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 15:02:39 +0100 Subject: [PATCH 028/908] check-health: use $HumanReadableNum for RAM utilization --- check-health.rsc | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/check-health.rsc b/check-health.rsc index 3ada4c8..e7977f7 100644 --- a/check-health.rsc +++ b/check-health.rsc @@ -22,6 +22,7 @@ :global Identity; :global FormatLine; +:global HumanReadableNum; :global IfThenElse; :global LogPrintExit2; :global ScriptLock; @@ -57,9 +58,9 @@ $ScriptLock $0; $SendNotification2 ({ origin=$0; \ subject=([ $SymbolForNotification "card-file-box,chart-increasing" ] . "Health warning: RAM utilization"); \ message=("The RAM utilization on " . $Identity . " is at " . $CheckHealthRAMUtilization . "%!\n\n" . \ - [ $FormatLine "total" (($Resource->"total-memory" / 1024 / 1024) . " MiB") ] . "\n" . \ - [ $FormatLine "used" ((($Resource->"total-memory" - $Resource->"free-memory") / 1024 / 1024) . " MiB") ] . "\n" . \ - [ $FormatLine "free" (($Resource->"free-memory" / 1024 / 1024) . " MiB") ]) }); + [ $FormatLine "total" ([ $HumanReadableNum ($Resource->"total-memory") 1024 ] . "iB") ] . "\n" . \ + [ $FormatLine "used" ([ $HumanReadableNum ($Resource->"total-memory" - $Resource->"free-memory") 1024 ] . "iB") ] . "\n" . \ + [ $FormatLine "free" ([ $HumanReadableNum ($Resource->"free-memory") 1024 ] . "iB") ]) }); :set CheckHealthRAMUtilizationNotified true; } :if ($CheckHealthRAMUtilization < 70 && $CheckHealthRAMUtilizationNotified = true) do={ From c7e2ff71e6d2308c96e32ad62174fb756892bcc7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 15:07:07 +0100 Subject: [PATCH 029/908] check-health: decrease indention in messages --- check-health.rsc | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/check-health.rsc b/check-health.rsc index e7977f7..ff47968 100644 --- a/check-health.rsc +++ b/check-health.rsc @@ -58,9 +58,9 @@ $ScriptLock $0; $SendNotification2 ({ origin=$0; \ subject=([ $SymbolForNotification "card-file-box,chart-increasing" ] . "Health warning: RAM utilization"); \ message=("The RAM utilization on " . $Identity . " is at " . $CheckHealthRAMUtilization . "%!\n\n" . \ - [ $FormatLine "total" ([ $HumanReadableNum ($Resource->"total-memory") 1024 ] . "iB") ] . "\n" . \ - [ $FormatLine "used" ([ $HumanReadableNum ($Resource->"total-memory" - $Resource->"free-memory") 1024 ] . "iB") ] . "\n" . \ - [ $FormatLine "free" ([ $HumanReadableNum ($Resource->"free-memory") 1024 ] . "iB") ]) }); + [ $FormatLine "total" ([ $HumanReadableNum ($Resource->"total-memory") 1024 ] . "iB") 8 ] . "\n" . \ + [ $FormatLine "used" ([ $HumanReadableNum ($Resource->"total-memory" - $Resource->"free-memory") 1024 ] . "iB") 8 ] . "\n" . \ + [ $FormatLine "free" ([ $HumanReadableNum ($Resource->"free-memory") 1024 ] . "iB") 8 ]) }); :set CheckHealthRAMUtilizationNotified true; } :if ($CheckHealthRAMUtilization < 70 && $CheckHealthRAMUtilizationNotified = true) do={ @@ -96,8 +96,8 @@ $ScriptLock $0; subject=([ $SymbolForNotification ("high-voltage-sign,chart-" . [ $IfThenElse ($NumLast < \ $NumCurr) "in" "de" ] . "creasing") ] . "Health warning: " . $Name); \ message=("The " . $Name . " on " . $Identity . " jumped more than " . $CheckHealthVoltagePercent . "%.\n\n" . \ - [ $FormatLine "old value" ($CheckHealthLast->$Name . " V") ] . "\n" . \ - [ $FormatLine "new value" ($Value . " V") ]) }); + [ $FormatLine "old value" ($CheckHealthLast->$Name . " V") 12 ] . "\n" . \ + [ $FormatLine "new value" ($Value . " V") 12 ]) }); } else={ :if ($NumCurr <= $CheckHealthVoltageLow && $NumLast > $CheckHealthVoltageLow) do={ $SendNotification2 ({ origin=$0; \ From 6384f6a23986dfc0f851dcecedd6838e1b975e41 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 14 Nov 2023 18:51:54 +0100 Subject: [PATCH 030/908] drop old files left from migration --- global-config.changes | 123 -------------------- global-functions | 257 ------------------------------------------ news-and-changes.rsc | 3 +- 3 files changed, 2 insertions(+), 381 deletions(-) delete mode 100644 global-config.changes delete mode 100644 global-functions diff --git a/global-config.changes b/global-config.changes deleted file mode 100644 index 47cfbc6..0000000 --- a/global-config.changes +++ /dev/null @@ -1,123 +0,0 @@ -# News, changes and migration by RouterOS Scripts -# Copyright (c) 2019-2023 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md - -:global IfThenElse; -:global RequiredRouterOS; - -# Changes for global-config to be added to notification on script updates -:global GlobalConfigChanges { - 1="Moved variables from 'global-config' to 'global-functions' for independence"; - 2="Variable names became CamelCase to work around scripting issues"; - 3="Variable for certificate renew passphrase became an array to support multiple passphrases"; - 4="Added option to ignore global-config changes"; - 5="Split off new script 'cloud-backup' from 'email-backup'"; - 6="Introduced script 'upload-backup' with new configuration parameters"; - 7="Introduced script 'check-health' with new configuration parameters"; - 8="Added donation hint and option to silence it"; - 9="Introduced configuration overlay 'global-config-overlay'"; - 10="Made health threshold for voltage configurable"; - 11="Introduced function '\$ScriptInstallUpdate' to install new and update existing scripts"; - 12="Removed '\$ScriptUpdatesConfigChangesIgnore', comment '\$GlobalConfigVersion' in 'global-config-overlay' to disable change notifications"; - 13="Configuration for script 'bridge-port-to-default' changed with new syntax in comment"; - 14="Dropped script 'script-updates', use '\$ScriptInstallUpdate' exclusively!"; - 15="New documentation is online! https://git.eworm.de/cgit/routeros-scripts/about/#available-scripts"; - 16="Happy with RouterOS Scripts and have a GitHub and/or GitLab account? Please star!"; - 17="Introduced script 'early-errors'"; - 18=("Added a simple IP calculation function, try: \$IPCalc " . [ /ip/address/get ([ find ]->0) address ]); - 19="Commenting scripts with 'ignore', 'base-url=...' and 'url-suffix=...' is honored on update"; - 20="Added support for hooks to 'netwatch-notify'"; - 21="Added support for installing patch updates automatically by 'check-routeros-update'"; - 22="Dropped '\$ScriptUpdatesIgnore' from global configuration, auto-migrating to ignore flag in comment" - 23="Added 'log-forward' with configurable filter, which replaces 'early-errors'"; - 24="Made symbols in notifications configurable."; - 25="Added support for DHCP server name in DNS FQDN via '\$ServerNameInZone'"; - 26="Made check count threshold in 'netwatch-notify' configurable."; - 27="Added queue for Telegram notifications to resend later on error."; - 28="Made 'dhcp-to-dns' act on all bound leases, not just dynamic ones."; - 29="Added filter on log message text for 'log-forward'."; - 30="Implemented simple rate limit for 'log-forward' to prevent flooding."; - 31="Switched Telegram notifications to fixed-width font, with opt-out."; - 32="Merged mode (& reset) button scripts in single new script 'mode-button'."; - 33="Added configurable deviation on health temperature recovery threshold against notification flooding."; - 34="Introduced script 'ospf-to-leds' to visualize OSPF instance state via LEDs."; - 35="Implemented visual feedback for 'mode-button' with configurable LED."; - 36="Added support for installing updates automatically if seen in neighbor list."; - 37="Implemented simple dependency model in 'netwatch-notify'."; - 38="Imported new Let's Encrypt intermediate certificate 'R3'."; - 39="Added support for interface specific address list entries in 'ipv6-update'."; - 40="Made the certificate renewal time configurable."; - 41="Implemented migration mechanism for script updates."; - 42="Made severity in terminal output colorful, with opt-out."; - 43="Added queue for e-mail notifications to resend later on error."; - 44="Dropped script 'global-wait', all scripts wait on their own now."; - 45="We have a Telegram Group! Come along and say hello: https://t.me/routeros_scripts"; - 46="Added configurable random delay in backup scripts to stretch execution and prevent resource congestion."; - 47="Removed obsolete intermediate certificate 'Let's Encrypt Authority X3' from store."; - 48="Added support for overriding e-mail and Telegram settings for every script."; - 49="Dropped '\$EmailBackupTo' & '\$EmailBackupCc' from configuration, use settings override if required."; - 50="Added support for dynamic address update in 'netwatch-notify'."; - 51="Added 'ipsec-to-dns' to add DNS records for IPSec peers from mode-config."; - 52="Updated Let's Encrypt trust chain to use root certificate 'ISRG Root X1'. Do not re-import the old chain!"; - 53="Added support to send notifications via Matrix."; - 54="Support for Telegram notifications moved to a module. It is installed automatically if required."; - 55="Added reverse logic in 'log-forward', so messages can be included even if filtered before."; - 56="Added tags in all backup, lease and ppp-on-up scripts. These are used by 'packages-update', 'lease-script' and 'ppp-on-up' to find the scripts."; - 57="Celebrating the 1.000th commit - Hooray!"; - 58="Added a cleanup script for 'hotspot-to-wpa' to purge old access list entries."; - 59="Updating CAP with 'check-routeros-update' is now possible with opt-in."; - 60="Implemented a pre-down hook in 'netwatch-notify' that fires at two thirds of failed checks."; - 61="Finally removed old scripts."; - 62="Added '\$ScriptRunOnce' to run a script from URL once without installation, intended to aid configuration management and the like."; - 63="Moved optional functions '\$IPCalc' and '\$ScriptRunOnce' to modules."; - 64="Implemented '\$InspectVar' in module to inspect variables."; - 65="Added module to manage VLANs on bridge ports."; - 66="Moved script 'bridge-port-to-default' to new module."; - 67="Moved modules to directory with shorter name."; - 68="Reintroduced 'global-wait' for functions in scheduler."; - 69="Support hard lower limit for voltage in 'check-health'."; - 70="MikroTik started pushing RouterOS v7. Changes are no longer required."; - 71="MikroTik is pushing RouterOS v7 even more, in parallel branches. If you want to keep RouterOS v6 for some time see https://git.eworm.de/cgit/routeros-scripts/about/#requirements"; - 72="Introduced new script 'netwatch-dns' to manage DNS and DoH servers from netwatch."; - 73="Renamed backup scripts ('cloud-backup' -> 'backup-cloud', 'email-backup' -> 'backup-email', 'upload-backup' -> 'backup-upload')."; - 74="Extended 'hotspot-to-wpa', it can now read additional configuration from templates and hotspot users."; - 75=("Finally merged the RouterOS v7 code into the main branch. " . [ $IfThenElse ([ $RequiredRouterOS "global-config.changes" "7.0" false ] = true) \ - ("You may now drop '\$ScriptUpdatesUrlSuffix' from 'global-config-overlay'.") \ - ("Still running RouterOS v6, so last reminder to see https://git.eworm.de/cgit/routeros-scripts/about/#requirements") ]); - 76="Added an option to suppress notifications on host down with 'netwatch-notify'."; - 77="Introduced new script 'firmware-upgrade-reboot'. Handle with care!"; - 78="New documentation is online for notifications via Telegram & Matrix, variable inspection, ip address calculation and running scripts once."; - 79="Introduced new script 'backup-partition' to save configuration to fallback partition."; - 80="The 'routeros-v7' branch will now freeze, and vanish any time in future. You already switched to 'main' branch, well done!"; - 81="Dropped script 'rotate-ntp', as the limitation does no longer exist."; - 82="Renamed the comment parameter 'hostname' to just 'name' for 'netwatch-notify'."; - 83="Introduced new setting to disable news and change notifications, dropped version from configuration."; - 84="Support for e-mail notifications moved to a module. It is installed automatically if required."; - 85="Dropped 'netwatch-syslog', filtering in firewall is advised."; - 86="Added support for hooks in 'sms-forward'. This now provides similar functionality to 'sms-action', but is more flexible."; - 87="Added support for extra text (or emojis \F0\9F\9A\80) in notification tags."; - 88="Added support for monitoring CPU utilization and available free RAM in 'check-health'."; - 89="Made the warning time for 'check-certificates' configurable."; - 90="Chat with your router! Introduced 'telegram-chat' to chat via Telegram bot and send commands to your router."; - 91="Dropped check for CAP in 'check-routeros-update' to solve issues with wifiwave2 package."; - 92="Made qr-code url configurable for 'daily-psk'."; - 93="Added support to backup global-config-overlay in 'backup-email' and 'backup-upload'."; - 94="Added support for host addresses in address-list for 'ipv6-update'."; - 95="Renamed script files in repository, running migration. Warnings (one per script) are expected, no user interaction is required."; -}; - -# Migration steps to be applied on script updates -:global GlobalConfigMigration { - 41=":global SendNotification; \$SendNotification (\"Migration mechanism\") (\"Congratulations!\nSuccessfully tested the new migration mechanism.\");"; - 47="/certificate/remove [ find where fingerprint=\"731d3d9cfaa061487a1d71445a42f67df0afca2a6c2d2f98ff7b3ce112b1f568\" or fingerprint=\"25847d668eb4f04fdd40b12b6b0740c567da7d024308eb6c2c96fe41d9de218d\" ];"; - 52=":global CertificateDownload; :if ([ :len [ /certificate/find where fingerprint=\"67add1166b020ae61b8f5fc96813c04c2aa589960796865572a3c7e737613dfd\" or fingerprint=\"96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6\" ] ] < 2) do={ \$CertificateDownload \"R3\"; }; /certificate/remove [ find where fingerprint=\"0687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd6770739\" ];"; - 54=":global ScriptInstallUpdate; :global TelegramTokenId; :global TelegramChatId; :if ([ :len \$TelegramTokenId ] > 0 && [ :len \$TelegramChatId ] > 0) do={ \$ScriptInstallUpdate mod/notification-telegram; }"; - 61="/system/script/remove [ find where name~\"^(early-errors|mode-button-(event|scheduler)|script-updates)\\\$\" source~\"^#!rsc by RouterOS\\n\" ];"; - 66=":global ScriptInstallUpdate; :if ([ :len [ /system/script/find where name=\"bridge-port-to-default\" ] ] > 0) do={ /system/script/remove [ find where name~\"^bridge-port-to(-default|ggle)\\\$\" ]; \$ScriptInstallUpdate mod/bridge-port-to; }"; - 67=":global ScriptInstallUpdate; :global CharacterReplace; :foreach Script in=[ /system/script/find where name~\"^global-functions.d/\" ] do={ /system/script/set name=[ \$CharacterReplace [ /system/script/get \$Script name ] \"global-functions.d/\" \"mod/\" ] \$Script; }; \$ScriptInstallUpdate;"; - 73=":global ScriptInstallUpdate; :global CharacterReplace; :foreach Old,New in={ \"cloud-backup\"=\"backup-cloud\"; \"email-backup\"=\"backup-email\"; \"upload-backup\"=\"backup-upload\" } do={ /system/script/set name=\$New [ find where name=\$Old ]; :foreach Scheduler in=[ /system/scheduler/find where on-event~\$Old ] do={ /system/scheduler/set \$Scheduler name=[ \$CharacterReplace [ get \$Scheduler name ] \$Old \$New ] on-event=[ \$CharacterReplace [ get \$Scheduler on-event ] \$Old \$New ]; }; }; \$ScriptInstallUpdate;"; - 81=":global NtpPool; :if ([ :len [ /system/script/find where name=\"rotate-ntp\" ] ] > 0) do={ /system/script/remove [ find where name=\"rotate-ntp\" ]; /system/scheduler/remove [ find where name=\"rotate-ntp\" ]; /system/ntp/client/set servers=\$NtpPool; };"; - 82=":global CharacterReplace; :foreach Netwatch in=[ /tool/netwatch/find where comment~\"notify\" !disabled ] do={ /tool/netwatch/set \$Netwatch comment=[ \$CharacterReplace [ get \$Netwatch comment ] \"hostname=\" \"name=\" ]; };"; - 84=":global ScriptInstallUpdate; :global EmailGeneralTo; :if ([ /tool/e-mail/get address ] != \"0.0.0.0\" && [ :len \$EmailGeneralTo ] > 0) do={ \$ScriptInstallUpdate mod/notification-email; }"; - 95=":global ScriptInstallUpdate; :global CharacterReplace; :foreach Script in=[ /system/script/find where name~\"\\\\.rsc\\\$\" source~\"^#!rsc by RouterOS\\n\" ] do={ /system/script/set \$Script name=[ \$CharacterReplace [ get \$Script name ] \".rsc\" \"\" ]; }; \$ScriptInstallUpdate;"; -}; diff --git a/global-functions b/global-functions deleted file mode 100644 index 431a343..0000000 --- a/global-functions +++ /dev/null @@ -1,257 +0,0 @@ -#!rsc by RouterOS -# RouterOS script: global-functions -# Copyright (c) 2013-2023 Christian Hesse -# Michael Gisbers -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md -# -# requires RouterOS, version=7.7 -# -# WARNING: If you find this stripped version of global-functions -# on your Router something went wrong and migration failed. To -# recover run this function: $RouterOSScriptsRecover - -# expected configuration version -:global ExpectedConfigVersion 95; - -# global functions -:global RouterOSScriptsRecover; -:global ScriptInstallUpdate; - -# recover from failed migration -:set RouterOSScriptsRecover do={ - :global ScriptInstallUpdate; - - :foreach Script in={ "global-config"; "global-functions" } do={ - /system/script/set name=$Script source=([ /tool/fetch check-certificate=yes-without-crl ("https://git.eworm.de/cgit/routeros-scripts/plain/" . $Script . ".rsc") output=user as-value]->"data"); - /system/script/run $Script; - } - - $ScriptInstallUpdate; -} - -# install new scripts, update existing scripts -:set ScriptInstallUpdate do={ - :local Scripts [ :toarray $1 ]; - :local NewComment [ :tostr $2 ]; - - :global ExpectedConfigVersion; - :global Identity; - :global IDonate; - :global NoNewsAndChangesNotification; - :global NotificationsWithSymbols; - :global ScriptUpdatesBaseUrl; - :global ScriptUpdatesFetch; - :global ScriptUpdatesUrlSuffix; - - :global CertificateAvailable; - :global EitherOr; - :global Grep; - :global IfThenElse; - :global LogPrintExit2; - :global ParseKeyValueStore; - :global RequiredRouterOS; - :global SendNotification2; - :global SymbolForNotification; - :global ValidateSyntax; - - :if ([ $CertificateAvailable "E1" ] = false) do={ - $LogPrintExit2 warning $0 ("Downloading certificate failed, trying without.") false; - } - - :foreach Script in=$Scripts do={ - :if ([ :len [ /system/script/find where name=$Script ] ] = 0) do={ - $LogPrintExit2 info $0 ("Adding new script: " . $Script) false; - /system/script/add name=$Script owner=$Script source="#!rsc by RouterOS\n" comment=$NewComment; - } - } - - :local ExpectedConfigVersionBefore $ExpectedConfigVersion; - :local ReloadGlobalFunctions false; - :local ReloadGlobalConfig false; - - :foreach Script in=[ /system/script/find where source~"^#!rsc by RouterOS\n" ] do={ - :local ScriptVal [ /system/script/get $Script ]; - :local ScriptFile [ /file/find where name=("script-updates/" . $ScriptVal->"name") ]; - :local SourceNew; - :if ([ :len $ScriptFile ] > 0) do={ - :set SourceNew [ /file/get $ScriptFile contents ]; - /file/remove $ScriptFile; - } - - :foreach Scheduler in=[ /system/scheduler/find where on-event~("\\b" . $ScriptVal->"name" . "\\b") ] do={ - :local SchedulerVal [ /system/scheduler/get $Scheduler ]; - :if ($ScriptVal->"policy" != $SchedulerVal->"policy") do={ - $LogPrintExit2 warning $0 ("Policies differ for script '" . $ScriptVal->"name" . \ - "' and its scheduler '" . $SchedulerVal->"name" . "'!") false; - } - } - - :if ([ :len $SourceNew ] = 0 && $ScriptUpdatesFetch = true) do={ - :local Comment [ $ParseKeyValueStore ($ScriptVal->"comment") ]; - :if (!($Comment->"ignore" = true)) do={ - :do { - :local BaseUrl $ScriptUpdatesBaseUrl; - :local UrlSuffix $ScriptUpdatesUrlSuffix; - :if ([ :typeof ($Comment->"base-url") ] = "str") do={ :set BaseUrl ($Comment->"base-url"); } - :if ([ :typeof ($Comment->"url-suffix") ] = "str") do={ :set UrlSuffix ($Comment->"url-suffix"); } - :local Url ($BaseUrl . $ScriptVal->"name" . ".rsc" . $UrlSuffix); - - $LogPrintExit2 debug $0 ("Fetching script '" . $ScriptVal->"name" . "' from url: " . $Url) false; - :local Result [ /tool/fetch check-certificate=yes-without-crl $Url output=user as-value ]; - :if ($Result->"status" = "finished") do={ - :set SourceNew ($Result->"data"); - } - } on-error={ - :if ($ScriptVal->"source" = "#!rsc by RouterOS\n") do={ - $LogPrintExit2 warning $0 ("Failed fetching script '" . $ScriptVal->"name" . \ - "', removing dummy. Typo on installation?") false; - /system/script/remove $Script; - } else={ - $LogPrintExit2 warning $0 ("Failed fetching script '" . $ScriptVal->"name" . "'!") false; - } - } - } - } - - :if ([ :len $SourceNew ] > 0) do={ - :if ($SourceNew != $ScriptVal->"source") do={ - :if ([ :pick $SourceNew 0 18 ] = "#!rsc by RouterOS\n") do={ - :local Required ([ $ParseKeyValueStore [ $Grep $SourceNew "# requires RouterOS, " ] ]->"version"); - :if ([ $RequiredRouterOS $0 [ $EitherOr $Required "0.0" ] false ] = true) do={ - :if ([ $ValidateSyntax $SourceNew ] = true) do={ - $LogPrintExit2 info $0 ("Updating script: " . $ScriptVal->"name") false; - /system/script/set owner=($ScriptVal->"name") source=$SourceNew $Script; - :if ($ScriptVal->"name" = "global-config") do={ - :set ReloadGlobalConfig true; - } - :if ($ScriptVal->"name" = "global-functions" || $ScriptVal->"name" ~ ("^mod/.")) do={ - :set ReloadGlobalFunctions true; - } - } else={ - $LogPrintExit2 warning $0 ("Syntax validation for script '" . $ScriptVal->"name" . \ - "' failed! Ignoring!") false; - } - } else={ - $LogPrintExit2 warning $0 ("The script '" . $ScriptVal->"name" . "' requires RouterOS " . \ - $Required . ", which is not met by your installation. Ignoring!") false; - } - } else={ - $LogPrintExit2 warning $0 ("Looks like new script '" . $ScriptVal->"name" . \ - "' is not valid (missing shebang). Ignoring!") false; - } - } else={ - $LogPrintExit2 debug $0 ("Script '" . $ScriptVal->"name" . "' did not change.") false; - } - } else={ - $LogPrintExit2 debug $0 ("No update for script '" . $ScriptVal->"name" . "'.") false; - } - } - - :if ($ReloadGlobalFunctions = true) do={ - $LogPrintExit2 info $0 ("Reloading global functions.") false; - :do { - /system/script/run global-functions; - } on-error={ - $LogPrintExit2 error $0 ("Reloading global functions failed!") false; - } - } - - :if ($ReloadGlobalConfig = true) do={ - $LogPrintExit2 info $0 ("Reloading global configuration.") false; - :do { - /system/script/run global-config; - } on-error={ - $LogPrintExit2 error $0 ("Reloading global configuration failed!" . \ - " Syntax error or missing overlay?") false; - } - } - - :if ($ExpectedConfigVersionBefore > $ExpectedConfigVersion) do={ - $LogPrintExit2 warning $0 ("The configuration version decreased from " . \ - $ExpectedConfigVersionBefore . " to " . $ExpectedConfigVersion . \ - ". Installed an older version?") false; - } - - :if ($ExpectedConfigVersionBefore < $ExpectedConfigVersion) do={ - :global GlobalConfigChanges; - :global GlobalConfigMigration; - :local ChangeLogCode; - - :do { - :local Url ($ScriptUpdatesBaseUrl . "news-and-changes.rsc" . $ScriptUpdatesUrlSuffix); - $LogPrintExit2 debug $0 ("Fetching news, changes and migration: " . $Url) false; - :local Result [ /tool/fetch check-certificate=yes-without-crl $Url output=user as-value ]; - :if ($Result->"status" = "finished") do={ - :set ChangeLogCode ($Result->"data"); - } - } on-error={ - $LogPrintExit2 warning $0 ("Failed fetching news, changes and migration!") false; - } - - :if ([ :len $ChangeLogCode ] > 0) do={ - :if ([ $ValidateSyntax $ChangeLogCode ] = true) do={ - :do { - [ :parse $ChangeLogCode ]; - } on-error={ - $LogPrintExit2 warning $0 ("The changelog failed to run!") false; - } - } else={ - $LogPrintExit2 warning $0 ("The changelog failed syntax validation!") false; - } - } - - :if ([ :len $GlobalConfigMigration ] > 0) do={ - :for I from=($ExpectedConfigVersionBefore + 1) to=$ExpectedConfigVersion do={ - :local Migration ($GlobalConfigMigration->[ :tostr $I ]); - :if ([ :typeof $Migration ] = "str") do={ - :if ([ $ValidateSyntax $Migration ] = true) do={ - $LogPrintExit2 info $0 ("Applying migration for change " . $I . ": " . $Migration) false; - :do { - [ :parse $Migration ]; - } on-error={ - $LogPrintExit2 warning $0 ("Migration code for change " . $I . " failed to run!") false; - } - } else={ - $LogPrintExit2 warning $0 ("Migration code for change " . $I . " failed syntax validation!") false; - } - } - } - } - - :local NotificationMessage ("The configuration version on " . $Identity . " increased " . \ - "to " . $ExpectedConfigVersion . ", current configuration may need modification. " . \ - "Please review and update global-config-overlay, then re-run global-config."); - $LogPrintExit2 info $0 ($NotificationMessage) false; - - :if ([ :len $GlobalConfigChanges ] > 0) do={ - :set NotificationMessage ($NotificationMessage . "\n\nChanges:"); - :for I from=($ExpectedConfigVersionBefore + 1) to=$ExpectedConfigVersion do={ - :local Change ($GlobalConfigChanges->[ :tostr $I ]); - :set NotificationMessage ($NotificationMessage . "\n " . \ - [ $IfThenElse ($NotificationsWithSymbols = true) ("\E2\97\8F") "*" ] . " " . $Change); - $LogPrintExit2 info $0 ("Change " . $I . ": " . $Change) false; - } - } else={ - :set NotificationMessage ($NotificationMessage . "\n\nNews and changes are not available."); - } - - :if ($NoNewsAndChangesNotification != true) do={ - :local Link; - :if ($IDonate != true) do={ - :set NotificationMessage ($NotificationMessage . \ - "\n\n==== donation hint ====\n" . \ - "This project is developed in private spare time and usage is " . \ - "free of charge for you. If you like the scripts and think this is " . \ - "of value for you or your business please consider a donation."); - :set Link "https://git.eworm.de/cgit/routeros-scripts/about/#donate"; - } - - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "pushpin" ] . "News and configuration changes"); \ - message=$NotificationMessage; link=$Link }); - } - - :set GlobalConfigChanges; - :set GlobalConfigMigration; - } -} diff --git a/news-and-changes.rsc b/news-and-changes.rsc index d0b3820..f4c50c2 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -5,7 +5,8 @@ :global IfThenElse; :global RequiredRouterOS; -# News, changes and migration up to change 95 are in global-config.changes! +# News, changes and migration up to change 95: +# https://git.eworm.de/cgit/routeros-scripts/plain/global-config.changes?h=change-95 # Changes for global-config to be added to notification on script updates :global GlobalConfigChanges { From ab8c9d04ffb331dd5c00f0cceae395a871df7936 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 16 Nov 2023 13:15:28 +0100 Subject: [PATCH 031/908] check-routeros-update: rename scheduler This was missing for commit f7c72b6ed96e45bf1fbb54c46ce09e1fccc791be... --- check-routeros-update.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index d77164d..0b621f7 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -41,7 +41,7 @@ $ScriptLock $0; $WaitFullyConnected; -:if ([ :len [ /system/scheduler/find where name="\$RebootForUpdate" ] ] > 0) do={ +:if ([ :len [ /system/scheduler/find where name="_RebootForUpdate" ] ] > 0) do={ :error "A reboot for update is already scheduled."; } From 11daef75f033443e1b15beadb5b74985db4f5812 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 21 Nov 2023 13:06:44 +0100 Subject: [PATCH 032/908] packages-update: refuse automatic update to RouterOS 7.13 ... as migration to wireless or wifi package has to be done. Please update manually by running: /system/package/update/install --- packages-update.rsc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/packages-update.rsc b/packages-update.rsc index 85a241a..d011ea1 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -33,6 +33,11 @@ $ScriptLock $0; :local NumInstalled [ $VersionToNum ($Update->"installed-version") ]; :local NumLatest [ $VersionToNum ($Update->"latest-version") ]; +:if ($NumInstalled < 0x070d0000 && $NumLatest > 0x070d0000) do={ + $LogPrintExit2 error $0 ("Migration to wireless/wifi package in RouterOS " . \ + ($Update->"latest-version") . " is pending. Please update manually!") true; +} + :local DoDowngrade false; :if ($NumInstalled > $NumLatest) do={ :if ([ $ScriptFromTerminal $0 ] = true) do={ From b75b0bf6bea8ed02cab0db32e948ea0f7de13d08 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 22 Nov 2023 21:17:44 +0100 Subject: [PATCH 033/908] backup-upload: get rid of '.txt' file extension --- backup-upload.rsc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/backup-upload.rsc b/backup-upload.rsc index 5c5e37e..02916c6 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -103,12 +103,12 @@ $WaitFullyConnected; :if ($BackupSendGlobalConfig = true) do={ # Do *NOT* use '/file/add ...' here, as it is limited to 4095 bytes! :execute script={ :put [ /system/script/get global-config-overlay source ]; } \ - file=($FilePath . ".conf"); - $WaitForFile ($FilePath . ".conf.txt"); + file=($FilePath . ".conf\00"); + $WaitForFile ($FilePath . ".conf"); :do { /tool/fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".conf") \ - user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".conf.txt"); + user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".conf"); :set ConfigFile [ /file/get ($FilePath . ".conf") ]; :set ($ConfigFile->"name") ($FileName . ".conf"); } on-error={ @@ -117,7 +117,7 @@ $WaitFullyConnected; :set Failed 1; } - /file/remove ($FilePath . ".conf.txt"); + /file/remove ($FilePath . ".conf"); } :local FileInfo do={ From d1abbede75253e3f10be0cba6e7ae68a1700865f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 22 Nov 2023 21:18:39 +0100 Subject: [PATCH 034/908] backup-email: get rid of '.txt' file extension --- backup-email.rsc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/backup-email.rsc b/backup-email.rsc index 95e9015..f4f1fc8 100644 --- a/backup-email.rsc +++ b/backup-email.rsc @@ -82,10 +82,10 @@ $WaitFullyConnected; :if ($BackupSendGlobalConfig = true) do={ # Do *NOT* use '/file/add ...' here, as it is limited to 4095 bytes! :execute script={ :put [ /system/script/get global-config-overlay source ]; } \ - file=($FilePath . ".conf"); - $WaitForFile ($FilePath . ".conf.txt"); - :set ConfigFile ($FileName . ".conf.txt"); - :set Attach ($Attach, ($FilePath . ".conf.txt")); + file=($FilePath . ".conf\00"); + $WaitForFile ($FilePath . ".conf"); + :set ConfigFile ($FileName . ".conf"); + :set Attach ($Attach, ($FilePath . ".conf")); } # send email with status and files From cae5f425a6c9d1f5797d85f6d4cd21867cc5cf8f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 22 Nov 2023 21:20:44 +0100 Subject: [PATCH 035/908] telegram-chat: get rid of '.txt' file extension --- telegram-chat.rsc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/telegram-chat.rsc b/telegram-chat.rsc index 686becc..9515119 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -112,18 +112,18 @@ $WaitFullyConnected; $MkDir "tmpfs/telegram-chat"; $LogPrintExit2 info $0 ("Running command from update " . $UpdateID . ": " . $Message->"text") false; :execute script=(":do {\n" . $Message->"text" . "\n} on-error={ /file/add name=\"" . $File . ".failed\" };" . \ - "/file/add name=\"" . $File . ".done\"") file=$File; + "/file/add name=\"" . $File . ".done\"") file=($File . "\00"); :if ([ $WaitForFile ($File . ".done") [ $EitherOr $TelegramChatRunTime 20s ] ] = false) do={ :set State "The command did not finish, still running in background.\n\n"; } :if ([ :len [ /file/find where name=($File . ".failed") ] ] > 0) do={ :set State "The command failed with an error!\n\n"; } - :local Content [ /file/get ($File . ".txt") contents ]; + :local Content [ /file/get $File contents ]; $SendTelegram2 ({ origin=$0; chatid=($Chat->"id"); silent=true; replyto=($Message->"message_id"); \ subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ message=("Command:\n" . $Message->"text" . "\n\n" . $State . [ $IfThenElse ([ :len $Content ] > 0) \ - ("Output:\n" . $Content) [ $IfThenElse ([ /file/get ($File . ".txt") size ] > 0) \ + ("Output:\n" . $Content) [ $IfThenElse ([ /file/get $File size ] > 0) \ ("Output exceeds file read size.") ("No output.") ] ]) }); /file/remove "tmpfs/telegram-chat"; } else={ From 1cc0e3429b4017d97529a49a09e50487d9630929 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 23 Nov 2023 14:41:46 +0100 Subject: [PATCH 036/908] global-functions: introduce $AlignRight --- global-functions.rsc | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 090269d..c356606 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -20,6 +20,7 @@ :global Identity [ /system/identity/get name ]; # global functions +:global AlignRight; :global CertificateAvailable; :global CertificateDownload; :global CertificateNameByCN; @@ -72,6 +73,19 @@ :global WaitFullyConnected; :global WaitTimeSync; +# align string to the right +:global AlignRight do={ + :local Input [ :tostr $1 ]; + :local Len [ :tonum $2 ]; + + :global EitherOr; + + :local Spaces " "; + :set Len [ $EitherOr $Len 8 ]; + + :return ([ :pick $Spaces 0 ($Len - [ :len $Input ]) ] . $Input); +} + # check and download required certificate :set CertificateAvailable do={ :local CommonName [ :tostr $1 ]; From 81a86ee0430c0ffccfa7e8116d383341037e07da Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 27 Nov 2023 13:17:17 +0100 Subject: [PATCH 037/908] netwatch-dns: get doh host name from static dns --- doc/netwatch-dns.md | 9 +++++++++ netwatch-dns.rsc | 7 ++++++- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/doc/netwatch-dns.md b/doc/netwatch-dns.md index a208d00..70b766a 100644 --- a/doc/netwatch-dns.md +++ b/doc/netwatch-dns.md @@ -43,6 +43,15 @@ Giving a specific query url for DoH is possible: Note that using a name in DoH url may introduce a chicken-and-egg issue! +Adding a static DNS record has the same result for the url, but always +resolves to the same address. + + /ip/dns/static/add name="dns.nextdns.io" address=199.247.16.158; + /tool/netwatch/add comment="doh" host=199.247.16.158; + +Be aware that you have to keep the ip address in sync with real world +manually! + Importing a certificate automatically is possible, at least if available in the repository (see `certs` sub directory). diff --git a/netwatch-dns.rsc b/netwatch-dns.rsc index 3e3e27c..c5c8ed1 100644 --- a/netwatch-dns.rsc +++ b/netwatch-dns.rsc @@ -64,10 +64,15 @@ $ScriptLock $0; :foreach Host in=[ /tool/netwatch/find where comment~"\\bdoh\\b" status="up" ] do={ :local HostVal [ /tool/netwatch/get $Host ]; :local HostInfo [ $ParseKeyValueStore ($HostVal->"comment") ]; + :local HostName [ /ip/dns/static/find where name address=($HostVal->"host") \ + (!type or type="A" or type="AAAA") !disabled !dynamic ]; + :if ([ :len $HostName ] > 0) do={ + :set HostName [ /ip/dns/static/get ($HostName->0) name ]; + } :if ($HostInfo->"doh" = true && $HostInfo->"disabled" != true && $DohServer = "") do={ :set DohServer [ $EitherOr ($HostInfo->"doh-url") \ - ("https://" . $HostVal->"host" . "/dns-query") ]; + ("https://" . [ $EitherOr $HostName ($HostVal->"host") ] . "/dns-query") ]; :set DohCert ($HostInfo->"doh-cert"); } } From 4e1d54d733bb2ff551edca957d331af357e9fd5b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Nov 2023 13:20:15 +0100 Subject: [PATCH 038/908] global-functions: $SymbolForNotification: properly append space to alt text --- global-functions.rsc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index c356606..a569699 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1084,7 +1084,7 @@ :for I from=($ExpectedConfigVersionBefore + 1) to=$ExpectedConfigVersion do={ :local Change ($GlobalConfigChanges->[ :tostr $I ]); :set NotificationMessage ($NotificationMessage . "\n " . \ - [ $SymbolForNotification "pushpin" "* " ] . $Change); + [ $SymbolForNotification "pushpin" "*" ] . $Change); $LogPrintExit2 info $0 ("Change " . $I . ": " . $Change) false; } } else={ @@ -1299,9 +1299,10 @@ :set SymbolForNotification do={ :global NotificationsWithSymbols; :global SymbolByUnicodeName; + :global IfThenElse; :if ($NotificationsWithSymbols != true) do={ - :return [ :tostr $2 ]; + :return [ $IfThenElse ([ :len $2 ] > 0) ([ :tostr $2 ] . " ") "" ]; } :local Return ""; :foreach Symbol in=[ :toarray $1 ] do={ From 080bef89a934980271a50eed25a494a0bc33d007 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Nov 2023 14:13:10 +0100 Subject: [PATCH 039/908] global-functions: $SymbolByUnicodeName: rename up-arrow -> arrow-up ... so arrows are grouped in case we add more. --- global-functions.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index a569699..876f2cd 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1265,6 +1265,7 @@ :local Symbols { "abacus"="\F0\9F\A7\AE"; "alarm-clock"="\E2\8F\B0"; + "arrow-up"="\E2\AC\86"; "calendar"="\F0\9F\93\85"; "card-file-box"="\F0\9F\97\83"; "chart-decreasing"="\F0\9F\93\89"; @@ -1287,7 +1288,6 @@ "scissors"="\E2\9C\82"; "sparkles"="\E2\9C\A8"; "speech-balloon"="\F0\9F\92\AC"; - "up-arrow"="\E2\AC\86"; "warning-sign"="\E2\9A\A0"; "white-heavy-check-mark"="\E2\9C\85" } From 495eff48de7f825ea013609f5de0c42330db163e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 30 Nov 2023 12:01:59 +0100 Subject: [PATCH 040/908] global-functions: introduce $MAX --- global-functions.rsc | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 876f2cd..709a615 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -48,6 +48,7 @@ :global IsTimeSync; :global LogPrintExit2; :global LogPrintOnce; +:global MAX; :global MkDir; :global NotificationFunctions; :global ParseDate; @@ -680,6 +681,12 @@ $LogPrintExit2 $Severity $Name $Message false; } +# get max value +:set MAX do={ + :if ($1 > $2) do={ :return $1; } + :return $2; +} + # create directory :set MkDir do={ :local Path [ :tostr $1 ]; From c6bf722e49c55af3a4d870f2fdca1460ece2bc1b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 30 Nov 2023 12:02:51 +0100 Subject: [PATCH 041/908] global-functions: introduce $MIN --- global-functions.rsc | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 709a615..d4f5ebf 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -49,6 +49,7 @@ :global LogPrintExit2; :global LogPrintOnce; :global MAX; +:global MIN; :global MkDir; :global NotificationFunctions; :global ParseDate; @@ -687,6 +688,12 @@ :return $2; } +# get min value +:set MIN do={ + :if ($1 < $2) do={ :return $1; } + :return $2; +} + # create directory :set MkDir do={ :local Path [ :tostr $1 ]; From aba477039518dd3806a7f19c40735f0433fb7467 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 30 Nov 2023 13:18:15 +0100 Subject: [PATCH 042/908] fw-addr-lists: support timeout per list This works with something like this: :global FwAddrLists { "allow"={ { url="https://eworm.de/ros/fw-addr-lists/allow"; cert="E1"; timeout=1w }; }; ... } All urls for one named list should have the same timeout! With different timeout values and identical addresses the behavior is besically undefined, depending on order. --- fw-addr-lists.rsc | 14 ++++++++------ global-config.rsc | 2 +- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 26e9f98..845b597 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -14,6 +14,7 @@ :global FwAddrListTimeOut; :global CertificateAvailable; +:global EitherOr; :global LogPrintExit2; :global ScriptLock; :global WaitFullyConnected; @@ -42,6 +43,7 @@ $WaitFullyConnected; :foreach List in=$FwList do={ :local CheckCertificate "no"; :local Data false; + :local TimeOut [ $EitherOr [ :totime ($List->"timeout") ] $FwAddrListTimeOut ]; :if ([ :len ($List->"cert") ] > 0) do={ :set CheckCertificate "yes-without-crl"; @@ -75,7 +77,7 @@ $WaitFullyConnected; :local Address ([ :pick $Line 0 [ $FindDelim $Line ] ] . ($List->"cidr")); :if ($Address ~ "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}(/[0-9]{1,2})?\$" || \ $Address ~ "^[\\.a-zA-Z0-9-]+\\.[a-zA-Z]{2,}\$") do={ - :set ($Addresses->$Address) 1; + :set ($Addresses->$Address) $TimeOut; } :set Data [ :pick $Data ([ :len $Line ] + 1) [ :len $Data ] ]; } @@ -83,9 +85,9 @@ $WaitFullyConnected; :foreach Entry in=[ /ip/firewall/address-list/find where list=$FwListName comment=$ListComment ] do={ :local Address [ /ip/firewall/address-list/get $Entry address ]; - :if (($Addresses->$Address) = 1) do={ - $LogPrintExit2 debug $0 ("Renewing: " . $Address) false; - /ip/firewall/address-list/set $Entry timeout=$FwAddrListTimeOut; + :if ([ :typeof ($Addresses->$Address) ] = "time") do={ + $LogPrintExit2 debug $0 ("Renewing for " . ($Addresses->$Address) . ": " . $Address) false; + /ip/firewall/address-list/set $Entry timeout=($Addresses->$Address); :set ($Addresses->$Address); :set CntRenew ($CntRenew + 1); } else={ @@ -98,9 +100,9 @@ $WaitFullyConnected; } :foreach Address,Ignore in=$Addresses do={ - $LogPrintExit2 debug $0 ("Adding: " . $Address) false; + $LogPrintExit2 debug $0 ("Adding for " . ($Addresses->$Address) . ": " . $Address) false; :do { - /ip/firewall/address-list/add list=$FwListName comment=$ListComment address=$Address timeout=$FwAddrListTimeOut; + /ip/firewall/address-list/add list=$FwListName comment=$ListComment address=$Address timeout=($Addresses->$Address); :set ($Addresses->$Address); :set CntAdd ($CntAdd + 1); } on-error={ diff --git a/global-config.rsc b/global-config.rsc index dfb25ec..14a4e98 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -88,7 +88,7 @@ :global FwAddrLists { # "allow"={ # { url="https://eworm.de/ros/fw-addr-lists/allow"; -# cert="E1" }; +# cert="E1"; timeout=1w }; # }; "block"={ # { url="https://eworm.de/ros/fw-addr-lists/block"; From 15e347303bfb1d8dc600dd8c1a6cd6e8bbe6268f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Dec 2023 09:28:59 +0100 Subject: [PATCH 043/908] global-functions: $DeviceInfo: add SNMP location and contact --- global-functions.rsc | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index d4f5ebf..6167348 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -219,16 +219,21 @@ :global IfThenElse; :global FormatLine; + :local License [ /system/license/get ]; :local Resource [ /system/resource/get ]; :local RouterBoard; :do { :set RouterBoard [[ :parse "/system/routerboard/get" ]]; } on-error={ } - :local License [ /system/license/get ]; + :local Snmp [ /snmp/get ]; :local Update [ /system/package/update/get ]; :return ( \ [ $FormatLine "Hostname" $Identity ] . "\n" . \ + [ $IfThenElse ([ :len ($Snmp->"location") ] > 0) \ + ([ $FormatLine "Location" ($Snmp->"location") ] . "\n") ] . \ + [ $IfThenElse ([ :len ($Snmp->"contact") ] > 0) \ + ([ $FormatLine "Contact" ($Snmp->"contact") ] . "\n") ] . \ [ $FormatLine "Board name" ($Resource->"board-name") ] . "\n" . \ [ $FormatLine "Architecture" ($Resource->"architecture-name") ] . "\n" . \ [ $IfThenElse ($RouterBoard->"routerboard" = true) \ From 8f24b4c490ddb4404521feed8a579a34351568f5 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Dec 2023 10:56:48 +0100 Subject: [PATCH 044/908] global-functions: introduce $CharacterMultiply --- global-functions.rsc | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 6167348..bb4f098 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -24,6 +24,7 @@ :global CertificateAvailable; :global CertificateDownload; :global CertificateNameByCN; +:global CharacterMultiply; :global CharacterReplace; :global CleanFilePath; :global DeviceInfo; @@ -172,6 +173,15 @@ name=[ $CharacterReplace [ $CharacterReplace [ $CharacterReplace $CommonName "'" "-" ] " " "-" ] "---" "-" ]; } +# multiply given character(s) +:set CharacterMultiply do={ + :local Return ""; + :for I from=1 to=$2 do={ + :set Return ($Return . $1); + } + :return $Return; +} + # character replace :set CharacterReplace do={ :local String [ :tostr $1 ]; From 5e2e65b25207ceae7d847285336fe4791df339bc Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Dec 2023 10:58:27 +0100 Subject: [PATCH 045/908] global-functions: $AlignRight: use $CharacterMultiply --- global-functions.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index bb4f098..ffa02c7 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -81,10 +81,11 @@ :local Input [ :tostr $1 ]; :local Len [ :tonum $2 ]; + :global CharacterMultiply; :global EitherOr; - :local Spaces " "; :set Len [ $EitherOr $Len 8 ]; + :local Spaces [ $CharacterMultiply " " $Len ]; :return ([ :pick $Spaces 0 ($Len - [ :len $Input ]) ] . $Input); } From 1bb2871e0badcbdf56605ccfd64e319e61556172 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Dec 2023 10:59:41 +0100 Subject: [PATCH 046/908] global-functions: $FormatLine: use $CharacterMultiply --- global-functions.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index ffa02c7..34d3df0 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -377,12 +377,14 @@ :local Key [ :tostr $1 ]; :local Value [ :tostr $2 ]; :local Indent [ :tonum $3 ]; - :local Spaces " "; + :local Spaces; :local Return ""; + :global CharacterMultiply; :global EitherOr; :set Indent [ $EitherOr $Indent 16 ]; + :local Spaces [ $CharacterMultiply " " $Indent ]; :if ([ :len $Key ] > 0) do={ :set Return ($Key . ":"); } :if ([ :len $Key ] > ($Indent - 2)) do={ From 84368ec6ebe758d4f7f5745bb1b8c48a292025bb Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Dec 2023 09:44:32 +0100 Subject: [PATCH 047/908] mod/notification-email: $QuotedPrintable: minor rework We have to encode all characters from 0x00 to 0x1f as well... Also the equal sign is nothing special here, just adding to list. --- mod/notification-email.rsc | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index 774af4c..76f198f 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -170,27 +170,28 @@ :global QuotedPrintable do={ :local Input [ :tostr $1 ]; + :global CharacterMultiply; + :if ([ :len $Input ] = 0) do={ :return $Input; } :local Return ""; - :local Chars ("\80\81\82\83\84\85\86\87\88\89\8A\8B\8C\8D\8E\8F\90\91\92\93\94\95\96\97" . \ - "\98\99\9A\9B\9C\9D\9E\9F\A0\A1\A2\A3\A4\A5\A6\A7\A8\A9\AA\AB\AC\AD\AE\AF\B0\B1\B2\B3" . \ - "\B4\B5\B6\B7\B8\B9\BA\BB\BC\BD\BE\BF\C0\C1\C2\C3\C4\C5\C6\C7\C8\C9\CA\CB\CC\CD\CE\CF" . \ - "\D0\D1\D2\D3\D4\D5\D6\D7\D8\D9\DA\DB\DC\DD\DE\DF\E0\E1\E2\E3\E4\E5\E6\E7\E8\E9\EA\EB" . \ - "\EC\ED\EE\EF\F0\F1\F2\F3\F4\F5\F6\F7\F8\F9\FA\FB\FC\FD\FE\FF"); - :local Hex { "0"; "1"; "2"; "3"; "4"; "5"; "6"; "7"; "8"; "9"; "A"; "B"; "C"; "D"; "E"; "F" }; + :local Chars ( \ + "\00\01\02\03\04\05\06\07\08\09\0A\0B\0C\0D\0E\0F\10\11\12\13\14\15\16\17\18\19\1A\1B\1C\1D\1E\1F" . \ + [ $CharacterMultiply ("\00") 29 ] . "=" . [ $CharacterMultiply ("\00") 65 ] . "\7F" . \ + "\80\81\82\83\84\85\86\87\88\89\8A\8B\8C\8D\8E\8F\90\91\92\93\94\95\96\97\98\99\9A\9B\9C\9D\9E\9F" . \ + "\A0\A1\A2\A3\A4\A5\A6\A7\A8\A9\AA\AB\AC\AD\AE\AF\B0\B1\B2\B3\B4\B5\B6\B7\B8\B9\BA\BB\BC\BD\BE\BF" . \ + "\C0\C1\C2\C3\C4\C5\C6\C7\C8\C9\CA\CB\CC\CD\CE\CF\D0\D1\D2\D3\D4\D5\D6\D7\D8\D9\DA\DB\DC\DD\DE\DF" . \ + "\E0\E1\E2\E3\E4\E5\E6\E7\E8\E9\EA\EB\EC\ED\EE\EF\F0\F1\F2\F3\F4\F5\F6\F7\F8\F9\FA\FB\FC\FD\FE\FF"); + :local Hex "0123456789ABCDEF"; :for I from=0 to=([ :len $Input ] - 1) do={ :local Char [ :pick $Input $I ]; :local Replace [ :find $Chars $Char ]; - :if ($Char = "=") do={ - :set Char "=3D"; - } :if ([ :typeof $Replace ] = "num") do={ - :set Char ("=" . ($Hex->($Replace / 16 + 8)) . ($Hex->($Replace % 16))); + :set Char ("=" . [ :pick $Hex ($Replace / 16)] . [ :pick $Hex ($Replace % 16) ]); } :set Return ($Return . $Char); } From e4b10d4b76b7ccd22695ba5074857cdc542014ea Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Dec 2023 11:45:28 +0100 Subject: [PATCH 048/908] mod/notification-email: $QuotedPrintable: also encode question mark Following the RFC it is not required, but looks like Thunderbird has an issue here... https://datatracker.ietf.org/doc/html/rfc2045#section-6.7 --- mod/notification-email.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index 76f198f..e10353c 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -179,7 +179,7 @@ :local Return ""; :local Chars ( \ "\00\01\02\03\04\05\06\07\08\09\0A\0B\0C\0D\0E\0F\10\11\12\13\14\15\16\17\18\19\1A\1B\1C\1D\1E\1F" . \ - [ $CharacterMultiply ("\00") 29 ] . "=" . [ $CharacterMultiply ("\00") 65 ] . "\7F" . \ + [ $CharacterMultiply ("\00") 29 ] . "=\00?" . [ $CharacterMultiply ("\00") 63 ] . "\7F" . \ "\80\81\82\83\84\85\86\87\88\89\8A\8B\8C\8D\8E\8F\90\91\92\93\94\95\96\97\98\99\9A\9B\9C\9D\9E\9F" . \ "\A0\A1\A2\A3\A4\A5\A6\A7\A8\A9\AA\AB\AC\AD\AE\AF\B0\B1\B2\B3\B4\B5\B6\B7\B8\B9\BA\BB\BC\BD\BE\BF" . \ "\C0\C1\C2\C3\C4\C5\C6\C7\C8\C9\CA\CB\CC\CD\CE\CF\D0\D1\D2\D3\D4\D5\D6\D7\D8\D9\DA\DB\DC\DD\DE\DF" . \ From 94607496ae07118e5bea8da728719c4c138e425f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Dec 2023 12:01:52 +0100 Subject: [PATCH 049/908] check-certificates: fix typo and syntax --- check-certificates.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index 3410d4d..e9b5de1 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -126,7 +126,7 @@ $WaitFullyConnected; :if ($CertVal->"fingerprint" != [ /certificate/get $Cert fingerprint ]) do={ $LogPrintExit2 debug $0 ("Certificate '" . $CertVal->"name" . "' was updated in place.") false; :set CertVal [ /certificate/get $Cert ]; - } else { + } else={ $LogPrintExit2 debug $0 ("Certificate '" . $CertVal->"name" . "' was not updated, but replaced.") false; :local CertNew [ /certificate/find where name~("^" . [ $EscapeForRegEx [ $UrlEncode $LastName ] ] . "\\.(p12|pem)_[0-9]+\$") \ @@ -153,7 +153,7 @@ $WaitFullyConnected; /certificate/remove $Cert; /certificate/set $CertNew name=($CertVal->"name"); :set CertNewVal; - :set CertVal [ /certificate/get $CertNew ];; + :set CertVal [ /certificate/get $CertNew ]; } $SendNotification2 ({ origin=$0; silent=true; \ From 3df99b0ee08af968afb8ec0382acde448a5d79b3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Dec 2023 11:22:05 +0100 Subject: [PATCH 050/908] check-certificates: give full certificate chain --- check-certificates.rsc | 35 ++++++++++++++++++++++++++++------- 1 file changed, 28 insertions(+), 7 deletions(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index e9b5de1..b6336ff 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -75,25 +75,45 @@ } :local FormatInfo do={ - :local CertVal $1; + :local Cert $1; :global FormatLine; :global FormatMultiLines; :global IfThenElse; - :global ParseKeyValueStore; - + :global EitherOr; + :local FormatExpire do={ :global CharacterReplace; :return [ $CharacterReplace [ $CharacterReplace [ :tostr $1 ] "w" "w " ] "d" "d " ]; } + :local FormatCertChain do={ + :local Cert $1; + + :global ParseKeyValueStore; + + :local CertVal [ /certificate/get $Cert ]; + :local Return ""; + + :while (true) do={ + :set Return ($Return . [ $ParseKeyValueStore ($CertVal->"issuer") ]->"CN"); + :if (($CertVal->"akid") = "" || ($CertVal->"akid") = ($CertVal->"skid")) do={ + :return $Return; + } + :set Return ($Return . " -> "); + :set CertVal [ /certificate/get [ find where skid=($CertVal->"akid") ] ]; + } + } + + :local CertVal [ /certificate/get $Cert ]; + :return ( \ [ $FormatLine "Name" ($CertVal->"name") ] . "\n" . \ [ $IfThenElse ([ :len ($CertVal->"common-name") ] > 0) ([ $FormatLine "CommonName" ($CertVal->"common-name") ] . "\n") ] . \ [ $IfThenElse ([ :len ($CertVal->"subject-alt-name") ] > 0) ([ $FormatMultiLines "SubjectAltNames" ($CertVal->"subject-alt-name") ] . "\n") ] . \ [ $FormatLine "Private key" [ $IfThenElse (($CertVal->"private-key") = true) "available" "missing" ] ] . "\n" . \ [ $FormatLine "Fingerprint" ($CertVal->"fingerprint") ] . "\n" . \ - [ $FormatLine "Issuer" ($CertVal->"ca" . ([ $ParseKeyValueStore ($CertVal->"issuer") ]->"CN")) ] . "\n" . \ + [ $FormatLine "Issuer" [ $EitherOr ($CertVal->"ca") [ $FormatCertChain $Cert ] ] ] . "\n" . \ "Validity:\n" . \ [ $FormatLine " from" ($CertVal->"invalid-before") ] . "\n" . \ [ $FormatLine " to" ($CertVal->"invalid-after") ] . "\n" . \ @@ -105,6 +125,7 @@ $WaitFullyConnected; :foreach Cert in=[ /certificate/find where !revoked !ca !scep-url expires-after<$CertRenewTime ] do={ :local CertVal [ /certificate/get $Cert ]; + :local CertNew; :local LastName; :do { @@ -129,7 +150,7 @@ $WaitFullyConnected; } else={ $LogPrintExit2 debug $0 ("Certificate '" . $CertVal->"name" . "' was not updated, but replaced.") false; - :local CertNew [ /certificate/find where name~("^" . [ $EscapeForRegEx [ $UrlEncode $LastName ] ] . "\\.(p12|pem)_[0-9]+\$") \ + :set CertNew [ /certificate/find where name~("^" . [ $EscapeForRegEx [ $UrlEncode $LastName ] ] . "\\.(p12|pem)_[0-9]+\$") \ (common-name=($CertVal->"common-name") or subject-alt-name~("(^|\\W)(DNS|IP):" . [ $EscapeForRegEx $LastName ] . "(\\W|\$)")) \ fingerprint!=[ :tostr ($CertVal->"fingerprint") ] expires-after>$CertRenewTime ]; :local CertNewVal [ /certificate/get $CertNew ]; @@ -158,7 +179,7 @@ $WaitFullyConnected; $SendNotification2 ({ origin=$0; silent=true; \ subject=([ $SymbolForNotification "lock-with-ink-pen" ] . "Certificate renewed: " . ($CertVal->"name")); \ - message=("A certificate on " . $Identity . " has been renewed.\n\n" . [ $FormatInfo $CertVal ]) }); + message=("A certificate on " . $Identity . " has been renewed.\n\n" . [ $FormatInfo $CertNew ]) }); $LogPrintExit2 info $0 ("The certificate " . ($CertVal->"name") . " has been renewed.") false; } on-error={ $LogPrintExit2 debug $0 ("Could not renew certificate " . ($CertVal->"name") . ".") false; @@ -176,7 +197,7 @@ $WaitFullyConnected; $SendNotification2 ({ origin=$0; \ subject=([ $SymbolForNotification "warning-sign" ] . "Certificate warning: " . ($CertVal->"name")); \ - message=("A certificate on " . $Identity . " " . $State . ".\n\n" . [ $FormatInfo $CertVal ]) }); + message=("A certificate on " . $Identity . " " . $State . ".\n\n" . [ $FormatInfo $Cert ]) }); $LogPrintExit2 info $0 ("The certificate " . ($CertVal->"name") . " " . $State . \ ", it is invalid after " . ($CertVal->"invalid-after") . ".") false; } From a08df7bdec4a7ddbd758d5066fc59ebb17709413 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Dec 2023 12:14:52 +0100 Subject: [PATCH 051/908] check-certificates: prevent infinte loop --- check-certificates.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index b6336ff..c501a28 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -95,7 +95,7 @@ :local CertVal [ /certificate/get $Cert ]; :local Return ""; - :while (true) do={ + :for I from=0 to=3 do={ :set Return ($Return . [ $ParseKeyValueStore ($CertVal->"issuer") ]->"CN"); :if (($CertVal->"akid") = "" || ($CertVal->"akid") = ($CertVal->"skid")) do={ :return $Return; @@ -103,6 +103,7 @@ :set Return ($Return . " -> "); :set CertVal [ /certificate/get [ find where skid=($CertVal->"akid") ] ]; } + :return ($Return . "..."); } :local CertVal [ /certificate/get $Cert ]; From 8de6995c4b38f80439f0b70dc19f747f4f58f83d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Dec 2023 12:35:13 +0100 Subject: [PATCH 052/908] check-certificates: add workaround for broken certificates... ... where the issuer array is borked. Or is this a RouterOS issue? [eworm@carpo] > $InspectVar [ $ParseKeyValueStore [ /certificate/get ISRG-Root-X2 issuer ] ] -type-> array -key-> C -type-> str -value-> US,O=Internet Security Research Group,CN=ISRG Root X2 A good certificate looks like this: [eworm@carpo] > $InspectVar [ $ParseKeyValueStore [ /certificate/get [ find where name~"eworm.net" ] issuer ] ] -type-> array -key-> C -type-> str -value-> US -key-> CN -type-> str -value-> E1 -key-> O -type-> str -value-> Let's Encrypt --- check-certificates.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index c501a28..87ad1e5 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -90,18 +90,20 @@ :local FormatCertChain do={ :local Cert $1; + :global EitherOr; :global ParseKeyValueStore; :local CertVal [ /certificate/get $Cert ]; :local Return ""; :for I from=0 to=3 do={ - :set Return ($Return . [ $ParseKeyValueStore ($CertVal->"issuer") ]->"CN"); + :set Return ($Return . [ $EitherOr ([ $ParseKeyValueStore ($CertVal->"issuer") ]->"CN") \ + ([ $ParseKeyValueStore (($CertVal->"issuer")->0) ]->"CN") ]); + :set CertVal [ /certificate/get [ find where skid=($CertVal->"akid") ] ]; :if (($CertVal->"akid") = "" || ($CertVal->"akid") = ($CertVal->"skid")) do={ :return $Return; } :set Return ($Return . " -> "); - :set CertVal [ /certificate/get [ find where skid=($CertVal->"akid") ] ]; } :return ($Return . "..."); } From a12ccba29e93372e81e41ed1ceeb57cba74e3602 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Dec 2023 12:53:50 +0100 Subject: [PATCH 053/908] check-certificates: improve wording --- check-certificates.rsc | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index 87ad1e5..bc6f43a 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -80,7 +80,6 @@ :global FormatLine; :global FormatMultiLines; :global IfThenElse; - :global EitherOr; :local FormatExpire do={ :global CharacterReplace; @@ -96,7 +95,7 @@ :local CertVal [ /certificate/get $Cert ]; :local Return ""; - :for I from=0 to=3 do={ + :for I from=0 to=5 do={ :set Return ($Return . [ $EitherOr ([ $ParseKeyValueStore ($CertVal->"issuer") ]->"CN") \ ([ $ParseKeyValueStore (($CertVal->"issuer")->0) ]->"CN") ]); :set CertVal [ /certificate/get [ find where skid=($CertVal->"akid") ] ]; @@ -116,7 +115,7 @@ [ $IfThenElse ([ :len ($CertVal->"subject-alt-name") ] > 0) ([ $FormatMultiLines "SubjectAltNames" ($CertVal->"subject-alt-name") ] . "\n") ] . \ [ $FormatLine "Private key" [ $IfThenElse (($CertVal->"private-key") = true) "available" "missing" ] ] . "\n" . \ [ $FormatLine "Fingerprint" ($CertVal->"fingerprint") ] . "\n" . \ - [ $FormatLine "Issuer" [ $EitherOr ($CertVal->"ca") [ $FormatCertChain $Cert ] ] ] . "\n" . \ + [ $IfThenElse ([ :len ($CertVal->"ca") ] > 0) [ $FormatLine "Issuer" ($CertVal->"ca") ] [ $FormatLine "Issuer chain" [ $FormatCertChain $Cert ] ] ] . "\n" . \ "Validity:\n" . \ [ $FormatLine " from" ($CertVal->"invalid-before") ] . "\n" . \ [ $FormatLine " to" ($CertVal->"invalid-after") ] . "\n" . \ From 9fb596135e335f0ca4cfc1a8ad6047b58ba319d5 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Dec 2023 22:10:15 +0100 Subject: [PATCH 054/908] check-certificates: properly renew from template --- check-certificates.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index bc6f43a..45e18e4 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -146,7 +146,7 @@ $WaitFullyConnected; } } - :if ($CertVal->"fingerprint" != [ /certificate/get $Cert fingerprint ]) do={ + :if ([ :len ($CertVal->"fingerprint") ] > 0 && $CertVal->"fingerprint" != [ /certificate/get $Cert fingerprint ]) do={ $LogPrintExit2 debug $0 ("Certificate '" . $CertVal->"name" . "' was updated in place.") false; :set CertVal [ /certificate/get $Cert ]; } else={ From d3611cebbd6ae725b209bbc82a65751d8e8f5770 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Dec 2023 22:21:51 +0100 Subject: [PATCH 055/908] mod/notification-email: $NotificationFunctions->"email": support hook for signature You can compose your own signature by creating a function: :global NotificationEMailSignature do={ :global EitherOr; :local RouterBoard [ /system/routerboard/get ]; :return ( \ [ $EitherOr ($RouterBoard->"board-name") ($RouterBoard->"model") ] . " s/n " . $RouterBoard->"serial-number" . " | " . \ "RouterOS " . [ /system/package/update/get installed-version ] . " | " . \ "IP " . [ /ip/cloud/get public-address ]); } --- mod/notification-email.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index e10353c..5d5aed1 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -131,6 +131,7 @@ :global EitherOr; :global IfThenElse; + :global NotificationEMailSignature; :global NotificationEMailSubject; :local To [ $EitherOr ($EmailGeneralToOverride->($Notification->"origin")) $EmailGeneralTo ]; @@ -144,7 +145,7 @@ :if ([ :typeof $EmailQueue ] = "nothing") do={ :set EmailQueue ({}); } - :local Signature [ /system/note/get note ]; + :local Signature [ $EitherOr [ $NotificationEMailSignature ] [ /system/note/get note ] ]; :set ($EmailQueue->[ :len $EmailQueue ]) { to=$To; cc=$Cc; subject=[ $NotificationEMailSubject ($Notification->"subject") ]; From 52b8e67309ce8497482bf057cc0934badb8cefe8 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 27 Nov 2023 18:30:11 +0100 Subject: [PATCH 056/908] =?UTF-8?q?celebrating=20=E2=9C=A8=E2=AD=90=201.00?= =?UTF-8?q?0=20stars=20=E2=AD=90=E2=9C=A8=20on=20Github!?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- global-functions.rsc | 3 ++- news-and-changes.rsc | 2 ++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 34d3df0..93da798 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -12,7 +12,7 @@ :local 0 "global-functions"; # expected configuration version -:global ExpectedConfigVersion 114; +:global ExpectedConfigVersion 115; # global variables not to be changed by user :global GlobalFunctionsReady false; @@ -1320,6 +1320,7 @@ "scissors"="\E2\9C\82"; "sparkles"="\E2\9C\A8"; "speech-balloon"="\F0\9F\92\AC"; + "star"="\E2\AD\90"; "warning-sign"="\E2\9A\A0"; "white-heavy-check-mark"="\E2\9C\85" } diff --git a/news-and-changes.rsc b/news-and-changes.rsc index f4c50c2..1040a67 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -4,6 +4,7 @@ :global IfThenElse; :global RequiredRouterOS; +:global SymbolForNotification; # News, changes and migration up to change 95: # https://git.eworm.de/cgit/routeros-scripts/plain/global-config.changes?h=change-95 @@ -29,6 +30,7 @@ 112="Enhanced 'mod/ssh-keys-import' to record the fingerprint of keys."; 113="Added helper functions for easier setup to Matrix notification module."; 114="All relevant scripts were ported to new wifi package for RouterOS 7.13 and later. Migration is complex and thus not done automatically!"; + 115=("Celebrating " . [ $SymbolForNotification "sparkles,star" ] . "1.000 stars " . [ $SymbolForNotification "star,sparkles" ] . "on Github! Please continue starring..."); }; # Migration steps to be applied on script updates From 69af86957271e51fddd8a34a1135fe0c95d7cbca Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 27 Nov 2023 18:38:57 +0100 Subject: [PATCH 057/908] mention the donation hint... --- global-functions.rsc | 4 +++- news-and-changes.rsc | 5 +++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 93da798..952f869 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -12,7 +12,7 @@ :local 0 "global-functions"; # expected configuration version -:global ExpectedConfigVersion 115; +:global ExpectedConfigVersion 116; # global variables not to be changed by user :global GlobalFunctionsReady false; @@ -1297,6 +1297,7 @@ :local Symbols { "abacus"="\F0\9F\A7\AE"; "alarm-clock"="\E2\8F\B0"; + "arrow-down"="\E2\AC\87"; "arrow-up"="\E2\AC\86"; "calendar"="\F0\9F\93\85"; "card-file-box"="\F0\9F\97\83"; @@ -1307,6 +1308,7 @@ "earth"="\F0\9F\8C\8D"; "fire"="\F0\9F\94\A5"; "floppy-disk"="\F0\9F\92\BE"; + "heart"="\E2\99\A5"; "high-voltage-sign"="\E2\9A\A1"; "incoming-envelope"="\F0\9F\93\A8"; "information"="\E2\84\B9"; diff --git a/news-and-changes.rsc b/news-and-changes.rsc index 1040a67..11b4e61 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -2,6 +2,8 @@ # Copyright (c) 2019-2023 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +:global IDonate; + :global IfThenElse; :global RequiredRouterOS; :global SymbolForNotification; @@ -31,6 +33,9 @@ 113="Added helper functions for easier setup to Matrix notification module."; 114="All relevant scripts were ported to new wifi package for RouterOS 7.13 and later. Migration is complex and thus not done automatically!"; 115=("Celebrating " . [ $SymbolForNotification "sparkles,star" ] . "1.000 stars " . [ $SymbolForNotification "star,sparkles" ] . "on Github! Please continue starring..."); + 116=("... and also please keep in mind that it takes a huge amount of time maintaining these scripts. " . [ $IfThenElse ($IDonate != true) \ + ("Following the donation hint " . [ $SymbolForNotification "arrow-down" "below" ] . "to keep me motivated is much appreciated. Thanks!") \ + ("Looks like you did donate already. " . [ $SymbolForNotification "heart" "<3" ] . "Much appreciated, thanks!") ]); }; # Migration steps to be applied on script updates From db5ff00b5ae6592c7996f1044230595a8936ce92 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 5 Dec 2023 10:59:23 +0100 Subject: [PATCH 058/908] doc/capsman-download-packages: mention package-path --- doc/capsman-download-packages.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/doc/capsman-download-packages.md b/doc/capsman-download-packages.md index ccd2ee5..eae6dc3 100644 --- a/doc/capsman-download-packages.md +++ b/doc/capsman-download-packages.md @@ -18,7 +18,11 @@ This script automatically downloads these packages. Requirements and installation ----------------------------- -Just install the script on CAPsMAN device. +Make sure you have the `package-path` set in your CAPsMAN configuration, +as that is where packages are downloaded to and where the system expects +them. + +Then just install the script on CAPsMAN device. Depending on whether you use `wifi` package (`/interface/wifi`), `wifiwave2` package (`/interface/wifiwave2`) or legacy wifi with CAPsMAN (`/caps-man`) you need to install a different script. From f9528f0ac55da4ce2ef904dc10760012a68ae75a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 13 Dec 2023 15:57:28 +0100 Subject: [PATCH 059/908] fw-addr-lists: warn on possible truncation ... as fetch truncates data at about 64kB, reported in SUP-132297. --- fw-addr-lists.rsc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 845b597..34a06bc 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -16,6 +16,7 @@ :global CertificateAvailable; :global EitherOr; :global LogPrintExit2; +:global LogPrintOnce; :global ScriptLock; :global WaitFullyConnected; @@ -72,6 +73,10 @@ $WaitFullyConnected; $LogPrintExit2 warning $0 ("Failed downloading list from: " . $List->"url") false; } + :if ([ :len $Data ] > 63000) do={ + $LogPrintOnce warning $0 ("The list is huge and may be truncated: " . $List->"url"); + } + :while ([ :len $Data ] != 0) do={ :local Line [ :pick $Data 0 [ :find $Data "\n" ] ]; :local Address ([ :pick $Line 0 [ $FindDelim $Line ] ] . ($List->"cidr")); From 5fdc8d9e65a9a37377e53ceb4b15258d734e764f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 14 Dec 2023 08:54:04 +0100 Subject: [PATCH 060/908] doc/mode-button: document required type of led --- doc/mode-button.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/mode-button.md b/doc/mode-button.md index 6374b83..38a4b11 100644 --- a/doc/mode-button.md +++ b/doc/mode-button.md @@ -52,7 +52,7 @@ Configuration The configuration goes to `global-config-overlay`, these are the parameters: * `ModeButton`: an array with defined actions -* `ModeButtonLED`: led to give visual feedback +* `ModeButtonLED`: led to give visual feedback, `type` must be `on` or `off` > ℹ️ **Info**: Copy relevant configuration from > [`global-config`](../global-config.rsc) (the one without `-overlay`) to From 5aaa24b50737686f81bf16ec22c39f1b7a596420 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 20 Dec 2023 12:11:12 +0100 Subject: [PATCH 061/908] capsman-download-packages: use default set for legacy capsman... ... as well - now that 'wireless' package has been split from 'routeros' guessing kind of broke. It required several attempts and intermittent errors in logs to get things right. --- capsman-download-packages.capsman.rsc | 31 ++++++-------------- capsman-download-packages.template.rsc | 39 ++++++-------------------- doc/capsman-download-packages.md | 5 ++-- 3 files changed, 18 insertions(+), 57 deletions(-) diff --git a/capsman-download-packages.capsman.rsc b/capsman-download-packages.capsman.rsc index 99ff052..a42edd5 100644 --- a/capsman-download-packages.capsman.rsc +++ b/capsman-download-packages.capsman.rsc @@ -53,29 +53,14 @@ $WaitFullyConnected; } } -:if ([ :len [ /system/logging/find where topics~"error" !(topics~"!error") \ - !(topics~"!caps") action=memory !disabled !invalid ] ] < 1) do={ - $LogPrintExit2 warning $0 ("Looks like error messages for 'caps' are not sent to memory. " . \ - "Probably can not download packages automatically.") false; -} else={ - :if ($Updated = false && [ /system/resource/get uptime ] < 2m) do={ - $LogPrintExit2 info $0 ("No packages downloaded, yet. Delaying for logs.") false; - :delay 2m; - } -} - -:foreach Log in=[ /log/find where topics=({"caps"; "error"}) \ - message~("upgrade status: failed, failed to download file '.*-" . $InstalledVersion . \ - "-.*\\.npk', no such file") ] do={ - :local Message [ /log/get $Log message ]; - :local Package [ :pick $Message \ - ([ :find $Message "'" ] + 1) \ - [ :find $Message ("-" . $InstalledVersion . "-") ] ]; - :local Arch [ :pick $Message \ - ([ :find $Message ("-" . $InstalledVersion . "-") ] + 2 + [ :len $InstalledVersion ]) \ - [ :find $Message ".npk" ] ]; - :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={ - :set Updated true; +:if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={ + $LogPrintExit2 info $0 ("No packages available, downloading default set.") false; + :foreach Arch in={ "arm"; "mipsbe" } do={ + :foreach Package in={ "routeros"; "wireless" } do={ + :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={ + :set Updated true; + } + } } } diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index 7b37c36..299c2fc 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -56,38 +56,15 @@ $WaitFullyConnected; } } -# NOT /interface/wifi/ # -# NOT /interface/wifiwave2/ # -:if ([ :len [ /system/logging/find where topics~"error" !(topics~"!error") \ - !(topics~"!caps") action=memory !disabled !invalid ] ] < 1) do={ - $LogPrintExit2 warning $0 ("Looks like error messages for 'caps' are not sent to memory. " . \ - "Probably can not download packages automatically.") false; -} else={ - :if ($Updated = false && [ /system/resource/get uptime ] < 2m) do={ - $LogPrintExit2 info $0 ("No packages downloaded, yet. Delaying for logs.") false; - :delay 2m; - } -} - -:foreach Log in=[ /log/find where topics=({"caps"; "error"}) \ - message~("upgrade status: failed, failed to download file '.*-" . $InstalledVersion . \ - "-.*\\.npk', no such file") ] do={ - :local Message [ /log/get $Log message ]; - :local Package [ :pick $Message \ - ([ :find $Message "'" ] + 1) \ - [ :find $Message ("-" . $InstalledVersion . "-") ] ]; - :local Arch [ :pick $Message \ - ([ :find $Message ("-" . $InstalledVersion . "-") ] + 2 + [ :len $InstalledVersion ]) \ - [ :find $Message ".npk" ] ]; - :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={ - :set Updated true; - } -} -# NOT /interface/wifiwave2/ # -# NOT /interface/wifi/ # -# NOT /caps-man/ # :if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={ $LogPrintExit2 info $0 ("No packages available, downloading default set.") false; +# NOT /interface/wifi/ # +# NOT /interface/wifiwave2/ # + :foreach Arch in={ "arm"; "mipsbe" } do={ + :foreach Package in={ "routeros"; "wireless" } do={ +# NOT /interface/wifi/ # +# NOT /interface/wifiwave2/ # +# NOT /caps-man/ # :foreach Arch in={ "arm"; "arm64" } do={ # NOT /interface/wifi/ # :foreach Package in={ "routeros"; "wifiwave2" } do={ @@ -95,13 +72,13 @@ $WaitFullyConnected; # NOT /interface/wifiwave2/ # :foreach Package in={ "routeros"; "wifi-qcom"; "wifi-qcom-ac" } do={ # NOT /interface/wifiwave2/ # +# NOT /caps-man/ # :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={ :set Updated true; } } } } -# NOT /caps-man/ # :if ($Updated = true) do={ :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade\n" ]->0); diff --git a/doc/capsman-download-packages.md b/doc/capsman-download-packages.md index eae6dc3..1292504 100644 --- a/doc/capsman-download-packages.md +++ b/doc/capsman-download-packages.md @@ -55,12 +55,11 @@ For legacy CAPsMAN: Packages available in local storage in older version are downloaded unconditionally. -If no packages are found the script tries to download missing packages for -legacy CAPsMAN by guessing from system log. For `wifi` and `wifiwave2` a -default set of packages is downloaded. +If no packages are found the script downloads a default set of packages: * `wifi`: `routeros`, `wifi-qcom` and `wifi-qcom-ac` for *arm* and *arm64* * `wifiwave2`: `routeros` and `wifiwave2` for *arm* and *arm64* + * legacy CAPsMAN: `routeros` and `wireless` for *arm* and *mipsbe* > ℹ️ **Info**: If you have packages in the directory and things go wrong for > what ever unknown reason: Remove **all** packages and start over. From 0377064f65e124aa7ce060f18310fb65976b412e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 20 Dec 2023 12:29:24 +0100 Subject: [PATCH 062/908] capsman-download-packages: avaiable packages only... ... as things became more complicated with 'wifi-qcom*'. --- capsman-download-packages.template.rsc | 4 +++- capsman-download-packages.wifi.rsc | 4 +++- doc/capsman-download-packages.md | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index 299c2fc..8cbd733 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -70,7 +70,9 @@ $WaitFullyConnected; :foreach Package in={ "routeros"; "wifiwave2" } do={ # NOT /interface/wifi/ # # NOT /interface/wifiwave2/ # - :foreach Package in={ "routeros"; "wifi-qcom"; "wifi-qcom-ac" } do={ + :local Packages { "arm"={ "routeros"; "wifi-qcom"; "wifi-qcom-ac" }; + "arm64"={ "routeros"; "wifi-qcom" } }; + :foreach Package in=($Packages->$Arch) do={ # NOT /interface/wifiwave2/ # # NOT /caps-man/ # :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={ diff --git a/capsman-download-packages.wifi.rsc b/capsman-download-packages.wifi.rsc index 3552924..89fe0dc 100644 --- a/capsman-download-packages.wifi.rsc +++ b/capsman-download-packages.wifi.rsc @@ -56,7 +56,9 @@ $WaitFullyConnected; :if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={ $LogPrintExit2 info $0 ("No packages available, downloading default set.") false; :foreach Arch in={ "arm"; "arm64" } do={ - :foreach Package in={ "routeros"; "wifi-qcom"; "wifi-qcom-ac" } do={ + :local Packages { "arm"={ "routeros"; "wifi-qcom"; "wifi-qcom-ac" }; + "arm64"={ "routeros"; "wifi-qcom" } }; + :foreach Package in=($Packages->$Arch) do={ :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={ :set Updated true; } diff --git a/doc/capsman-download-packages.md b/doc/capsman-download-packages.md index 1292504..5b9550d 100644 --- a/doc/capsman-download-packages.md +++ b/doc/capsman-download-packages.md @@ -57,7 +57,7 @@ unconditionally. If no packages are found the script downloads a default set of packages: - * `wifi`: `routeros`, `wifi-qcom` and `wifi-qcom-ac` for *arm* and *arm64* + * `wifi`: `routeros` and `wifi-qcom` for *arm* and *arm64*, `wifi-qcom-ac` for *arm* * `wifiwave2`: `routeros` and `wifiwave2` for *arm* and *arm64* * legacy CAPsMAN: `routeros` and `wireless` for *arm* and *mipsbe* From 1c26d082673e9b72638a3001ab9bedce9399407a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 21 Dec 2023 11:33:09 +0100 Subject: [PATCH 063/908] mod/ssh-keys-import: unbreak import from file Looks like this broke in c3045f372350bd8dd0a8f10efb8a4b938e896145 where a non-existent variable name was used. --- mod/ssh-keys-import.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mod/ssh-keys-import.rsc b/mod/ssh-keys-import.rsc index 1513114..79c1e22 100644 --- a/mod/ssh-keys-import.rsc +++ b/mod/ssh-keys-import.rsc @@ -85,7 +85,7 @@ :local Continue false; :local Line [ :pick $Keys 0 [ :find $Keys "\n" ] ]; :set Keys [ :pick $Keys ([ :find $Keys "\n" ] + 1) [ :len $Keys ] ]; - :local KeyVal [ :toarray [ $CharacterReplace $Key " " "," ] ]; + :local KeyVal [ :toarray [ $CharacterReplace $Line " " "," ] ]; :if ($KeyVal->0 = "ssh-ed25519" || $KeyVal->0 = "ssh-rsa") do={ :do { $SSHKeysImport $Line $User; From 777c388b431ca0673ccec833358590af69d8eeb7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 22 Dec 2023 14:47:54 +0100 Subject: [PATCH 064/908] global-functions: $GetMacVendor: get new certificate The service now uses: GTS CA 1P5 -> GTS Root R1 --- certs/GTS CA 1P5.pem | 238 +++++++++++++++++++++++++++++++++++++++++++ global-functions.rsc | 2 +- 2 files changed, 239 insertions(+), 1 deletion(-) create mode 100644 certs/GTS CA 1P5.pem diff --git a/certs/GTS CA 1P5.pem b/certs/GTS CA 1P5.pem new file mode 100644 index 0000000..5be738d --- /dev/null +++ b/certs/GTS CA 1P5.pem @@ -0,0 +1,238 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 02:03:bc:50:a3:27:53:f0:91:80:22:ed:f1 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, O=Google Trust Services LLC, CN=GTS Root R1 + Validity + Not Before: Aug 13 00:00:42 2020 GMT + Not After : Sep 30 00:00:42 2027 GMT + Subject: C=US, O=Google Trust Services LLC, CN=GTS CA 1P5 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:b3:82:f0:24:8c:bf:2d:87:af:b2:d9:a7:ae:fa: + ca:ba:44:d6:5b:3e:fe:b2:f7:b2:65:16:dc:de:10: + e8:4f:2d:10:58:5a:28:86:87:a1:ee:6a:b3:a0:d9: + 75:4f:7f:a1:52:01:8b:55:a8:4a:5b:06:48:c8:36: + 12:25:ab:89:f9:f2:23:5f:9d:60:65:f9:5c:da:be: + 3a:e8:5c:6d:7d:9c:d0:84:18:85:30:cd:4e:9b:ec: + 3c:d8:b3:e1:96:d4:f3:c5:0b:65:db:8f:b0:74:cb: + f6:1e:f3:78:f1:ac:95:c5:dd:73:c3:31:88:81:af: + 74:aa:6f:fd:0c:e3:05:95:f0:c5:10:4f:65:63:fa: + a0:af:c6:18:3d:c5:a1:df:97:79:d7:05:89:b3:30: + b0:74:ae:3d:92:10:6b:8c:15:77:dd:0b:04:57:fb: + 81:03:dd:ea:22:34:d5:e5:56:b2:f0:c4:8d:41:b1: + c3:02:db:62:ec:80:d0:ff:76:d4:86:e4:04:1a:b6: + b6:0c:2b:62:71:7d:d9:af:d9:f1:5e:fa:c0:1e:ca: + a0:19:5c:55:f0:80:d1:2a:0c:07:86:90:9f:35:e3: + 28:2b:5b:ef:23:c8:a3:1d:a4:a3:3a:ee:fe:83:dc: + 82:4c:25:b0:4d:c5:51:ad:9e:9b:d3:5b:84:c2:1a: + 5a:e9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Key Usage: critical + Digital Signature, Certificate Sign, CRL Sign + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + X509v3 Basic Constraints: critical + CA:TRUE, pathlen:0 + X509v3 Subject Key Identifier: + D5:FC:9E:0D:DF:1E:CA:DD:08:97:97:6E:2B:C5:5F:C5:2B:F5:EC:B8 + X509v3 Authority Key Identifier: + E4:AF:2B:26:71:1A:2B:48:27:85:2F:52:66:2C:EF:F0:89:13:71:3E + Authority Information Access: + OCSP - URI:http://ocsp.pki.goog/gtsr1 + CA Issuers - URI:http://pki.goog/repo/certs/gtsr1.der + X509v3 CRL Distribution Points: + Full Name: + URI:http://crl.pki.goog/gtsr1/gtsr1.crl + X509v3 Certificate Policies: + Policy: 1.3.6.1.4.1.11129.2.5.3 + CPS: https://pki.goog/repository/ + Policy: 2.23.140.1.2.1 + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 6c:63:27:ee:23:df:e5:52:68:4d:81:66:91:85:df:7d:65:e5: + 5b:37:31:08:26:b2:07:5d:9a:be:b1:ca:01:b9:ad:bf:9d:77: + f6:51:1d:d7:98:c5:0b:49:a1:7b:a1:d7:d3:68:e5:44:0f:8b: + ba:36:dd:42:82:77:d2:8d:dd:f5:3f:fb:eb:c8:07:98:93:ee: + 5a:d0:b5:3d:de:4b:1c:2d:8c:4d:ec:7e:8c:7b:fe:4e:40:fd: + f0:b4:b3:59:02:10:51:5c:e3:c0:2b:fd:b7:06:48:51:7e:09: + 5e:3f:0f:dc:a7:fe:97:e7:79:c5:0e:44:89:78:c5:69:59:29: + a0:9a:3a:48:36:29:a6:94:93:55:2d:b8:47:b5:e9:96:b5:9f: + 07:cd:a6:ab:3e:32:8a:c0:86:83:c5:c1:41:c8:9f:2f:35:8e: + 0d:c0:07:7a:e1:ac:c9:65:b5:cb:8a:a7:dd:71:d8:61:65:39: + 84:ac:32:3e:f7:7a:36:f1:56:9f:57:a9:41:6d:5a:90:a7:db: + 3a:ea:75:80:0c:63:0b:69:74:6f:07:4c:15:f3:37:28:a5:19: + a4:6e:f5:f6:20:cd:63:b2:7e:c4:2b:09:75:89:da:d1:3c:2e: + 72:4f:36:1a:a1:9e:44:d0:cd:9b:a6:23:08:3f:97:a1:a7:9e: + 5a:a5:f7:09:94:ad:5d:76:5d:28:56:d1:1a:66:51:51:07:7b: + de:3d:b0:c8:ef:30:7a:24:2d:be:b8:b3:86:f6:4b:f7:f0:b5: + 4f:ff:ce:c6:f9:f6:3f:2a:27:08:0f:09:3e:23:5a:c7:e3:42: + 2d:7a:36:e4:3d:98:96:60:39:98:ea:d1:db:63:2a:eb:78:09: + b1:4e:21:b3:8e:b7:ce:3e:92:f1:95:5c:a4:39:d0:c0:2b:c8: + 53:15:f5:d2:2f:82:cd:06:74:67:99:90:77:37:0a:97:2d:c5: + 1c:1e:f4:d0:5b:e9:15:e3:ea:02:09:c8:13:d7:13:70:65:bf: + fb:88:9b:5a:25:be:77:09:e1:a7:6a:4e:11:75:b9:1e:4d:f1: + 00:1b:6a:66:79:8e:c3:6e:d8:6d:a2:22:a2:6d:05:fb:2c:f2: + f1:50:e5:a0:d1:d8:9f:35:7d:fc:70:ab:59:2a:02:f1:be:b0: + d3:f1:f8:cd:12:b9:6a:25:90:5b:e3:85:20:e6:f5:da:cb:40: + 1c:19:34:20:03:61:77:ba:7f:48:0f:49:0b:29:eb:e7:61:64: + c7:63:d1:47:eb:1c:e1:ee:94:46:ef:39:73:cc:ee:4f:2b:8d: + dc:fb:58:a7:b3:65:20:99:95:b9:fb:55:6f:d7:96:6e:94:3d: + f4:7a:92:8e:63:1d:df:6d +-----BEGIN CERTIFICATE----- +MIIFjDCCA3SgAwIBAgINAgO8UKMnU/CRgCLt8TANBgkqhkiG9w0BAQsFADBHMQsw +CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU +MBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw +MDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp +Y2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFQNTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBALOC8CSMvy2Hr7LZp676yrpE1ls+/rL3smUW3N4Q6E8tEFha +KIaHoe5qs6DZdU9/oVIBi1WoSlsGSMg2EiWrifnyI1+dYGX5XNq+OuhcbX2c0IQY +hTDNTpvsPNiz4ZbU88ULZduPsHTL9h7zePGslcXdc8MxiIGvdKpv/QzjBZXwxRBP +ZWP6oK/GGD3Fod+XedcFibMwsHSuPZIQa4wVd90LBFf7gQPd6iI01eVWsvDEjUGx +wwLbYuyA0P921IbkBBq2tgwrYnF92a/Z8V76wB7KoBlcVfCA0SoMB4aQnzXjKCtb +7yPIox2kozru/oPcgkwlsE3FUa2em9NbhMIaWukCAwEAAaOCAXYwggFyMA4GA1Ud +DwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T +AQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU1fyeDd8eyt0Il5duK8VfxSv17LgwHwYD +VR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG +CCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw +AoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt +MCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsME0G +A1UdIARGMEQwOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br +aS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATANBgkqhkiG9w0BAQsFAAOCAgEA +bGMn7iPf5VJoTYFmkYXffWXlWzcxCCayB12avrHKAbmtv5139lEd15jFC0mhe6HX +02jlRA+LujbdQoJ30o3d9T/768gHmJPuWtC1Pd5LHC2MTex+jHv+TkD98LSzWQIQ +UVzjwCv9twZIUX4JXj8P3Kf+l+d5xQ5EiXjFaVkpoJo6SDYpppSTVS24R7XplrWf +B82mqz4yisCGg8XBQcifLzWODcAHeuGsyWW1y4qn3XHYYWU5hKwyPvd6NvFWn1ep +QW1akKfbOup1gAxjC2l0bwdMFfM3KKUZpG719iDNY7J+xCsJdYna0Twuck82GqGe +RNDNm6YjCD+XoaeeWqX3CZStXXZdKFbRGmZRUQd73j2wyO8weiQtvrizhvZL9/C1 +T//Oxvn2PyonCA8JPiNax+NCLXo25D2YlmA5mOrR22Mq63gJsU4hs463zj6S8ZVc +pDnQwCvIUxX10i+CzQZ0Z5mQdzcKly3FHB700FvpFePqAgnIE9cTcGW/+4ibWiW+ +dwnhp2pOEXW5Hk3xABtqZnmOw27YbaIiom0F+yzy8VDloNHYnzV9/HCrWSoC8b6w +0/H4zRK5aiWQW+OFIOb12stAHBk0IANhd7p/SA9JCynr52Fkx2PRR+sc4e6URu85 +c8zuTyuN3PtYp7NlIJmVuftVb9eWbpQ99HqSjmMd320= +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 02:03:e5:93:6f:31:b0:13:49:88:6b:a2:17 + Signature Algorithm: sha384WithRSAEncryption + Issuer: C=US, O=Google Trust Services LLC, CN=GTS Root R1 + Validity + Not Before: Jun 22 00:00:00 2016 GMT + Not After : Jun 22 00:00:00 2036 GMT + Subject: C=US, O=Google Trust Services LLC, CN=GTS Root R1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (4096 bit) + Modulus: + 00:b6:11:02:8b:1e:e3:a1:77:9b:3b:dc:bf:94:3e: + b7:95:a7:40:3c:a1:fd:82:f9:7d:32:06:82:71:f6: + f6:8c:7f:fb:e8:db:bc:6a:2e:97:97:a3:8c:4b:f9: + 2b:f6:b1:f9:ce:84:1d:b1:f9:c5:97:de:ef:b9:f2: + a3:e9:bc:12:89:5e:a7:aa:52:ab:f8:23:27:cb:a4: + b1:9c:63:db:d7:99:7e:f0:0a:5e:eb:68:a6:f4:c6: + 5a:47:0d:4d:10:33:e3:4e:b1:13:a3:c8:18:6c:4b: + ec:fc:09:90:df:9d:64:29:25:23:07:a1:b4:d2:3d: + 2e:60:e0:cf:d2:09:87:bb:cd:48:f0:4d:c2:c2:7a: + 88:8a:bb:ba:cf:59:19:d6:af:8f:b0:07:b0:9e:31: + f1:82:c1:c0:df:2e:a6:6d:6c:19:0e:b5:d8:7e:26: + 1a:45:03:3d:b0:79:a4:94:28:ad:0f:7f:26:e5:a8: + 08:fe:96:e8:3c:68:94:53:ee:83:3a:88:2b:15:96: + 09:b2:e0:7a:8c:2e:75:d6:9c:eb:a7:56:64:8f:96: + 4f:68:ae:3d:97:c2:84:8f:c0:bc:40:c0:0b:5c:bd: + f6:87:b3:35:6c:ac:18:50:7f:84:e0:4c:cd:92:d3: + 20:e9:33:bc:52:99:af:32:b5:29:b3:25:2a:b4:48: + f9:72:e1:ca:64:f7:e6:82:10:8d:e8:9d:c2:8a:88: + fa:38:66:8a:fc:63:f9:01:f9:78:fd:7b:5c:77:fa: + 76:87:fa:ec:df:b1:0e:79:95:57:b4:bd:26:ef:d6: + 01:d1:eb:16:0a:bb:8e:0b:b5:c5:c5:8a:55:ab:d3: + ac:ea:91:4b:29:cc:19:a4:32:25:4e:2a:f1:65:44: + d0:02:ce:aa:ce:49:b4:ea:9f:7c:83:b0:40:7b:e7: + 43:ab:a7:6c:a3:8f:7d:89:81:fa:4c:a5:ff:d5:8e: + c3:ce:4b:e0:b5:d8:b3:8e:45:cf:76:c0:ed:40:2b: + fd:53:0f:b0:a7:d5:3b:0d:b1:8a:a2:03:de:31:ad: + cc:77:ea:6f:7b:3e:d6:df:91:22:12:e6:be:fa:d8: + 32:fc:10:63:14:51:72:de:5d:d6:16:93:bd:29:68: + 33:ef:3a:66:ec:07:8a:26:df:13:d7:57:65:78:27: + de:5e:49:14:00:a2:00:7f:9a:a8:21:b6:a9:b1:95: + b0:a5:b9:0d:16:11:da:c7:6c:48:3c:40:e0:7e:0d: + 5a:cd:56:3c:d1:97:05:b9:cb:4b:ed:39:4b:9c:c4: + 3f:d2:55:13:6e:24:b0:d6:71:fa:f4:c1:ba:cc:ed: + 1b:f5:fe:81:41:d8:00:98:3d:3a:c8:ae:7a:98:37: + 18:05:95 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Key Usage: critical + Digital Signature, Certificate Sign, CRL Sign + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + E4:AF:2B:26:71:1A:2B:48:27:85:2F:52:66:2C:EF:F0:89:13:71:3E + Signature Algorithm: sha384WithRSAEncryption + Signature Value: + 9f:aa:42:26:db:0b:9b:be:ff:1e:96:92:2e:3e:a2:65:4a:6a: + 98:ba:22:cb:7d:c1:3a:d8:82:0a:06:c6:f6:a5:de:c0:4e:87: + 66:79:a1:f9:a6:58:9c:aa:f9:b5:e6:60:e7:e0:e8:b1:1e:42: + 41:33:0b:37:3d:ce:89:70:15:ca:b5:24:a8:cf:6b:b5:d2:40: + 21:98:cf:22:34:cf:3b:c5:22:84:e0:c5:0e:8a:7c:5d:88:e4: + 35:24:ce:9b:3e:1a:54:1e:6e:db:b2:87:a7:fc:f3:fa:81:55: + 14:62:0a:59:a9:22:05:31:3e:82:d6:ee:db:57:34:bc:33:95: + d3:17:1b:e8:27:a2:8b:7b:4e:26:1a:7a:5a:64:b6:d1:ac:37: + f1:fd:a0:f3:38:ec:72:f0:11:75:9d:cb:34:52:8d:e6:76:6b: + 17:c6:df:86:ab:27:8e:49:2b:75:66:81:10:21:a6:ea:3e:f4: + ae:25:ff:7c:15:de:ce:8c:25:3f:ca:62:70:0a:f7:2f:09:66: + 07:c8:3f:1c:fc:f0:db:45:30:df:62:88:c1:b5:0f:9d:c3:9f: + 4a:de:59:59:47:c5:87:22:36:e6:82:a7:ed:0a:b9:e2:07:a0: + 8d:7b:7a:4a:3c:71:d2:e2:03:a1:1f:32:07:dd:1b:e4:42:ce: + 0c:00:45:61:80:b5:0b:20:59:29:78:bd:f9:55:cb:63:c5:3c: + 4c:f4:b6:ff:db:6a:5f:31:6b:99:9e:2c:c1:6b:50:a4:d7:e6: + 18:14:bd:85:3f:67:ab:46:9f:a0:ff:42:a7:3a:7f:5c:cb:5d: + b0:70:1d:2b:34:f5:d4:76:09:0c:eb:78:4c:59:05:f3:33:42: + c3:61:15:10:1b:77:4d:ce:22:8c:d4:85:f2:45:7d:b7:53:ea: + ef:40:5a:94:0a:5c:20:5f:4e:40:5d:62:22:76:df:ff:ce:61: + bd:8c:23:78:d2:37:02:e0:8e:de:d1:11:37:89:f6:bf:ed:49: + 07:62:ae:92:ec:40:1a:af:14:09:d9:d0:4e:b2:a2:f7:be:ee: + ee:d8:ff:dc:1a:2d:de:b8:36:71:e2:fc:79:b7:94:25:d1:48: + 73:5b:a1:35:e7:b3:99:67:75:c1:19:3a:2b:47:4e:d3:42:8e: + fd:31:c8:16:66:da:d2:0c:3c:db:b3:8e:c9:a1:0d:80:0f:7b: + 16:77:14:bf:ff:db:09:94:b2:93:bc:20:58:15:e9:db:71:43: + f3:de:10:c3:00:dc:a8:2a:95:b6:c2:d6:3f:90:6b:76:db:6c: + fe:8c:bc:f2:70:35:0c:dc:99:19:35:dc:d7:c8:46:63:d5:36: + 71:ae:57:fb:b7:82:6d:dc +-----BEGIN CERTIFICATE----- +MIIFVzCCAz+gAwIBAgINAgPlk28xsBNJiGuiFzANBgkqhkiG9w0BAQwFADBHMQsw +CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU +MBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAw +MDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp +Y2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEBAQUA +A4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaMf/vo +27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vXmX7w +Cl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7zUjw +TcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0Pfybl +qAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtcvfaH +szVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4Zor8 +Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUspzBmk +MiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOORc92 +wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYWk70p +aDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+DVrN +VjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgFlQID +AQABo0IwQDAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E +FgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBAJ+qQibb +C5u+/x6Wki4+omVKapi6Ist9wTrYggoGxval3sBOh2Z5ofmmWJyq+bXmYOfg6LEe +QkEzCzc9zolwFcq1JKjPa7XSQCGYzyI0zzvFIoTgxQ6KfF2I5DUkzps+GlQebtuy +h6f88/qBVRRiClmpIgUxPoLW7ttXNLwzldMXG+gnoot7TiYaelpkttGsN/H9oPM4 +7HLwEXWdyzRSjeZ2axfG34arJ45JK3VmgRAhpuo+9K4l/3wV3s6MJT/KYnAK9y8J +ZgfIPxz88NtFMN9iiMG1D53Dn0reWVlHxYciNuaCp+0KueIHoI17eko8cdLiA6Ef +MgfdG+RCzgwARWGAtQsgWSl4vflVy2PFPEz0tv/bal8xa5meLMFrUKTX5hgUvYU/ +Z6tGn6D/Qqc6f1zLXbBwHSs09dR2CQzreExZBfMzQsNhFRAbd03OIozUhfJFfbdT +6u9AWpQKXCBfTkBdYiJ23//OYb2MI3jSNwLgjt7RETeJ9r/tSQdirpLsQBqvFAnZ +0E6yove+7u7Y/9waLd64NnHi/Hm3lCXRSHNboTXns5lndcEZOitHTtNCjv0xyBZm +2tIMPNuzjsmhDYAPexZ3FL//2wmUspO8IFgV6dtxQ/PeEMMA3KgqlbbC1j+Qa3bb +bP6MvPJwNQzcmRk13NfIRmPVNnGuV/u3gm3c +-----END CERTIFICATE----- diff --git a/global-functions.rsc b/global-functions.rsc index 952f869..c32e742 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -426,7 +426,7 @@ } :do { - :if ([ $CertificateAvailable "R3" ] = false) do={ + :if ([ $CertificateAvailable "GTS CA 1P5" ] = false) do={ $LogPrintExit2 warning $0 ("Downloading required certificate failed.") true; } :local Vendor ([ /tool/fetch check-certificate=yes-without-crl \ From 9a73fc526f1c5cbece6790f2d11049a2667856ef Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 1 Jan 2024 15:25:25 +0100 Subject: [PATCH 065/908] update copyright for 2024 --- accesslist-duplicates.capsman.rsc | 2 +- accesslist-duplicates.local.rsc | 2 +- accesslist-duplicates.template.rsc | 2 +- accesslist-duplicates.wifi.rsc | 2 +- accesslist-duplicates.wifiwave2.rsc | 2 +- backup-cloud.rsc | 2 +- backup-email.rsc | 2 +- backup-partition.rsc | 2 +- backup-upload.rsc | 2 +- capsman-download-packages.capsman.rsc | 2 +- capsman-download-packages.template.rsc | 2 +- capsman-download-packages.wifi.rsc | 2 +- capsman-download-packages.wifiwave2.rsc | 2 +- capsman-rolling-upgrade.capsman.rsc | 2 +- capsman-rolling-upgrade.template.rsc | 2 +- capsman-rolling-upgrade.wifi.rsc | 2 +- capsman-rolling-upgrade.wifiwave2.rsc | 2 +- certificate-renew-issued.rsc | 2 +- check-certificates.rsc | 2 +- check-health.rsc | 2 +- check-lte-firmware-upgrade.rsc | 2 +- check-routeros-update.rsc | 2 +- collect-wireless-mac.capsman.rsc | 2 +- collect-wireless-mac.local.rsc | 2 +- collect-wireless-mac.template.rsc | 2 +- collect-wireless-mac.wifi.rsc | 2 +- collect-wireless-mac.wifiwave2.rsc | 2 +- daily-psk.capsman.rsc | 2 +- daily-psk.local.rsc | 2 +- daily-psk.template.rsc | 2 +- daily-psk.wifi.rsc | 2 +- daily-psk.wifiwave2.rsc | 2 +- dhcp-lease-comment.capsman.rsc | 2 +- dhcp-lease-comment.local.rsc | 2 +- dhcp-lease-comment.template.rsc | 2 +- dhcp-lease-comment.wifi.rsc | 2 +- dhcp-lease-comment.wifiwave2.rsc | 2 +- dhcp-to-dns.rsc | 2 +- firmware-upgrade-reboot.rsc | 2 +- fw-addr-lists.rsc | 2 +- global-config-overlay.rsc | 2 +- global-config.rsc | 2 +- global-functions.rsc | 2 +- global-wait.rsc | 2 +- gps-track.rsc | 2 +- hotspot-to-wpa-cleanup.capsman.rsc | 2 +- hotspot-to-wpa-cleanup.template.rsc | 2 +- hotspot-to-wpa-cleanup.wifi.rsc | 2 +- hotspot-to-wpa-cleanup.wifiwave2.rsc | 2 +- hotspot-to-wpa.capsman.rsc | 2 +- hotspot-to-wpa.template.rsc | 2 +- hotspot-to-wpa.wifi.rsc | 2 +- hotspot-to-wpa.wifiwave2.rsc | 2 +- ip-addr-bridge.rsc | 2 +- ipsec-to-dns.rsc | 2 +- ipv6-update.rsc | 2 +- lease-script.rsc | 2 +- leds-day-mode.rsc | 2 +- leds-night-mode.rsc | 2 +- leds-toggle-mode.rsc | 2 +- log-forward.rsc | 2 +- mod/bridge-port-to.rsc | 2 +- mod/bridge-port-vlan.rsc | 2 +- mod/inspectvar.rsc | 2 +- mod/ipcalc.rsc | 2 +- mod/notification-email.rsc | 2 +- mod/notification-matrix.rsc | 2 +- mod/notification-ntfy.rsc | 2 +- mod/notification-telegram.rsc | 2 +- mod/scriptrunonce.rsc | 2 +- mod/ssh-keys-import.rsc | 2 +- mode-button.rsc | 2 +- netwatch-dns.rsc | 2 +- netwatch-notify.rsc | 2 +- news-and-changes.rsc | 2 +- ospf-to-leds.rsc | 2 +- packages-update.rsc | 2 +- ppp-on-up.rsc | 2 +- sms-action.rsc | 2 +- sms-forward.rsc | 2 +- super-mario-theme.rsc | 2 +- telegram-chat.rsc | 2 +- unattended-lte-firmware-upgrade.rsc | 2 +- update-gre-address.rsc | 2 +- update-tunnelbroker.rsc | 2 +- 85 files changed, 85 insertions(+), 85 deletions(-) diff --git a/accesslist-duplicates.capsman.rsc b/accesslist-duplicates.capsman.rsc index 3fd688e..d5b55ad 100644 --- a/accesslist-duplicates.capsman.rsc +++ b/accesslist-duplicates.capsman.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: accesslist-duplicates.capsman -# Copyright (c) 2018-2023 Christian Hesse +# Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.12beta1 diff --git a/accesslist-duplicates.local.rsc b/accesslist-duplicates.local.rsc index c19be20..2904437 100644 --- a/accesslist-duplicates.local.rsc +++ b/accesslist-duplicates.local.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: accesslist-duplicates.local -# Copyright (c) 2018-2023 Christian Hesse +# Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.12beta1 diff --git a/accesslist-duplicates.template.rsc b/accesslist-duplicates.template.rsc index c83b428..a2cb3a2 100644 --- a/accesslist-duplicates.template.rsc +++ b/accesslist-duplicates.template.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: accesslist-duplicates%TEMPL% -# Copyright (c) 2018-2023 Christian Hesse +# Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.12beta1 diff --git a/accesslist-duplicates.wifi.rsc b/accesslist-duplicates.wifi.rsc index 4ca8be8..0035119 100644 --- a/accesslist-duplicates.wifi.rsc +++ b/accesslist-duplicates.wifi.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: accesslist-duplicates.wifi -# Copyright (c) 2018-2023 Christian Hesse +# Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.12beta1 diff --git a/accesslist-duplicates.wifiwave2.rsc b/accesslist-duplicates.wifiwave2.rsc index c28a8f6..4dfda12 100644 --- a/accesslist-duplicates.wifiwave2.rsc +++ b/accesslist-duplicates.wifiwave2.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: accesslist-duplicates.wifiwave2 -# Copyright (c) 2018-2023 Christian Hesse +# Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.12beta1 diff --git a/backup-cloud.rsc b/backup-cloud.rsc index c1bbe11..155ba5c 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: backup-cloud -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: backup-script, order=40 diff --git a/backup-email.rsc b/backup-email.rsc index f4f1fc8..b087f35 100644 --- a/backup-email.rsc +++ b/backup-email.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: backup-email -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: backup-script, order=20 diff --git a/backup-partition.rsc b/backup-partition.rsc index b03ad7e..fe1fa66 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: backup-partition -# Copyright (c) 2022-2023 Christian Hesse +# Copyright (c) 2022-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: backup-script, order=70 diff --git a/backup-upload.rsc b/backup-upload.rsc index 02916c6..fc438d6 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: backup-upload -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: backup-script, order=50 diff --git a/capsman-download-packages.capsman.rsc b/capsman-download-packages.capsman.rsc index a42edd5..58b2f1f 100644 --- a/capsman-download-packages.capsman.rsc +++ b/capsman-download-packages.capsman.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: capsman-download-packages.capsman -# Copyright (c) 2018-2023 Christian Hesse +# Copyright (c) 2018-2024 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index 8cbd733..90af59c 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: capsman-download-packages%TEMPL% -# Copyright (c) 2018-2023 Christian Hesse +# Copyright (c) 2018-2024 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/capsman-download-packages.wifi.rsc b/capsman-download-packages.wifi.rsc index 89fe0dc..93caeb9 100644 --- a/capsman-download-packages.wifi.rsc +++ b/capsman-download-packages.wifi.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: capsman-download-packages.wifi -# Copyright (c) 2018-2023 Christian Hesse +# Copyright (c) 2018-2024 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/capsman-download-packages.wifiwave2.rsc b/capsman-download-packages.wifiwave2.rsc index 6a12b2d..49ef625 100644 --- a/capsman-download-packages.wifiwave2.rsc +++ b/capsman-download-packages.wifiwave2.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: capsman-download-packages.wifiwave2 -# Copyright (c) 2018-2023 Christian Hesse +# Copyright (c) 2018-2024 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/capsman-rolling-upgrade.capsman.rsc b/capsman-rolling-upgrade.capsman.rsc index 7f83b6c..1445d4d 100644 --- a/capsman-rolling-upgrade.capsman.rsc +++ b/capsman-rolling-upgrade.capsman.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: capsman-rolling-upgrade.capsman -# Copyright (c) 2018-2023 Christian Hesse +# Copyright (c) 2018-2024 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/capsman-rolling-upgrade.template.rsc b/capsman-rolling-upgrade.template.rsc index 10245b5..569cdc1 100644 --- a/capsman-rolling-upgrade.template.rsc +++ b/capsman-rolling-upgrade.template.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: capsman-rolling-upgrade%TEMPL% -# Copyright (c) 2018-2023 Christian Hesse +# Copyright (c) 2018-2024 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/capsman-rolling-upgrade.wifi.rsc b/capsman-rolling-upgrade.wifi.rsc index 3e13bf4..426193d 100644 --- a/capsman-rolling-upgrade.wifi.rsc +++ b/capsman-rolling-upgrade.wifi.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: capsman-rolling-upgrade.wifi -# Copyright (c) 2018-2023 Christian Hesse +# Copyright (c) 2018-2024 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/capsman-rolling-upgrade.wifiwave2.rsc b/capsman-rolling-upgrade.wifiwave2.rsc index c0c08e7..a362bae 100644 --- a/capsman-rolling-upgrade.wifiwave2.rsc +++ b/capsman-rolling-upgrade.wifiwave2.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: capsman-rolling-upgrade.wifiwave2 -# Copyright (c) 2018-2023 Christian Hesse +# Copyright (c) 2018-2024 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/certificate-renew-issued.rsc b/certificate-renew-issued.rsc index 2b18a76..c3b4bdb 100644 --- a/certificate-renew-issued.rsc +++ b/certificate-renew-issued.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: certificate-renew-issued -# Copyright (c) 2019-2023 Christian Hesse +# Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # renew locally issued certificates diff --git a/check-certificates.rsc b/check-certificates.rsc index 45e18e4..5f2c710 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: check-certificates -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # check for certificate validity diff --git a/check-health.rsc b/check-health.rsc index ff47968..52c22ca 100644 --- a/check-health.rsc +++ b/check-health.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: check-health -# Copyright (c) 2019-2023 Christian Hesse +# Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # check for RouterOS health state diff --git a/check-lte-firmware-upgrade.rsc b/check-lte-firmware-upgrade.rsc index a2aec01..f57f349 100644 --- a/check-lte-firmware-upgrade.rsc +++ b/check-lte-firmware-upgrade.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: check-lte-firmware-upgrade -# Copyright (c) 2018-2023 Christian Hesse +# Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # check for LTE firmware upgrade, send notification diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index 0b621f7..3f7813a 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: check-routeros-update -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # check for RouterOS update, send notification and/or install diff --git a/collect-wireless-mac.capsman.rsc b/collect-wireless-mac.capsman.rsc index 65effa8..9868733 100644 --- a/collect-wireless-mac.capsman.rsc +++ b/collect-wireless-mac.capsman.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: collect-wireless-mac.capsman -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=40 diff --git a/collect-wireless-mac.local.rsc b/collect-wireless-mac.local.rsc index 0594ceb..5252d9f 100644 --- a/collect-wireless-mac.local.rsc +++ b/collect-wireless-mac.local.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: collect-wireless-mac.local -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=40 diff --git a/collect-wireless-mac.template.rsc b/collect-wireless-mac.template.rsc index 97760d6..df95f52 100644 --- a/collect-wireless-mac.template.rsc +++ b/collect-wireless-mac.template.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: collect-wireless-mac%TEMPL% -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=40 diff --git a/collect-wireless-mac.wifi.rsc b/collect-wireless-mac.wifi.rsc index 40ad4d2..40d2a9c 100644 --- a/collect-wireless-mac.wifi.rsc +++ b/collect-wireless-mac.wifi.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: collect-wireless-mac.wifi -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=40 diff --git a/collect-wireless-mac.wifiwave2.rsc b/collect-wireless-mac.wifiwave2.rsc index 86cfd64..32e88d5 100644 --- a/collect-wireless-mac.wifiwave2.rsc +++ b/collect-wireless-mac.wifiwave2.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: collect-wireless-mac.wifiwave2 -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=40 diff --git a/daily-psk.capsman.rsc b/daily-psk.capsman.rsc index b228d86..2260588 100644 --- a/daily-psk.capsman.rsc +++ b/daily-psk.capsman.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: daily-psk.capsman -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/daily-psk.local.rsc b/daily-psk.local.rsc index 523e026..5478534 100644 --- a/daily-psk.local.rsc +++ b/daily-psk.local.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: daily-psk.local -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/daily-psk.template.rsc b/daily-psk.template.rsc index e7d9b54..1111b64 100644 --- a/daily-psk.template.rsc +++ b/daily-psk.template.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: daily-psk%TEMPL% -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/daily-psk.wifi.rsc b/daily-psk.wifi.rsc index a8b1320..6a621e4 100644 --- a/daily-psk.wifi.rsc +++ b/daily-psk.wifi.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: daily-psk.wifi -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/daily-psk.wifiwave2.rsc b/daily-psk.wifiwave2.rsc index 1be000d..e769a6c 100644 --- a/daily-psk.wifiwave2.rsc +++ b/daily-psk.wifiwave2.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: daily-psk.wifiwave2 -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/dhcp-lease-comment.capsman.rsc b/dhcp-lease-comment.capsman.rsc index 89d2c4e..802063a 100644 --- a/dhcp-lease-comment.capsman.rsc +++ b/dhcp-lease-comment.capsman.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: dhcp-lease-comment.capsman -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=60 diff --git a/dhcp-lease-comment.local.rsc b/dhcp-lease-comment.local.rsc index 11e92cc..9ab2d8c 100644 --- a/dhcp-lease-comment.local.rsc +++ b/dhcp-lease-comment.local.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: dhcp-lease-comment.local -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=60 diff --git a/dhcp-lease-comment.template.rsc b/dhcp-lease-comment.template.rsc index 05b1254..8916282 100644 --- a/dhcp-lease-comment.template.rsc +++ b/dhcp-lease-comment.template.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: dhcp-lease-comment%TEMPL% -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=60 diff --git a/dhcp-lease-comment.wifi.rsc b/dhcp-lease-comment.wifi.rsc index fe34b09..214e2d5 100644 --- a/dhcp-lease-comment.wifi.rsc +++ b/dhcp-lease-comment.wifi.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: dhcp-lease-comment.wifi -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=60 diff --git a/dhcp-lease-comment.wifiwave2.rsc b/dhcp-lease-comment.wifiwave2.rsc index 200c53b..3860c9a 100644 --- a/dhcp-lease-comment.wifiwave2.rsc +++ b/dhcp-lease-comment.wifiwave2.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: dhcp-lease-comment.wifiwave2 -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=60 diff --git a/dhcp-to-dns.rsc b/dhcp-to-dns.rsc index 57488c4..78e7639 100644 --- a/dhcp-to-dns.rsc +++ b/dhcp-to-dns.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: dhcp-to-dns -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=20 diff --git a/firmware-upgrade-reboot.rsc b/firmware-upgrade-reboot.rsc index ec2babc..5c5c14f 100644 --- a/firmware-upgrade-reboot.rsc +++ b/firmware-upgrade-reboot.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: firmware-upgrade-reboot -# Copyright (c) 2022-2023 Christian Hesse +# Copyright (c) 2022-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # install firmware upgrade, and reboot diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 34a06bc..35f9a00 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: fw-addr-lists -# Copyright (c) 2023 Christian Hesse +# Copyright (c) 2023-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # download, import and update firewall address-lists diff --git a/global-config-overlay.rsc b/global-config-overlay.rsc index af4b52c..9ffd90c 100644 --- a/global-config-overlay.rsc +++ b/global-config-overlay.rsc @@ -1,5 +1,5 @@ # Overlay for global configuration by RouterOS Scripts -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # global configuration, custom overlay diff --git a/global-config.rsc b/global-config.rsc index 14a4e98..6066fef 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: global-config -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # global configuration diff --git a/global-functions.rsc b/global-functions.rsc index c32e742..d124ac1 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: global-functions -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/global-wait.rsc b/global-wait.rsc index fe1928b..448643c 100644 --- a/global-wait.rsc +++ b/global-wait.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: global-wait -# Copyright (c) 2020-2023 Christian Hesse +# Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # wait for global-functions to finish diff --git a/gps-track.rsc b/gps-track.rsc index 86506b8..cd66250 100644 --- a/gps-track.rsc +++ b/gps-track.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: gps-track -# Copyright (c) 2018-2023 Christian Hesse +# Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # track gps data by sending json data to http server diff --git a/hotspot-to-wpa-cleanup.capsman.rsc b/hotspot-to-wpa-cleanup.capsman.rsc index b9a6620..95ae531 100644 --- a/hotspot-to-wpa-cleanup.capsman.rsc +++ b/hotspot-to-wpa-cleanup.capsman.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: hotspot-to-wpa-cleanup.capsman -# Copyright (c) 2021-2023 Christian Hesse +# Copyright (c) 2021-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=80 diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc index 0f89cec..45cf06c 100644 --- a/hotspot-to-wpa-cleanup.template.rsc +++ b/hotspot-to-wpa-cleanup.template.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: hotspot-to-wpa-cleanup%TEMPL% -# Copyright (c) 2021-2023 Christian Hesse +# Copyright (c) 2021-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=80 diff --git a/hotspot-to-wpa-cleanup.wifi.rsc b/hotspot-to-wpa-cleanup.wifi.rsc index 1cee316..f61f418 100644 --- a/hotspot-to-wpa-cleanup.wifi.rsc +++ b/hotspot-to-wpa-cleanup.wifi.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: hotspot-to-wpa-cleanup.wifi -# Copyright (c) 2021-2023 Christian Hesse +# Copyright (c) 2021-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=80 diff --git a/hotspot-to-wpa-cleanup.wifiwave2.rsc b/hotspot-to-wpa-cleanup.wifiwave2.rsc index e316c17..0ff3c3f 100644 --- a/hotspot-to-wpa-cleanup.wifiwave2.rsc +++ b/hotspot-to-wpa-cleanup.wifiwave2.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: hotspot-to-wpa-cleanup.wifiwave2 -# Copyright (c) 2021-2023 Christian Hesse +# Copyright (c) 2021-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=80 diff --git a/hotspot-to-wpa.capsman.rsc b/hotspot-to-wpa.capsman.rsc index a7ebafb..8ea2e6b 100644 --- a/hotspot-to-wpa.capsman.rsc +++ b/hotspot-to-wpa.capsman.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: hotspot-to-wpa.capsman -# Copyright (c) 2019-2023 Christian Hesse +# Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # add private WPA passphrase after hotspot login diff --git a/hotspot-to-wpa.template.rsc b/hotspot-to-wpa.template.rsc index a858285..b6ce561 100644 --- a/hotspot-to-wpa.template.rsc +++ b/hotspot-to-wpa.template.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: hotspot-to-wpa%TEMPL% -# Copyright (c) 2019-2023 Christian Hesse +# Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # add private WPA passphrase after hotspot login diff --git a/hotspot-to-wpa.wifi.rsc b/hotspot-to-wpa.wifi.rsc index f7c99a9..77afad1 100644 --- a/hotspot-to-wpa.wifi.rsc +++ b/hotspot-to-wpa.wifi.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: hotspot-to-wpa.wifi -# Copyright (c) 2019-2023 Christian Hesse +# Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # add private WPA passphrase after hotspot login diff --git a/hotspot-to-wpa.wifiwave2.rsc b/hotspot-to-wpa.wifiwave2.rsc index ea44a9d..0c12d39 100644 --- a/hotspot-to-wpa.wifiwave2.rsc +++ b/hotspot-to-wpa.wifiwave2.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: hotspot-to-wpa.wifiwave2 -# Copyright (c) 2019-2023 Christian Hesse +# Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # add private WPA passphrase after hotspot login diff --git a/ip-addr-bridge.rsc b/ip-addr-bridge.rsc index 99fcba5..758cd46 100644 --- a/ip-addr-bridge.rsc +++ b/ip-addr-bridge.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: ip-addr-bridge -# Copyright (c) 2018-2023 Christian Hesse +# Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # enable or disable ip addresses based on bridge port state diff --git a/ipsec-to-dns.rsc b/ipsec-to-dns.rsc index d961865..aed7e56 100644 --- a/ipsec-to-dns.rsc +++ b/ipsec-to-dns.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: ipsec-to-dns -# Copyright (c) 2021-2023 Christian Hesse +# Copyright (c) 2021-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # and add/remove/update DNS entries from IPSec mode-config diff --git a/ipv6-update.rsc b/ipv6-update.rsc index 7e1d34f..2e905e4 100644 --- a/ipv6-update.rsc +++ b/ipv6-update.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: ipv6-update -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # update firewall and dns settings on IPv6 prefix change diff --git a/lease-script.rsc b/lease-script.rsc index f8bc129..35fa7b4 100644 --- a/lease-script.rsc +++ b/lease-script.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: lease-script -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # run scripts on DHCP lease diff --git a/leds-day-mode.rsc b/leds-day-mode.rsc index ca2e8d8..b7c6b5b 100644 --- a/leds-day-mode.rsc +++ b/leds-day-mode.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: leds-day-mode -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # enable LEDs diff --git a/leds-night-mode.rsc b/leds-night-mode.rsc index cdd8127..fb7c7a2 100644 --- a/leds-night-mode.rsc +++ b/leds-night-mode.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: leds-night-mode -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # disable LEDs diff --git a/leds-toggle-mode.rsc b/leds-toggle-mode.rsc index da972b7..136c9d1 100644 --- a/leds-toggle-mode.rsc +++ b/leds-toggle-mode.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: leds-toggle-mode -# Copyright (c) 2018-2023 Christian Hesse +# Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # toggle LEDs mode diff --git a/log-forward.rsc b/log-forward.rsc index 6cf61a9..1067184 100644 --- a/log-forward.rsc +++ b/log-forward.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: log-forward -# Copyright (c) 2020-2023 Christian Hesse +# Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # forward log messages via notification diff --git a/mod/bridge-port-to.rsc b/mod/bridge-port-to.rsc index 86689c9..a78f31b 100644 --- a/mod/bridge-port-to.rsc +++ b/mod/bridge-port-to.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: mod/bridge-port-to -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # reset bridge ports to default bridge diff --git a/mod/bridge-port-vlan.rsc b/mod/bridge-port-vlan.rsc index 792a6c4..72cf772 100644 --- a/mod/bridge-port-vlan.rsc +++ b/mod/bridge-port-vlan.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: mod/bridge-port-vlan -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # manage VLANs on bridge ports diff --git a/mod/inspectvar.rsc b/mod/inspectvar.rsc index e06d799..c6c8bdd 100644 --- a/mod/inspectvar.rsc +++ b/mod/inspectvar.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: mod/inspectvar -# Copyright (c) 2020-2023 Christian Hesse +# Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # inspect variables diff --git a/mod/ipcalc.rsc b/mod/ipcalc.rsc index eaa5c97..b098b44 100644 --- a/mod/ipcalc.rsc +++ b/mod/ipcalc.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: mod/ipcalc -# Copyright (c) 2020-2023 Christian Hesse +# Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # ip address calculation diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index 5d5aed1..93cb941 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: mod/notification-email -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # send notifications via e-mail diff --git a/mod/notification-matrix.rsc b/mod/notification-matrix.rsc index 378faab..5c6169d 100644 --- a/mod/notification-matrix.rsc +++ b/mod/notification-matrix.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: mod/notification-matrix -# Copyright (c) 2013-2023 Michael Gisbers +# Copyright (c) 2013-2024 Michael Gisbers # Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/mod/notification-ntfy.rsc b/mod/notification-ntfy.rsc index 5c0e9e5..4dc6d84 100644 --- a/mod/notification-ntfy.rsc +++ b/mod/notification-ntfy.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: mod/notification-ntfy -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # send notifications via Ntfy (ntfy.sh) diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index 66be7d3..e778506 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: mod/notification-telegram -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # send notifications via Telegram diff --git a/mod/scriptrunonce.rsc b/mod/scriptrunonce.rsc index 199d852..38348a0 100644 --- a/mod/scriptrunonce.rsc +++ b/mod/scriptrunonce.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: mod/scriptrunonece -# Copyright (c) 2020-2023 Christian Hesse +# Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # download script and run it once diff --git a/mod/ssh-keys-import.rsc b/mod/ssh-keys-import.rsc index 79c1e22..7f3ed06 100644 --- a/mod/ssh-keys-import.rsc +++ b/mod/ssh-keys-import.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: mod/ssh-keys-import -# Copyright (c) 2020-2023 Christian Hesse +# Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.12beta1 diff --git a/mode-button.rsc b/mode-button.rsc index dae9d99..3c3e37e 100644 --- a/mode-button.rsc +++ b/mode-button.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: mode-button -# Copyright (c) 2018-2023 Christian Hesse +# Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # act on multiple mode and reset button presses diff --git a/netwatch-dns.rsc b/netwatch-dns.rsc index c5c8ed1..bf0b24e 100644 --- a/netwatch-dns.rsc +++ b/netwatch-dns.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: netwatch-dns -# Copyright (c) 2022-2023 Christian Hesse +# Copyright (c) 2022-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # monitor and manage dns/doh with netwatch diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index 28bde24..2586c09 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: netwatch-notify -# Copyright (c) 2020-2023 Christian Hesse +# Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # monitor netwatch and send notifications diff --git a/news-and-changes.rsc b/news-and-changes.rsc index 11b4e61..0c81628 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -1,5 +1,5 @@ # News, changes and migration by RouterOS Scripts -# Copyright (c) 2019-2023 Christian Hesse +# Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md :global IDonate; diff --git a/ospf-to-leds.rsc b/ospf-to-leds.rsc index 2dc8448..416fc0e 100644 --- a/ospf-to-leds.rsc +++ b/ospf-to-leds.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: ospf-to-leds -# Copyright (c) 2020-2023 Christian Hesse +# Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # visualize ospf instance state via leds diff --git a/packages-update.rsc b/packages-update.rsc index d011ea1..68574bd 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: packages-update -# Copyright (c) 2019-2023 Christian Hesse +# Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # download packages and reboot for installation diff --git a/ppp-on-up.rsc b/ppp-on-up.rsc index ac01c97..ad19fc6 100644 --- a/ppp-on-up.rsc +++ b/ppp-on-up.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: ppp-on-up -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # run scripts on ppp up diff --git a/sms-action.rsc b/sms-action.rsc index f5de11f..b553762 100644 --- a/sms-action.rsc +++ b/sms-action.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: sms-action -# Copyright (c) 2018-2023 Christian Hesse +# Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # run action on received SMS diff --git a/sms-forward.rsc b/sms-forward.rsc index 4f2d2e6..3249654 100644 --- a/sms-forward.rsc +++ b/sms-forward.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: sms-forward -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # Anatoly Bubenkov # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/super-mario-theme.rsc b/super-mario-theme.rsc index 7787a12..63308b0 100644 --- a/super-mario-theme.rsc +++ b/super-mario-theme.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: super-mario-theme -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # play Super Mario theme diff --git a/telegram-chat.rsc b/telegram-chat.rsc index 9515119..3361978 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: telegram-chat -# Copyright (c) 2023 Christian Hesse +# Copyright (c) 2023-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # use Telegram to chat with your Router and send commands diff --git a/unattended-lte-firmware-upgrade.rsc b/unattended-lte-firmware-upgrade.rsc index eac65c3..1cbdbfb 100644 --- a/unattended-lte-firmware-upgrade.rsc +++ b/unattended-lte-firmware-upgrade.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: unattended-lte-firmware-upgrade -# Copyright (c) 2018-2023 Christian Hesse +# Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # schedule unattended lte firmware upgrade diff --git a/update-gre-address.rsc b/update-gre-address.rsc index e38839c..5a5fd45 100644 --- a/update-gre-address.rsc +++ b/update-gre-address.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: update-gre-address -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # update gre interface remote address with dynamic address from diff --git a/update-tunnelbroker.rsc b/update-tunnelbroker.rsc index 60cb003..bfe0bfc 100644 --- a/update-tunnelbroker.rsc +++ b/update-tunnelbroker.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: update-tunnelbroker -# Copyright (c) 2013-2023 Christian Hesse +# Copyright (c) 2013-2024 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # From 0760ea91211b59ba20ddb08a2372d851e11a409f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 5 Jan 2024 17:05:34 +0100 Subject: [PATCH 066/908] check-lte-firmware-upgrade: fail on empty version string --- check-lte-firmware-upgrade.rsc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/check-lte-firmware-upgrade.rsc b/check-lte-firmware-upgrade.rsc index f57f349..149c008 100644 --- a/check-lte-firmware-upgrade.rsc +++ b/check-lte-firmware-upgrade.rsc @@ -45,6 +45,11 @@ $ScriptLock $0; :return false; } + :if ([ :len ($Firmware->"latest") ] = 0) do={ + $LogPrintExit2 info $0 ("An empty string is not a valid version.") false; + :return false; + } + :if (($Firmware->"installed") = ($Firmware->"latest")) do={ :if ([ $ScriptFromTerminal $0 ] = true) do={ $LogPrintExit2 info $0 ("No firmware upgrade available for LTE interface " . $IntName . ".") false; From 8c458592f51fcf065b903226f7a407f9a92ebb83 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Sun, 7 Jan 2024 23:13:54 +0100 Subject: [PATCH 067/908] check-lte-firmware-upgrade: unbreak terminal detectiono MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This broke with commit 50d7e1fa41b8f8a6a1379de5521798346fd1ae9f... 🫣 --- check-lte-firmware-upgrade.rsc | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/check-lte-firmware-upgrade.rsc b/check-lte-firmware-upgrade.rsc index 149c008..d6bda72 100644 --- a/check-lte-firmware-upgrade.rsc +++ b/check-lte-firmware-upgrade.rsc @@ -21,7 +21,8 @@ $ScriptLock $0; } :local CheckInterface do={ - :local Interface $1; + :local ScriptName $1; + :local Interface $2; :global Identity; :global SentLteFirmwareUpgradeNotification; @@ -51,13 +52,13 @@ $ScriptLock $0; } :if (($Firmware->"installed") = ($Firmware->"latest")) do={ - :if ([ $ScriptFromTerminal $0 ] = true) do={ + :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ $LogPrintExit2 info $0 ("No firmware upgrade available for LTE interface " . $IntName . ".") false; } :return true; } - :if ([ $ScriptFromTerminal $0 ] = true && \ + :if ([ $ScriptFromTerminal $ScriptName ] = true && \ [ :len [ /system/script/find where name="unattended-lte-firmware-upgrade" ] ] > 0) do={ :put ("Do you want to start unattended lte firmware upgrade for interface " . $IntName . "? [y/N]"); :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ @@ -89,5 +90,5 @@ $ScriptLock $0; } :foreach Interface in=[ /interface/lte/find ] do={ - $CheckInterface $Interface; + $CheckInterface $0 $Interface; } From 4249ad61df4c596097da1e808e4e8e4bb8a25cf9 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 8 Jan 2024 00:25:55 +0100 Subject: [PATCH 068/908] global-functions: $CertificateDownload: move delay up We still had cases where fetch misbehaves... But this was permanent. Perhaps we should not touch the certificate too early... --- global-functions.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index d124ac1..8dd1f07 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -149,6 +149,7 @@ dst-path=$LocalFileName as-value; $WaitForFile $LocalFileName; /certificate/import file-name=$LocalFileName passphrase="" as-value; + :delay 1s; /file/remove $LocalFileName; :foreach Cert in=[ /certificate/find where name~("^" . $LocalFileName . "_[0-9]+\$") ] do={ @@ -159,7 +160,6 @@ "CommonName \"" . $CommonName . "\"!") false; :return false; } - :delay 1s; :return true; } From d6645e8157b9c21493a2cda9ecc292c73aec7e9f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 9 Jan 2024 23:00:13 +0100 Subject: [PATCH 069/908] certs: add new DigiCert certificates... ... used by Cloudflare. --- ...Cert Global G2 TLS RSA SHA256 2020 CA1.pem | 182 ++++++++++++++++++ 1 file changed, 182 insertions(+) create mode 100644 certs/DigiCert Global G2 TLS RSA SHA256 2020 CA1.pem diff --git a/certs/DigiCert Global G2 TLS RSA SHA256 2020 CA1.pem b/certs/DigiCert Global G2 TLS RSA SHA256 2020 CA1.pem new file mode 100644 index 0000000..12084ee --- /dev/null +++ b/certs/DigiCert Global G2 TLS RSA SHA256 2020 CA1.pem @@ -0,0 +1,182 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 0c:f5:bd:06:2b:56:02:f4:7a:b8:50:2c:23:cc:f0:66 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2 + Validity + Not Before: Mar 30 00:00:00 2021 GMT + Not After : Mar 29 23:59:59 2031 GMT + Subject: C=US, O=DigiCert Inc, CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:cc:f7:10:62:4f:a6:bb:63:6f:ed:90:52:56:c5: + 6d:27:7b:7a:12:56:8a:f1:f4:f9:d6:e7:e1:8f:bd: + 95:ab:f2:60:41:15:70:db:12:00:fa:27:0a:b5:57: + 38:5b:7d:b2:51:93:71:95:0e:6a:41:94:5b:35:1b: + fa:7b:fa:bb:c5:be:24:30:fe:56:ef:c4:f3:7d:97: + e3:14:f5:14:4d:cb:a7:10:f2:16:ea:ab:22:f0:31: + 22:11:61:69:90:26:ba:78:d9:97:1f:e3:7d:66:ab: + 75:44:95:73:c8:ac:ff:ef:5d:0a:8a:59:43:e1:ac: + b2:3a:0f:f3:48:fc:d7:6b:37:c1:63:dc:de:46:d6: + db:45:fe:7d:23:fd:90:e8:51:07:1e:51:a3:5f:ed: + 49:46:54:7f:2c:88:c5:f4:13:9c:97:15:3c:03:e8: + a1:39:dc:69:0c:32:c1:af:16:57:4c:94:47:42:7c: + a2:c8:9c:7d:e6:d4:4d:54:af:42:99:a8:c1:04:c2: + 77:9c:d6:48:e4:ce:11:e0:2a:80:99:f0:43:70:cf: + 3f:76:6b:d1:4c:49:ab:24:5e:c2:0d:82:fd:46:a8: + ab:6c:93:cc:62:52:42:75:92:f8:9a:fa:5e:5e:b2: + b0:61:e5:1f:1f:b9:7f:09:98:e8:3d:fa:83:7f:47: + 69:a1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE, pathlen:0 + X509v3 Subject Key Identifier: + 74:85:80:C0:66:C7:DF:37:DE:CF:BD:29:37:AA:03:1D:BE:ED:CD:17 + X509v3 Authority Key Identifier: + 4E:22:54:20:18:95:E6:E3:6E:E6:0F:FA:FA:B9:12:ED:06:17:8F:39 + X509v3 Key Usage: critical + Digital Signature, Certificate Sign, CRL Sign + X509v3 Extended Key Usage: + TLS Web Server Authentication, TLS Web Client Authentication + Authority Information Access: + OCSP - URI:http://ocsp.digicert.com + CA Issuers - URI:http://cacerts.digicert.com/DigiCertGlobalRootG2.crt + X509v3 CRL Distribution Points: + Full Name: + URI:http://crl3.digicert.com/DigiCertGlobalRootG2.crl + X509v3 Certificate Policies: + Policy: 2.16.840.1.114412.2.1 + Policy: 2.23.140.1.1 + Policy: 2.23.140.1.2.1 + Policy: 2.23.140.1.2.2 + Policy: 2.23.140.1.2.3 + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 90:f1:70:cb:28:97:69:97:7c:74:fd:c0:fa:26:7b:53:ab:ad: + cd:65:fd:ba:9c:06:9c:8a:d7:5a:43:87:ed:4d:4c:56:5f:ad: + c1:c5:b5:05:20:2e:59:d1:ff:4a:f5:a0:2a:d8:b0:95:ad:c9: + 2e:4a:3b:d7:a7:f6:6f:88:29:fc:30:3f:24:84:bb:c3:b7:7b: + 93:07:2c:af:87:6b:76:33:ed:00:55:52:b2:59:9e:e4:b9:d0: + f3:df:e7:0f:fe:dd:f8:c4:b9:10:72:81:09:04:5f:cf:97:9e: + 2e:32:75:8e:cf:9a:58:d2:57:31:7e:37:01:81:b2:66:6d:29: + 1a:b1:66:09:6d:d1:6e:90:f4:b9:fa:2f:01:14:c5:5c:56:64: + 01:d9:7d:87:a8:38:53:9f:8b:5d:46:6d:5c:c6:27:84:81:d4: + 7e:8c:8c:a3:9b:52:e7:c6:88:ec:37:7c:2a:fb:f0:55:5a:38: + 72:10:d8:00:13:cf:4c:73:db:aa:37:35:a8:29:81:69:9c:76: + bc:de:18:7b:90:d4:ca:cf:ef:67:03:fd:04:5a:21:16:b1:ff: + ea:3f:df:dc:82:f5:eb:f4:59:92:23:0d:24:2a:95:25:4c:ca: + a1:91:e6:d4:b7:ac:87:74:b3:f1:6d:a3:99:db:f9:d5:bd:84: + 40:9f:07:98 +-----BEGIN CERTIFICATE----- +MIIEyDCCA7CgAwIBAgIQDPW9BitWAvR6uFAsI8zwZjANBgkqhkiG9w0BAQsFADBh +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH +MjAeFw0yMTAzMzAwMDAwMDBaFw0zMTAzMjkyMzU5NTlaMFkxCzAJBgNVBAYTAlVT +MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxMzAxBgNVBAMTKkRpZ2lDZXJ0IEdsb2Jh +bCBHMiBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAMz3EGJPprtjb+2QUlbFbSd7ehJWivH0+dbn4Y+9lavyYEEV +cNsSAPonCrVXOFt9slGTcZUOakGUWzUb+nv6u8W+JDD+Vu/E832X4xT1FE3LpxDy +FuqrIvAxIhFhaZAmunjZlx/jfWardUSVc8is/+9dCopZQ+GssjoP80j812s3wWPc +3kbW20X+fSP9kOhRBx5Ro1/tSUZUfyyIxfQTnJcVPAPooTncaQwywa8WV0yUR0J8 +osicfebUTVSvQpmowQTCd5zWSOTOEeAqgJnwQ3DPP3Zr0UxJqyRewg2C/Uaoq2yT +zGJSQnWS+Jr6Xl6ysGHlHx+5fwmY6D36g39HaaECAwEAAaOCAYIwggF+MBIGA1Ud +EwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFHSFgMBmx9833s+9KTeqAx2+7c0XMB8G +A1UdIwQYMBaAFE4iVCAYlebjbuYP+vq5Eu0GF485MA4GA1UdDwEB/wQEAwIBhjAd +BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdgYIKwYBBQUHAQEEajBoMCQG +CCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQAYIKwYBBQUHMAKG +NGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RH +Mi5jcnQwQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29t +L0RpZ2lDZXJ0R2xvYmFsUm9vdEcyLmNybDA9BgNVHSAENjA0MAsGCWCGSAGG/WwC +ATAHBgVngQwBATAIBgZngQwBAgEwCAYGZ4EMAQICMAgGBmeBDAECAzANBgkqhkiG +9w0BAQsFAAOCAQEAkPFwyyiXaZd8dP3A+iZ7U6utzWX9upwGnIrXWkOH7U1MVl+t +wcW1BSAuWdH/SvWgKtiwla3JLko716f2b4gp/DA/JIS7w7d7kwcsr4drdjPtAFVS +slme5LnQ89/nD/7d+MS5EHKBCQRfz5eeLjJ1js+aWNJXMX43AYGyZm0pGrFmCW3R +bpD0ufovARTFXFZkAdl9h6g4U5+LXUZtXMYnhIHUfoyMo5tS58aI7Dd8KvvwVVo4 +chDYABPPTHPbqjc1qCmBaZx2vN4Ye5DUys/vZwP9BFohFrH/6j/f3IL16/RZkiMN +JCqVJUzKoZHm1Lesh3Sz8W2jmdv51b2EQJ8HmA== +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 03:3a:f1:e6:a7:11:a9:a0:bb:28:64:b1:1d:09:fa:e5 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2 + Validity + Not Before: Aug 1 12:00:00 2013 GMT + Not After : Jan 15 12:00:00 2038 GMT + Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:bb:37:cd:34:dc:7b:6b:c9:b2:68:90:ad:4a:75: + ff:46:ba:21:0a:08:8d:f5:19:54:c9:fb:88:db:f3: + ae:f2:3a:89:91:3c:7a:e6:ab:06:1a:6b:cf:ac:2d: + e8:5e:09:24:44:ba:62:9a:7e:d6:a3:a8:7e:e0:54: + 75:20:05:ac:50:b7:9c:63:1a:6c:30:dc:da:1f:19: + b1:d7:1e:de:fd:d7:e0:cb:94:83:37:ae:ec:1f:43: + 4e:dd:7b:2c:d2:bd:2e:a5:2f:e4:a9:b8:ad:3a:d4: + 99:a4:b6:25:e9:9b:6b:00:60:92:60:ff:4f:21:49: + 18:f7:67:90:ab:61:06:9c:8f:f2:ba:e9:b4:e9:92: + 32:6b:b5:f3:57:e8:5d:1b:cd:8c:1d:ab:95:04:95: + 49:f3:35:2d:96:e3:49:6d:dd:77:e3:fb:49:4b:b4: + ac:55:07:a9:8f:95:b3:b4:23:bb:4c:6d:45:f0:f6: + a9:b2:95:30:b4:fd:4c:55:8c:27:4a:57:14:7c:82: + 9d:cd:73:92:d3:16:4a:06:0c:8c:50:d1:8f:1e:09: + be:17:a1:e6:21:ca:fd:83:e5:10:bc:83:a5:0a:c4: + 67:28:f6:73:14:14:3d:46:76:c3:87:14:89:21:34: + 4d:af:0f:45:0c:a6:49:a1:ba:bb:9c:c5:b1:33:83: + 29:85 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Key Usage: critical + Digital Signature, Certificate Sign, CRL Sign + X509v3 Subject Key Identifier: + 4E:22:54:20:18:95:E6:E3:6E:E6:0F:FA:FA:B9:12:ED:06:17:8F:39 + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 60:67:28:94:6f:0e:48:63:eb:31:dd:ea:67:18:d5:89:7d:3c: + c5:8b:4a:7f:e9:be:db:2b:17:df:b0:5f:73:77:2a:32:13:39: + 81:67:42:84:23:f2:45:67:35:ec:88:bf:f8:8f:b0:61:0c:34: + a4:ae:20:4c:84:c6:db:f8:35:e1:76:d9:df:a6:42:bb:c7:44: + 08:86:7f:36:74:24:5a:da:6c:0d:14:59:35:bd:f2:49:dd:b6: + 1f:c9:b3:0d:47:2a:3d:99:2f:bb:5c:bb:b5:d4:20:e1:99:5f: + 53:46:15:db:68:9b:f0:f3:30:d5:3e:31:e2:8d:84:9e:e3:8a: + da:da:96:3e:35:13:a5:5f:f0:f9:70:50:70:47:41:11:57:19: + 4e:c0:8f:ae:06:c4:95:13:17:2f:1b:25:9f:75:f2:b1:8e:99: + a1:6f:13:b1:41:71:fe:88:2a:c8:4f:10:20:55:d7:f3:14:45: + e5:e0:44:f4:ea:87:95:32:93:0e:fe:53:46:fa:2c:9d:ff:8b: + 22:b9:4b:d9:09:45:a4:de:a4:b8:9a:58:dd:1b:7d:52:9f:8e: + 59:43:88:81:a4:9e:26:d5:6f:ad:dd:0d:c6:37:7d:ed:03:92: + 1b:e5:77:5f:76:ee:3c:8d:c4:5d:56:5b:a2:d9:66:6e:b3:35: + 37:e5:32:b6 +-----BEGIN CERTIFICATE----- +MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH +MjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVT +MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j +b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI +2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx +1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQ +q2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5Wz +tCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQ +vIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAP +BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV +5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY +1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4 +NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG +Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91 +8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe +pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl +MrY= +-----END CERTIFICATE----- From 44a8195c3763829c0efd41a32a434e3d2b8aa142 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 9 Jan 2024 23:01:22 +0100 Subject: [PATCH 070/908] doc/netwatch-dns: use new certificate for Cloudflare --- doc/netwatch-dns.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/netwatch-dns.md b/doc/netwatch-dns.md index 70b766a..88d4878 100644 --- a/doc/netwatch-dns.md +++ b/doc/netwatch-dns.md @@ -55,7 +55,7 @@ manually! Importing a certificate automatically is possible, at least if available in the repository (see `certs` sub directory). - /tool/netwatch/add comment="doh, doh-cert=DigiCert TLS Hybrid ECC SHA384 2020 CA1" host=1.1.1.1; + /tool/netwatch/add comment="doh, doh-cert=DigiCert Global G2 TLS RSA SHA256 2020 CA1" host=1.1.1.1; /tool/netwatch/add comment="doh, doh-cert=DigiCert TLS Hybrid ECC SHA384 2020 CA1" host=9.9.9.9; /tool/netwatch/add comment="doh, doh-cert=GTS CA 1C3" host=8.8.8.8; From 80db12a3e9c4f7fe14865d329de115068501b5a4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 11 Jan 2024 09:22:32 +0100 Subject: [PATCH 071/908] netwatch-dns: enable DoH certificate verification... ... if a certificate is named in configuration. --- netwatch-dns.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/netwatch-dns.rsc b/netwatch-dns.rsc index bf0b24e..7709ce8 100644 --- a/netwatch-dns.rsc +++ b/netwatch-dns.rsc @@ -59,6 +59,7 @@ $ScriptLock $0; :local DohServer ""; :local DohCert ""; +:local DohCertVerify [ /ip/dns/get verify-doh-cert ]; :local DohCurrent [ /ip/dns/get use-doh-server ]; :foreach Host in=[ /tool/netwatch/find where comment~"\\bdoh\\b" status="up" ] do={ @@ -81,12 +82,13 @@ $ScriptLock $0; :if ($DohServer != $DohCurrent) do={ $LogPrintExit2 info $0 ("Updating DoH server: " . $DohServer) false; :if ([ :len $DohCert ] > 0) do={ + :set DohCertVerify true; /ip/dns/set use-doh-server=""; :if ([ $CertificateAvailable $DohCert ] = false) do={ $LogPrintExit2 warning $0 ("Downloading certificate failed, trying without.") false; } } - /ip/dns/set use-doh-server=$DohServer; + /ip/dns/set use-doh-server=$DohServer verify-doh-cert=$DohCertVerify; /ip/dns/cache/flush; } } else={ From 85aeeadcee6d6ae38768dac41b6e41cba3289b04 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 11 Jan 2024 11:06:20 +0100 Subject: [PATCH 072/908] netwatch-dns: check DoH server functionality... ... and try all servers one after another. --- netwatch-dns.rsc | 56 ++++++++++++++++++++++++++++-------------------- 1 file changed, 33 insertions(+), 23 deletions(-) diff --git a/netwatch-dns.rsc b/netwatch-dns.rsc index 7709ce8..a7c75e8 100644 --- a/netwatch-dns.rsc +++ b/netwatch-dns.rsc @@ -12,6 +12,7 @@ :global CertificateAvailable; :global EitherOr; +:global IsDNSResolving; :global LogPrintExit2; :global ParseKeyValueStore; :global ScriptLock; @@ -57,10 +58,9 @@ $ScriptLock $0; } } -:local DohServer ""; -:local DohCert ""; :local DohCertVerify [ /ip/dns/get verify-doh-cert ]; :local DohCurrent [ /ip/dns/get use-doh-server ]; +:local DohServers ({}); :foreach Host in=[ /tool/netwatch/find where comment~"\\bdoh\\b" status="up" ] do={ :local HostVal [ /tool/netwatch/get $Host ]; @@ -71,30 +71,40 @@ $ScriptLock $0; :set HostName [ /ip/dns/static/get ($HostName->0) name ]; } - :if ($HostInfo->"doh" = true && $HostInfo->"disabled" != true && $DohServer = "") do={ - :set DohServer [ $EitherOr ($HostInfo->"doh-url") \ - ("https://" . [ $EitherOr $HostName ($HostVal->"host") ] . "/dns-query") ]; - :set DohCert ($HostInfo->"doh-cert"); + :if ($HostInfo->"doh" = true && $HostInfo->"disabled" != true) do={ + :if ([ :len ($HostInfo->"doh-url") ] = 0) do={ + :set ($HostInfo->"doh-url") ("https://" . [ $EitherOr $HostName ($HostVal->"host") ] . "/dns-query"); + } + + :if ($DohCurrent = $HostInfo->"doh-url") do={ + $LogPrintExit2 debug $0 ("Current DoH server is still up.") true; + } + + :set ($DohServers->[ :len $DohServers ]) $HostInfo; } } -:if ($DohServer != "") do={ - :if ($DohServer != $DohCurrent) do={ - $LogPrintExit2 info $0 ("Updating DoH server: " . $DohServer) false; - :if ([ :len $DohCert ] > 0) do={ - :set DohCertVerify true; - /ip/dns/set use-doh-server=""; - :if ([ $CertificateAvailable $DohCert ] = false) do={ - $LogPrintExit2 warning $0 ("Downloading certificate failed, trying without.") false; - } - } - /ip/dns/set use-doh-server=$DohServer verify-doh-cert=$DohCertVerify; - /ip/dns/cache/flush; - } -} else={ - :if ($DohCurrent != "") do={ - $LogPrintExit2 info $0 ("DoH server (" . $DohCurrent . ") is down, disabling.") false; +:if ([ :len $DohCurrent ] > 0 && [ :len $DohServers ] = 0) do={ + $LogPrintExit2 info $0 ("DoH server (" . $DohCurrent . ") is down, disabling.") false; + /ip/dns/set use-doh-server=""; + /ip/dns/cache/flush; +} + +:foreach DohServer in=$DohServers do={ + $LogPrintExit2 info $0 ("Updating DoH server: " . ($DohServer->"doh-url")) false; + :if ([ :len ($DohServer->"doh-cert") ] > 0) do={ + :set DohCertVerify true; /ip/dns/set use-doh-server=""; - /ip/dns/cache/flush; + :if ([ $CertificateAvailable ($DohServer->"doh-cert") ] = false) do={ + $LogPrintExit2 warning $0 ("Downloading certificate failed, trying without.") false; + } + } + /ip/dns/set use-doh-server=($DohServer->"doh-url") verify-doh-cert=$DohCertVerify; + /ip/dns/cache/flush; + :if ([ $IsDNSResolving ] = true) do={ + $LogPrintExit2 debug $0 ("DoH server is functional.") true; + } else={ + /ip/dns/set use-doh-server=""; + $LogPrintExit2 warning $0 ("DoH server not functional, trying next.") false; } } From 5fd8c8a760c332ff4858e0e0f2cdab2ff3a3ddb7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Sun, 14 Jan 2024 22:36:21 +0100 Subject: [PATCH 073/908] netwatch-dns: check DoH server with fetch This way we do not have to configure possibly non-functional servers to check. The query is for doh-check.eworm.de of type TXT, the expected answer is 'doh-check-OK'. % dig TXT doh-check.eworm.de +https @1.1.1.1 ; <<>> DiG 9.18.21 <<>> TXT doh-check.eworm.de +https @1.1.1.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42226 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ;; QUESTION SECTION: ;doh-check.eworm.de. IN TXT ;; ANSWER SECTION: doh-check.eworm.de. 63791 IN TXT "doh-check-OK" ;; Query time: 16 msec ;; SERVER: 1.1.1.1#443(1.1.1.1) (HTTPS) ;; WHEN: Mon Jan 15 13:55:36 CET 2024 ;; MSG SIZE rcvd: 72 --- netwatch-dns.rsc | 40 +++++++++++++++++++++++++--------------- 1 file changed, 25 insertions(+), 15 deletions(-) diff --git a/netwatch-dns.rsc b/netwatch-dns.rsc index a7c75e8..de69f75 100644 --- a/netwatch-dns.rsc +++ b/netwatch-dns.rsc @@ -12,7 +12,6 @@ :global CertificateAvailable; :global EitherOr; -:global IsDNSResolving; :global LogPrintExit2; :global ParseKeyValueStore; :global ScriptLock; @@ -58,7 +57,6 @@ $ScriptLock $0; } } -:local DohCertVerify [ /ip/dns/get verify-doh-cert ]; :local DohCurrent [ /ip/dns/get use-doh-server ]; :local DohServers ({}); @@ -77,34 +75,46 @@ $ScriptLock $0; } :if ($DohCurrent = $HostInfo->"doh-url") do={ - $LogPrintExit2 debug $0 ("Current DoH server is still up.") true; + $LogPrintExit2 debug $0 ("Current DoH server is still up: " . $DohCurrent) true; } :set ($DohServers->[ :len $DohServers ]) $HostInfo; } } -:if ([ :len $DohCurrent ] > 0 && [ :len $DohServers ] = 0) do={ - $LogPrintExit2 info $0 ("DoH server (" . $DohCurrent . ") is down, disabling.") false; +:if ([ :len $DohCurrent ] > 0) do={ + $LogPrintExit2 info $0 ("Current DoH server is down, disabling: " . $DohCurrent) false; /ip/dns/set use-doh-server=""; /ip/dns/cache/flush; } :foreach DohServer in=$DohServers do={ - $LogPrintExit2 info $0 ("Updating DoH server: " . ($DohServer->"doh-url")) false; :if ([ :len ($DohServer->"doh-cert") ] > 0) do={ - :set DohCertVerify true; - /ip/dns/set use-doh-server=""; :if ([ $CertificateAvailable ($DohServer->"doh-cert") ] = false) do={ $LogPrintExit2 warning $0 ("Downloading certificate failed, trying without.") false; } } - /ip/dns/set use-doh-server=($DohServer->"doh-url") verify-doh-cert=$DohCertVerify; - /ip/dns/cache/flush; - :if ([ $IsDNSResolving ] = true) do={ - $LogPrintExit2 debug $0 ("DoH server is functional.") true; - } else={ - /ip/dns/set use-doh-server=""; - $LogPrintExit2 warning $0 ("DoH server not functional, trying next.") false; + + :local Data false; + :do { + :set Data ([ /tool/fetch check-certificate=yes-without-crl output=user \ + http-header-field=({ "accept: application/dns-message" }) \ + url=(($DohServer->"doh-url") . "?dns=" . [ :convert to=base64 ([ :rndstr length=2 ] . \ + "\01\00" . "\00\01" . "\00\00" . "\00\00" . "\00\00" . "\09doh-check\05eworm\02de\00" . \ + "\00\10" . "\00\01") ]) as-value ]->"data"); + } on-error={ + $LogPrintExit2 warning $0 ("Request to DoH server failed (network or certificate issue): " . \ + ($DohServer->"doh-url")) false; + } + + :if ($Data != false) do={ + :if ([ :typeof [ :find $Data "doh-check-OK" ] ] = "num") do={ + /ip/dns/set use-doh-server=($DohServer->"doh-url") verify-doh-cert=yes; + /ip/dns/cache/flush; + $LogPrintExit2 info $0 ("Setting DoH server: " . ($DohServer->"doh-url")) true; + } else={ + $LogPrintExit2 warning $0 ("Received unexpected response from DoH server: " . \ + ($DohServer->"doh-url")) false; + } } } From 60bd9d1abca707a5acb441b7d352c7526e58b2f8 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 16 Jan 2024 22:00:13 +0100 Subject: [PATCH 074/908] README: set script owner on initial creation --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4ad3d2f..3f597d5 100644 --- a/README.md +++ b/README.md @@ -97,7 +97,7 @@ date and time is set correctly! Now let's download the main scripts and add them in configuration on the fly. - :foreach Script in={ "global-config"; "global-config-overlay"; "global-functions" } do={ /system/script/add name=$Script source=([ /tool/fetch check-certificate=yes-without-crl ("https://git.eworm.de/cgit/routeros-scripts/plain/" . $Script . ".rsc") output=user as-value]->"data"); }; + :foreach Script in={ "global-config"; "global-config-overlay"; "global-functions" } do={ /system/script/add name=$Script owner=$Script source=([ /tool/fetch check-certificate=yes-without-crl ("https://git.eworm.de/cgit/routeros-scripts/plain/" . $Script . ".rsc") output=user as-value]->"data"); }; ![screenshot: import scripts](README.d/04-import-scripts.avif) From be4221264ca6dd2f69f3d8cea8a2aaa65cf5580b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 16 Jan 2024 22:01:04 +0100 Subject: [PATCH 075/908] INITIAL-COMMANDS: set script owner on initial creation --- INITIAL-COMMANDS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/INITIAL-COMMANDS.md b/INITIAL-COMMANDS.md index da951aa..dfdcddc 100644 --- a/INITIAL-COMMANDS.md +++ b/INITIAL-COMMANDS.md @@ -19,7 +19,7 @@ Run the complete base installation: /file/remove "letsencrypt-E1.pem"; :delay 1s; :foreach Script in={ "global-config"; "global-config-overlay"; "global-functions" } do={ - /system/script/add name=$Script source=([ /tool/fetch check-certificate=yes-without-crl ("https://git.eworm.de/cgit/routeros-scripts/plain/" . $Script . ".rsc") output=user as-value]->"data"); + /system/script/add name=$Script owner=$Script source=([ /tool/fetch check-certificate=yes-without-crl ("https://git.eworm.de/cgit/routeros-scripts/plain/" . $Script . ".rsc") output=user as-value]->"data"); }; /system/script { run global-config; run global-functions; }; /system/scheduler/add name="global-scripts" start-time=startup on-event="/system/script { run global-config; run global-functions; }"; From 29623a46ea1658cc8c9fcb4832f0810612addde5 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 16 Jan 2024 22:20:19 +0100 Subject: [PATCH 076/908] global-functions: $HexToNum: use :tonum --- global-functions.rsc | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 8dd1f07..af82fa8 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -488,16 +488,14 @@ # convert from hex (string) to num :set HexToNum do={ :local Input [ :tostr $1 ]; - :local Hex "0123456789abcdef0123456789ABCDEF"; - :local Multi 1; - :local Return 0; - :for I from=([ :len $Input ] - 1) to=0 do={ - :set Return ($Return + (([ :find $Hex [ :pick $Input $I ] ] % 16) * $Multi)); - :set Multi ($Multi * 16); + :global HexToNum; + + :if ([ :pick $Input 0 ] = "*") do={ + :return [ $HexToNum [ :pick $Input 1 [ :len $Input ] ] ]; } - :return $Return; + :return [ :tonum ("0x" . $Input) ]; } # return human readable number From abd1edcdc34d6c243b00ecc5f9da7a5848190f20 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 17 Jan 2024 14:54:03 +0100 Subject: [PATCH 077/908] doc/hotspot-to-wpa: fix property name --- doc/hotspot-to-wpa.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/doc/hotspot-to-wpa.md b/doc/hotspot-to-wpa.md index f0ffce9..06b1e87 100644 --- a/doc/hotspot-to-wpa.md +++ b/doc/hotspot-to-wpa.md @@ -90,9 +90,9 @@ Additional information is not available, including the password. Additionally templates can be created to give more options for access list: * `action`: set to `reject` to ignore logins on that hotspot -* `private-passphrase`: do **not** use passphrase from hotspot's user - credentials, but given one - or unset (use default passphrase) with - special word `ignore` +* `passphrase` or `private-passphrase`: do **not** use passphrase from + hotspot's user credentials, but given one - or unset (use default + passphrase) with special word `ignore` * `ssid-regexp`: set a different SSID regular expression to match * `vlan-id`: connect device to specific VLAN * `vlan-mode`: set the VLAN mode for device @@ -100,11 +100,11 @@ Additionally templates can be created to give more options for access list: For a hotspot called `example` the template could look like this. For `wifi` (RouterOS 7.13 and later): - /interface/wifi/access-list/add comment="hotspot-to-wpa template example" disabled=yes private-passphrase="ignore" ssid-regexp="^example\$" vlan-id=10; + /interface/wifi/access-list/add comment="hotspot-to-wpa template example" disabled=yes passphrase="ignore" ssid-regexp="^example\$" vlan-id=10; For `wifiwave2` (up to RouterOS 7.12): - /interface/wifiwave2/access-list/add comment="hotspot-to-wpa template example" disabled=yes private-passphrase="ignore" ssid-regexp="^example\$" vlan-id=10; + /interface/wifiwave2/access-list/add comment="hotspot-to-wpa template example" disabled=yes passphrase="ignore" ssid-regexp="^example\$" vlan-id=10; For legacy CAPsMAN: From 306269f9191415b6e7fe83029d671613145f5f13 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 18 Jan 2024 10:04:24 +0100 Subject: [PATCH 078/908] doc/hotspot-to-wpa: reference as WPA only... MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ... as this works with WPA3 as well. 😜 --- README.md | 2 +- doc/hotspot-to-wpa.md | 12 ++++++------ doc/lease-script.md | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 3f597d5..db1138b 100644 --- a/README.md +++ b/README.md @@ -215,7 +215,7 @@ Available scripts * [Download, import and update firewall address-lists](doc/fw-addr-lists.md) * [Wait for global functions und modules](doc/global-wait.md) * [Send GPS position to server](doc/gps-track.md) -* [Use WPA2 network with hotspot credentials](doc/hotspot-to-wpa.md) +* [Use WPA network with hotspot credentials](doc/hotspot-to-wpa.md) * [Create DNS records for IPSec peers](doc/ipsec-to-dns.md) * [Update configuration on IPv6 prefix change](doc/ipv6-update.md) * [Manage IP addresses with bridge status](doc/ip-addr-bridge.md) diff --git a/doc/hotspot-to-wpa.md b/doc/hotspot-to-wpa.md index 06b1e87..c35bef7 100644 --- a/doc/hotspot-to-wpa.md +++ b/doc/hotspot-to-wpa.md @@ -1,5 +1,5 @@ -Use WPA2 network with hotspot credentials -========================================= +Use WPA network with hotspot credentials +======================================== [⬅️ Go back to main README](../README.md) @@ -10,13 +10,13 @@ Description ----------- RouterOS supports an unlimited number of MAC address specific passphrases -for WPA2 encrypted wifi networks via access list. The idea of this script -is to transfer hotspot credentials to MAC address specific WPA2 passphrase. +for WPA encrypted wifi networks via access list. The idea of this script +is to transfer hotspot credentials to MAC address specific WPA passphrase. Requirements and installation ----------------------------- -You need a properly configured hotspot on one (open) SSID and a WP2 enabled +You need a properly configured hotspot on one (open) SSID and a WPA enabled SSID with suffix "`-wpa`". Then install the script. @@ -119,7 +119,7 @@ Usage and invocation -------------------- Now let the users connect and login to the hotspot. After that the devices -(identified by MAC address) can connect to the WPA2 network, using the +(identified by MAC address) can connect to the WPA network, using the passphrase from hotspot credentials. See also diff --git a/doc/lease-script.md b/doc/lease-script.md index 55928fc..c4ff20e 100644 --- a/doc/lease-script.md +++ b/doc/lease-script.md @@ -40,7 +40,7 @@ See also * [Collect MAC addresses in wireless access list](collect-wireless-mac.md) * [Comment DHCP leases with info from access list](dhcp-lease-comment.md) * [Create DNS records for DHCP leases](dhcp-to-dns.md) -* [Use WPA2 network with hotspot credentials](hotspot-to-wpa.md) +* [Use WPA network with hotspot credentials](hotspot-to-wpa.md) --- [⬅️ Go back to main README](../README.md) From a7619a51195effef1f4c2f8aa8e8151c6e0e1094 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 18 Jan 2024 10:13:53 +0100 Subject: [PATCH 079/908] global-functions: $LogPrintOnce: support exit --- dhcp-to-dns.rsc | 4 ++-- fw-addr-lists.rsc | 2 +- global-functions.rsc | 3 ++- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/dhcp-to-dns.rsc b/dhcp-to-dns.rsc index 78e7639..38e8c79 100644 --- a/dhcp-to-dns.rsc +++ b/dhcp-to-dns.rsc @@ -56,7 +56,7 @@ $ScriptLock $0 false 10; :do { :set LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; :if ([ :len [ /ip/dhcp-server/lease/find where active-mac-address=($LeaseVal->"active-mac-address") status=bound ] ] > 1) do={ - $LogPrintOnce info $0 ("Multiple bound leases found for mac-address " . ($LeaseVal->"active-mac-address") . "!"); + $LogPrintOnce info $0 ("Multiple bound leases found for mac-address " . ($LeaseVal->"active-mac-address") . "!") false; } } on-error={ $LogPrintExit2 debug $0 ("A lease just vanished, ignoring.") false; @@ -112,7 +112,7 @@ $ScriptLock $0 false 10; } :if ([ :len [ /ip/dns/static/find where name=$FullA (!type or type=A) ] ] > 1) do={ - $LogPrintOnce warning $0 ("The name '" . $FullA . "' appeared in more than one A record!"); + $LogPrintOnce warning $0 ("The name '" . $FullA . "' appeared in more than one A record!") false; } } else={ $LogPrintExit2 debug $0 ("No address available... Ignoring.") false; diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 35f9a00..fec3729 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -74,7 +74,7 @@ $WaitFullyConnected; } :if ([ :len $Data ] > 63000) do={ - $LogPrintOnce warning $0 ("The list is huge and may be truncated: " . $List->"url"); + $LogPrintOnce warning $0 ("The list is huge and may be truncated: " . $List->"url") false; } :while ([ :len $Data ] != 0) do={ diff --git a/global-functions.rsc b/global-functions.rsc index af82fa8..3d66259 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -681,6 +681,7 @@ :local Severity [ :tostr $1 ]; :local Name [ :tostr $2 ]; :local Message [ :tostr $3 ]; + :local Exit [ :tostr $4 ]; :global LogPrintExit2; @@ -695,7 +696,7 @@ } :set ($LogPrintOnceMessages->$Message) 1; - $LogPrintExit2 $Severity $Name $Message false; + $LogPrintExit2 $Severity $Name $Message $Exit; } # get max value From bb0c82adb365a0ce04e83b2bebd1cc39b8ee3542 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 18 Jan 2024 10:07:29 +0100 Subject: [PATCH 080/908] sms-forward: log warning just once --- sms-forward.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sms-forward.rsc b/sms-forward.rsc index 3249654..fb4d73c 100644 --- a/sms-forward.rsc +++ b/sms-forward.rsc @@ -16,6 +16,7 @@ :global IfThenElse; :global LogPrintExit2; +:global LogPrintOnce; :global ScriptLock; :global SendNotification2; :global SymbolForNotification; @@ -25,7 +26,7 @@ $ScriptLock $0; :if ([ /tool/sms/get receive-enabled ] = false) do={ - $LogPrintExit2 warning $0 ("Receiving of SMS is not enabled.") true; + $LogPrintOnce warning $0 ("Receiving of SMS is not enabled.") true; } $WaitFullyConnected; From 8a0a4c355b4804913fa117917e8ac3686db91fc2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 18 Jan 2024 12:53:17 +0100 Subject: [PATCH 081/908] global-functions: log successful loading --- global-functions.rsc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 3d66259..adfea2e 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1500,5 +1500,10 @@ } } +# Log success +:local Resource [ /system/resource/get ]; +$LogPrintOnce info $0 ("Loaded on " . $Resource->"board-name" . \ + " with RouterOS " . $Resource->"version" . ".") false; + # signal we are ready :set GlobalFunctionsReady true; From 0ad1a79d677ad26ad586238efcff59cf58d703ec Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 18 Jan 2024 21:07:52 +0100 Subject: [PATCH 082/908] netwatch-dns: be move verbose on time to settle --- netwatch-dns.rsc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/netwatch-dns.rsc b/netwatch-dns.rsc index de69f75..86d59c7 100644 --- a/netwatch-dns.rsc +++ b/netwatch-dns.rsc @@ -18,8 +18,9 @@ $ScriptLock $0; -:if ([ /system/resource/get uptime ] < 5m30s) do={ - $LogPrintExit2 info $0 ("System just booted, giving netwatch some time to settle.") true; +:local SettleTime (5m30s - [ /system/resource/get uptime ]); +:if ($SettleTime > 0s) do={ + $LogPrintExit2 info $0 ("System just booted, giving netwatch " . $SettleTime . " to settle.") true; } :local DnsServers ({}); From a2749b276003a90b95b9723e287542be56c0d0c1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 19 Jan 2024 13:23:52 +0100 Subject: [PATCH 083/908] check-certificates: use prepared user-agent string with fetch --- check-certificates.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index 5f2c710..715a6b7 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -17,6 +17,7 @@ :global CertificateAvailable :global EscapeForRegEx; +:global FetchUserAgent; :global IfThenElse; :global LogPrintExit2; :global ParseKeyValueStore; @@ -43,7 +44,7 @@ :foreach Type in={ ".pem"; ".p12" } do={ :local CertFileName ([ $UrlEncode $Name ] . $Type); :do { - /tool/fetch check-certificate=yes-without-crl \ + /tool/fetch check-certificate=yes-without-crl http-header-field=({ $FetchUserAgent }) \ ($CertRenewUrl . $CertFileName) dst-path=$CertFileName as-value; $WaitForFile $CertFileName; From 4b8854946dca65b63633d9ef0647cd15ba3155c3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 19 Jan 2024 13:25:22 +0100 Subject: [PATCH 084/908] fw-addr-lists: use prepared user-agent string with fetch --- fw-addr-lists.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index fec3729..50fe41c 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -10,6 +10,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:global FetchUserAgent; :global FwAddrLists; :global FwAddrListTimeOut; @@ -57,7 +58,7 @@ $WaitFullyConnected; :if ($Data = false) do={ :do { :set Data ([ /tool/fetch check-certificate=$CheckCertificate output=user \ - ($List->"url") as-value ]->"data"); + http-header-field=({ $FetchUserAgent }) ($List->"url") as-value ]->"data"); } on-error={ :if ($I < 4) do={ $LogPrintExit2 debug $0 ("Failed downloading, " . $I . ". try: " . $List->"url") false; From 21cf6d49bbc0c3aebba6faa200a1ac125679c236 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 19 Jan 2024 17:08:55 +0100 Subject: [PATCH 085/908] backup-upload: fix the upload symbol... ... which broke with commit 080bef89a934980271a50eed25a494a0bc33d007. --- backup-upload.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backup-upload.rsc b/backup-upload.rsc index fc438d6..063cfb2 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -138,7 +138,7 @@ $WaitFullyConnected; $SendNotification2 ({ origin=$0; \ subject=[ $IfThenElse ($Failed > 0) \ ([ $SymbolForNotification "floppy-disk,warning-sign" ] . "Backup & Config upload with failure") \ - ([ $SymbolForNotification "floppy-disk,up-arrow" ] . "Backup & Config upload") ]; \ + ([ $SymbolForNotification "floppy-disk,arrow-up" ] . "Backup & Config upload") ]; \ message=("Backup and config export upload for " . $Identity . ".\n\n" . \ [ $DeviceInfo ] . "\n\n" . \ [ $FileInfo "Backup file" $BackupFile ] . "\n" . \ From 86a0700efd926d0481b8518c62b217972fca4045 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Sat, 20 Jan 2024 00:09:54 +0100 Subject: [PATCH 086/908] global-functions: $SymbolByUnicodeName: name the parameter --- global-functions.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index adfea2e..8552502 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1293,6 +1293,8 @@ # return UTF-8 symbol for unicode name :set SymbolByUnicodeName do={ + :local Name [ :tostr $1 ]; + :local Symbols { "abacus"="\F0\9F\A7\AE"; "alarm-clock"="\E2\8F\B0"; @@ -1326,7 +1328,7 @@ "white-heavy-check-mark"="\E2\9C\85" } - :return (($Symbols->$1) . "\EF\B8\8F"); + :return (($Symbols->$Name) . "\EF\B8\8F"); } # return symbol for notification From 75a39ffaf1d8fb13e56d790d3902e2dbd0cabba6 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 19 Jan 2024 23:57:09 +0100 Subject: [PATCH 087/908] global-functions: $SymbolByUnicodeName: log warning on missing name --- global-functions.rsc | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 8552502..1109043 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1295,6 +1295,8 @@ :set SymbolByUnicodeName do={ :local Name [ :tostr $1 ]; + :global LogPrintOnce; + :local Symbols { "abacus"="\F0\9F\A7\AE"; "alarm-clock"="\E2\8F\B0"; @@ -1328,6 +1330,11 @@ "white-heavy-check-mark"="\E2\9C\85" } + :if ([ :len ($Symbols->$Name) ] = 0) do={ + $LogPrintOnce warning $0 ("No symbol available for name '" . $Name . "'!") false; + :return ""; + } + :return (($Symbols->$Name) . "\EF\B8\8F"); } From c2fe7e4cd73de957679f644cf489a3fe6a3f5949 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 22 Jan 2024 16:08:34 +0100 Subject: [PATCH 088/908] mod/notification-matrix: drop declaration of unused function --- mod/notification-matrix.rsc | 1 - 1 file changed, 1 deletion(-) diff --git a/mod/notification-matrix.rsc b/mod/notification-matrix.rsc index 5c6169d..8884b08 100644 --- a/mod/notification-matrix.rsc +++ b/mod/notification-matrix.rsc @@ -186,7 +186,6 @@ :global CharacterReplace; :global LogPrintExit2; :global ParseJson; - :global UrlEncode; :global MatrixAccessToken; :global MatrixHomeServer; From f015f5f0123ca222e9a85ed051c4ae2141634f9f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 22 Jan 2024 16:10:48 +0100 Subject: [PATCH 089/908] mod/notification-telegram: apply url encoding when sending --- mod/notification-telegram.rsc | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index e778506..5b79135 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -20,6 +20,7 @@ :global IsFullyConnected; :global LogPrintExit2; :global ParseJson; + :global UrlEncode; :if ([ $IsFullyConnected ] = false) do={ $LogPrintExit2 debug $0 ("System is not fully connected, not flushing.") false; @@ -40,7 +41,7 @@ ("https://api.telegram.org/bot" . ($Message->"tokenid") . "/sendMessage") \ http-data=("chat_id=" . ($Message->"chatid") . "&disable_notification=" . ($Message->"silent") . \ "&reply_to_message_id=" . ($Message->"replyto") . "&disable_web_page_preview=true" . \ - "&parse_mode=MarkdownV2&text=" . ($Message->"text")) as-value ]->"data"); + "&parse_mode=MarkdownV2&text=" . [ $UrlEncode ($Message->"text") ]) as-value ]->"data"); :set ($TelegramQueue->$Id); :set ($TelegramMessageIDs->([ $ParseJson ([ $ParseJson $Data ]->"result") ]->"message_id")) 1; } on-error={ @@ -132,7 +133,6 @@ [ $EscapeMD ("The message was too long and has been truncated, cut off " . \ (($LenSum - [ :len $Text ]) * 100 / $LenSum) . "%!") "plain" ]); } - :set Text [ $UrlEncode $Text ]; :do { :if ([ $CertificateAvailable "Go Daddy Secure Certificate Authority - G2" ] = false) do={ @@ -142,7 +142,7 @@ ("https://api.telegram.org/bot" . $TokenId . "/sendMessage") \ http-data=("chat_id=" . $ChatId . "&disable_notification=" . ($Notification->"silent") . \ "&reply_to_message_id=" . ($Notification->"replyto") . "&disable_web_page_preview=true" . \ - "&parse_mode=MarkdownV2&text=" . $Text) as-value ]->"data"); + "&parse_mode=MarkdownV2&text=" . [ $UrlEncode $Text ]) as-value ]->"data"); :set ($TelegramMessageIDs->([ $ParseJson ([ $ParseJson $Data ]->"result") ]->"message_id")) 1; } on-error={ $LogPrintExit2 info $0 ("Failed sending telegram notification! Queuing...") false; @@ -150,9 +150,9 @@ :if ([ :typeof $TelegramQueue ] = "nothing") do={ :set TelegramQueue ({}); } - :set Text ($Text . [ $UrlEncode ("\n" . [ $SymbolForNotification "alarm-clock" ] . \ + :set Text ($Text . "\n" . [ $SymbolForNotification "alarm-clock" ] . \ [ $EscapeMD ("This message was queued since " . [ /system/clock/get date ] . \ - " " . [ /system/clock/get time ] . " and may be obsolete.") "plain" ]) ]); + " " . [ /system/clock/get time ] . " and may be obsolete.") "plain" ]); :set ($TelegramQueue->[ :len $TelegramQueue ]) { chatid=$ChatId; tokenid=$TokenId; text=$Text; silent=($Notification->"silent"); replyto=($Notification->"replyto") }; :if ([ :len [ /system/scheduler/find where name="_FlushTelegramQueue" ] ] = 0) do={ From 49a83682c352b7f31a0f5ff502ee9fc62246773d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 24 Jan 2024 11:47:26 +0100 Subject: [PATCH 090/908] INITIAL-COMMANDS: remove before adding... ... to make sure it does not fail on (partly) installed scripts. This should work to fix borked base installation now. --- INITIAL-COMMANDS.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/INITIAL-COMMANDS.md b/INITIAL-COMMANDS.md index dfdcddc..ba182eb 100644 --- a/INITIAL-COMMANDS.md +++ b/INITIAL-COMMANDS.md @@ -19,9 +19,11 @@ Run the complete base installation: /file/remove "letsencrypt-E1.pem"; :delay 1s; :foreach Script in={ "global-config"; "global-config-overlay"; "global-functions" } do={ + /system/script/remove [ find where name=$Script ]; /system/script/add name=$Script owner=$Script source=([ /tool/fetch check-certificate=yes-without-crl ("https://git.eworm.de/cgit/routeros-scripts/plain/" . $Script . ".rsc") output=user as-value]->"data"); }; /system/script { run global-config; run global-functions; }; + /system/scheduler/remove [ find where name="global-scripts" ]; /system/scheduler/add name="global-scripts" start-time=startup on-event="/system/script { run global-config; run global-functions; }"; :global CertificateNameByCN; $CertificateNameByCN "E1"; From 20c337d6ba241ff6ac1eee70107001af3a03a581 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 24 Jan 2024 15:52:58 +0100 Subject: [PATCH 091/908] INITIAL-COMMANDS: ... but rename the configuration overlay! This should not ultimately destroy user's configuration. --- INITIAL-COMMANDS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/INITIAL-COMMANDS.md b/INITIAL-COMMANDS.md index ba182eb..ee7cef8 100644 --- a/INITIAL-COMMANDS.md +++ b/INITIAL-COMMANDS.md @@ -18,6 +18,7 @@ Run the complete base installation: }; /file/remove "letsencrypt-E1.pem"; :delay 1s; + /system/script/set name=("global-config-overlay-" . [ /system/clock/get date ] . "-" . [ /system/clock/get time ]) [ find where name="global-config-overlay" ]; :foreach Script in={ "global-config"; "global-config-overlay"; "global-functions" } do={ /system/script/remove [ find where name=$Script ]; /system/script/add name=$Script owner=$Script source=([ /tool/fetch check-certificate=yes-without-crl ("https://git.eworm.de/cgit/routeros-scripts/plain/" . $Script . ".rsc") output=user as-value]->"data"); From 468b5a18f314ca3e3c280b6401626a767e9d8a69 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 24 Jan 2024 16:13:44 +0100 Subject: [PATCH 092/908] check-certificates: unbreak certificate download MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This was borked with a2749b276003a90b95b9723e287542be56c0d0c1. 😳 --- check-certificates.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index 715a6b7..af0f9b4 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -17,7 +17,6 @@ :global CertificateAvailable :global EscapeForRegEx; -:global FetchUserAgent; :global IfThenElse; :global LogPrintExit2; :global ParseKeyValueStore; @@ -35,6 +34,7 @@ :global CertificateNameByCN; :global EscapeForRegEx; + :global FetchUserAgent; :global LogPrintExit2; :global UrlEncode; :global WaitForFile; From 7baf69e67cf66d76cc37c3afec6219f86e2c2279 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 24 Jan 2024 17:14:25 +0100 Subject: [PATCH 093/908] doc/check-certificates: add paragraph --- doc/check-certificates.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/doc/check-certificates.md b/doc/check-certificates.md index 95ff534..e9a533f 100644 --- a/doc/check-certificates.md +++ b/doc/check-certificates.md @@ -63,6 +63,8 @@ Just run the script: Tips & Tricks ------------- +### Schedule at startup + The script checks for full connectivity before acting, so scheduling at startup is perfectly valid: From 7db94b5f3fd3365991ccdae2c7edde099dac95b2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 24 Jan 2024 17:22:13 +0100 Subject: [PATCH 094/908] doc/check-certificates: initial certificate import --- doc/check-certificates.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/doc/check-certificates.md b/doc/check-certificates.md index e9a533f..186702c 100644 --- a/doc/check-certificates.md +++ b/doc/check-certificates.md @@ -70,6 +70,16 @@ startup is perfectly valid: /system/scheduler/add name=check-certificates@startup on-event="/system/script/run check-certificates;" start-time=startup; +### Initial import + +Given you have a certificate on you server, you can use `check-certificates` +for the initial import. Just create a *dummy* certificate with short lifetime +that matches criteria to be renewed: + + /certificate/add name=example.com common-name=example.com days-valid=1; + /certificate/sign example.com; + /system/script/run check-certificates; + See also -------- From 3ca51f4699f7079e5be7f1e28be16fc4d97a49f1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 25 Jan 2024 09:35:40 +0100 Subject: [PATCH 095/908] INITIAL-COMMANDS: fix existing installation --- INITIAL-COMMANDS.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/INITIAL-COMMANDS.md b/INITIAL-COMMANDS.md index ee7cef8..9d49851 100644 --- a/INITIAL-COMMANDS.md +++ b/INITIAL-COMMANDS.md @@ -35,6 +35,13 @@ Then continue setup with [scheduled automatic updates](README.md#scheduled-automatic-updates) or [editing configuration](README.md#editing-configuration). +## Fix existing installation + +The commands above allow to fix an existing installation in case it ever +breaks. If `global-config-overlay` did exist before it is renamed with a +date and time suffix (like `global-config-overlay-2024-01-25-09:33:12`). +Make sure to restore the configuration overlay if required. + --- [⬅️ Go back to main README](README.md) [⬆️ Go back to top](#top) From 64abe7430aced959d0817f4922afd2d1d219b539 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 25 Jan 2024 09:37:20 +0100 Subject: [PATCH 096/908] update list of contributors --- CONTRIBUTIONS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CONTRIBUTIONS.md b/CONTRIBUTIONS.md index 39fc8a9..6d64e67 100644 --- a/CONTRIBUTIONS.md +++ b/CONTRIBUTIONS.md @@ -32,6 +32,7 @@ Add yourself to the list, * Harold Schoemaker * Hugo BV * Klaus Michael Rübsam +* Leonardo Valeri Manera * Linux-Schmie.de Michael Gisbers * Manuel Kuhn * Marek Čábák From e636d4194c44a916792da58944d89820035d9287 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 29 Jan 2024 21:34:08 +0100 Subject: [PATCH 097/908] global-functions: $RandomDelay: name the parameters --- global-functions.rsc | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 1109043..8411fc5 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -873,10 +873,13 @@ # delay a random amount of seconds :set RandomDelay do={ + :local Time [ :tonum $1 ]; + :local Unit [ :tostr $2 ]; + :global EitherOr; :global GetRandomNumber; - :delay ([ $GetRandomNumber $1 ] . [ $EitherOr $2 "s" ]); + :delay ([ $GetRandomNumber $Time ] . [ $EitherOr $Unit "s" ]); } # check for required RouterOS version From 16898ae997df8ff9c165f54944a85b5f3d07d2dc Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 29 Jan 2024 21:36:14 +0100 Subject: [PATCH 098/908] global-functions: $RandomDelay: allow zero time, return immediately --- global-functions.rsc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 8411fc5..a2c50a5 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -879,6 +879,10 @@ :global EitherOr; :global GetRandomNumber; + :if ($Time = 0) do={ + :return false; + } + :delay ([ $GetRandomNumber $Time ] . [ $EitherOr $Unit "s" ]); } From a1abfedccd62251e9540afa882ed9e47e357e486 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 29 Jan 2024 22:32:57 +0100 Subject: [PATCH 099/908] global-functions: $RandomDelay: always scale to ms... ... to randomize in friction of unit. This requires :tonsec from RouterOS 7.12. --- README.md | 2 +- global-functions.rsc | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index db1138b..b23310a 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ RouterOS Scripts [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.10-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/global-functions.rsc b/global-functions.rsc index a2c50a5..9be7893 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.10beta5 +# requires RouterOS, version=7.12 # # global functions # https://git.eworm.de/cgit/routeros-scripts/about/ @@ -878,12 +878,13 @@ :global EitherOr; :global GetRandomNumber; + :global MAX; :if ($Time = 0) do={ :return false; } - :delay ([ $GetRandomNumber $Time ] . [ $EitherOr $Unit "s" ]); + :delay ([ $MAX 10 [ $GetRandomNumber ([ :tonsec [ :totime ($Time . [ $EitherOr $Unit "s" ]) ] ] / 1000000) ] ] . "ms"); } # check for required RouterOS version From b6367b5df35a23365c8a2086e8f90a372845db4c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 29 Jan 2024 21:19:36 +0100 Subject: [PATCH 100/908] telegram-chat: fix concatenation (and retry with delay) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Ups... 😳 --- telegram-chat.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/telegram-chat.rsc b/telegram-chat.rsc index 3361978..292ae5b 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -57,7 +57,7 @@ $WaitFullyConnected; } on-error={ :if ($I < 4) do={ $LogPrintExit2 debug $0 ("Fetch failed, " . $I . ". try.") false; - :delay (($I * $I) "s"); + :delay (($I * $I) . "s"); } } } From abfc8e9191b23731c2ff8977cf7a46c9ca34a62b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 29 Jan 2024 21:50:32 +0100 Subject: [PATCH 101/908] telegram-chat: add (and increase) random delay on error Chances are that two devices schedule the script (nearly) simultaneously. Causing a lot of failures from fetch. Instead of forcing a retry on *every* invocating we add (and increase) a random delay, that is slowly decreasd on success. This should minimize failures... --- telegram-chat.rsc | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/telegram-chat.rsc b/telegram-chat.rsc index 292ae5b..986df03 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -18,6 +18,7 @@ :global TelegramChatOffset; :global TelegramChatRunTime; :global TelegramMessageIDs; +:global TelegramRandomDelay; :global TelegramTokenId; :global CertificateAvailable; @@ -26,8 +27,11 @@ :global GetRandom20CharAlNum; :global IfThenElse; :global LogPrintExit2; +:global MAX; +:global MIN; :global MkDir; :global ParseJson; +:global RandomDelay; :global ScriptLock; :global SendTelegram2; :global SymbolForNotification; @@ -42,11 +46,16 @@ $WaitFullyConnected; :if ([ :typeof $TelegramChatOffset ] != "array") do={ :set TelegramChatOffset { 0; 0; 0 }; } +:if ([ :typeof $TelegramRandomDelay ] != "num") do={ + :set TelegramRandomDelay 0; +} :if ([ $CertificateAvailable "Go Daddy Secure Certificate Authority - G2" ] = false) do={ $LogPrintExit2 warning $0 ("Downloading required certificate failed.") true; } +$RandomDelay $TelegramRandomDelay; + :local Data false; :for I from=1 to=4 do={ :if ($Data = false) do={ @@ -54,9 +63,11 @@ $WaitFullyConnected; :set Data ([ /tool/fetch check-certificate=yes-without-crl output=user \ ("https://api.telegram.org/bot" . $TelegramTokenId . "/getUpdates?offset=" . \ $TelegramChatOffset->0 . "&allowed_updates=%5B%22message%22%5D") as-value ]->"data"); + :set TelegramRandomDelay [ $MAX 0 ($TelegramRandomDelay - 1) ]; } on-error={ :if ($I < 4) do={ $LogPrintExit2 debug $0 ("Fetch failed, " . $I . ". try.") false; + :set TelegramRandomDelay [ $MIN 15 ($TelegramRandomDelay + 5) ]; :delay (($I * $I) . "s"); } } From 98f26989f5f625ad918aed900b7888fa69c78248 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 26 Jan 2024 08:54:08 +0100 Subject: [PATCH 102/908] packages-update: schedule from local function --- packages-update.rsc | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/packages-update.rsc b/packages-update.rsc index 68574bd..b67346d 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -18,6 +18,17 @@ :global ScriptLock; :global VersionToNum; +:local Schedule do={ + :global RebootForUpdate do={ + :global RandomDelay; + $RandomDelay 3600; + /system/reboot; + } + /system/scheduler/add name="_RebootForUpdate" start-time=03:00:00 interval=1d \ + on-event=("/system/scheduler/remove \"_RebootForUpdate\"; " . \ + ":global RebootForUpdate; \$RebootForUpdate;"); +} + $ScriptLock $0; :local Update [ /system/package/update/get ]; @@ -95,14 +106,7 @@ $ScriptLock $0; :if ([ $ScriptFromTerminal $0 ] = true) do={ :put "Do you want to (s)chedule reboot or (r)eboot now? [s/R]"; :if (([ /terminal/inkey timeout=60 ] % 32) = 19) do={ - :global RebootForUpdate do={ - :global RandomDelay; - $RandomDelay 3600; - /system/reboot; - } - /system/scheduler/add name="_RebootForUpdate" start-time=03:00:00 interval=1d \ - on-event=("/system/scheduler/remove \"_RebootForUpdate\"; " . \ - ":global RebootForUpdate; \$RebootForUpdate;"); + $Schedule; $LogPrintExit2 info $0 ("Scheduled reboot for update between 03:00 and 04:00.") true; } } From 62f33d7b19792fded8366d57ff8756c5952da990 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 26 Jan 2024 09:11:17 +0100 Subject: [PATCH 103/908] packages-update: support deferred reboot on auto-update Closes #56 --- doc/packages-update.md | 12 ++++++++++++ global-config.rsc | 3 +++ global-functions.rsc | 2 +- news-and-changes.rsc | 1 + packages-update.rsc | 7 +++++++ 5 files changed, 24 insertions(+), 1 deletion(-) diff --git a/doc/packages-update.md b/doc/packages-update.md index 653d233..280c420 100644 --- a/doc/packages-update.md +++ b/doc/packages-update.md @@ -34,6 +34,18 @@ Just install the script: It is automatically run by [check-routeros-update](check-routeros-update.md) if available. +Configuration +------------- + +The configuration goes to `global-config-overlay`, this is the only parameter: + +* `PackagesUpdateDeferReboot`: defer the reboot for night (between 3 AM + and 4 AM) + +> ℹ️ **Info**: Copy relevant configuration from +> [`global-config`](../global-config.rsc) (the one without `-overlay`) to +> your local `global-config-overlay` and modify it to your specific needs. + Usage and invocation -------------------- diff --git a/global-config.rsc b/global-config.rsc index 6066fef..983eedb 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -135,6 +135,9 @@ # Set to all upper-case "Yes, please!" to enable. :global SafeUpdateAll "no"; +# Defer the reboot for night on automatic (non-interactive) update +:global PackagesUpdateDeferReboot false; + # These thresholds control when to send health notification # on temperature and voltage. :global CheckHealthTemperature { diff --git a/global-functions.rsc b/global-functions.rsc index 9be7893..306a2cc 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -12,7 +12,7 @@ :local 0 "global-functions"; # expected configuration version -:global ExpectedConfigVersion 116; +:global ExpectedConfigVersion 117; # global variables not to be changed by user :global GlobalFunctionsReady false; diff --git a/news-and-changes.rsc b/news-and-changes.rsc index 0c81628..5186420 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -36,6 +36,7 @@ 116=("... and also please keep in mind that it takes a huge amount of time maintaining these scripts. " . [ $IfThenElse ($IDonate != true) \ ("Following the donation hint " . [ $SymbolForNotification "arrow-down" "below" ] . "to keep me motivated is much appreciated. Thanks!") \ ("Looks like you did donate already. " . [ $SymbolForNotification "heart" "<3" ] . "Much appreciated, thanks!") ]); + 117="Enhanced 'packages-update' to support deferred reboot on automatically installed updates."; }; # Migration steps to be applied on script updates diff --git a/packages-update.rsc b/packages-update.rsc index b67346d..552a682 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -18,6 +18,8 @@ :global ScriptLock; :global VersionToNum; +:global PackagesUpdateDeferReboot; + :local Schedule do={ :global RebootForUpdate do={ :global RandomDelay; @@ -109,6 +111,11 @@ $ScriptLock $0; $Schedule; $LogPrintExit2 info $0 ("Scheduled reboot for update between 03:00 and 04:00.") true; } +} else={ + :if ($PackagesUpdateDeferReboot = true) do={ + $Schedule; + $LogPrintExit2 info $0 ("Scheduled reboot for update between 03:00 and 04:00.") true; + } } $LogPrintExit2 info $0 ("Rebooting for update.") false; From 2a4e2e0c075b5dfee095683a65755d8b384ecb72 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 29 Jan 2024 17:55:30 +0100 Subject: [PATCH 104/908] send a warning on storage size --- global-functions.rsc | 2 +- news-and-changes.rsc | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 306a2cc..36fde6c 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -12,7 +12,7 @@ :local 0 "global-functions"; # expected configuration version -:global ExpectedConfigVersion 117; +:global ExpectedConfigVersion 118; # global variables not to be changed by user :global GlobalFunctionsReady false; diff --git a/news-and-changes.rsc b/news-and-changes.rsc index 5186420..b6f5169 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -8,6 +8,8 @@ :global RequiredRouterOS; :global SymbolForNotification; +:local Resource [ /system/resource/get ]; + # News, changes and migration up to change 95: # https://git.eworm.de/cgit/routeros-scripts/plain/global-config.changes?h=change-95 @@ -37,6 +39,10 @@ ("Following the donation hint " . [ $SymbolForNotification "arrow-down" "below" ] . "to keep me motivated is much appreciated. Thanks!") \ ("Looks like you did donate already. " . [ $SymbolForNotification "heart" "<3" ] . "Much appreciated, thanks!") ]); 117="Enhanced 'packages-update' to support deferred reboot on automatically installed updates."; + 118=("RouterOS packages increase in size with each release. This becomes a problem for devices with 16MB storage and below. " . \ + [ $IfThenElse ($Resource->"total-hdd-space" < 16000000) ("Your " . $Resource->"board-name" . " is specifically affected! ") \ + [ $IfThenElse ($Resource->"free-hdd-space" > 4000000) ("(Your " . $Resource->"board-name" . " does not suffer this issue.) ") ] ] . \ + "Huge configuration and lots of scripts give an extra risk. Take care!"); }; # Migration steps to be applied on script updates From 693b2034574583f8020728fe21d67d62babb1f34 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 29 Jan 2024 18:30:13 +0100 Subject: [PATCH 105/908] README: make required software a paragraph --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index b23310a..711455c 100644 --- a/README.md +++ b/README.md @@ -21,6 +21,8 @@ to manage RouterOS devices or extend their functionality. Requirements ------------ +### Software (RouterOS) + Latest version of the scripts require recent RouterOS to function properly. Make sure to install latest updates before you begin. If new functionality or a breaking change in RouterOS `7.n` is used in my scripts I push my From ccd7e6d1ed39b6e0d05cfe1cf367442e5ac90313 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 29 Jan 2024 18:33:58 +0100 Subject: [PATCH 106/908] README: note on required hardware and limitations by storage --- README.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/README.md b/README.md index 711455c..1af718c 100644 --- a/README.md +++ b/README.md @@ -34,6 +34,14 @@ Specific scripts may require even newer RouterOS version. > ℹ️ **Info**: The `main` branch is now RouterOS v7 only. If you are still > running RouterOS v6 switch to `routeros-v6` branch! +### Hardware + +RouterOS packages increase in size with each release. This becomes a +problem for devices with 16MB storage and below, those with an ARM CPU +are specifically affected. + +Huge configuration and lots of scripts give an extra risk. **Take care!** + Initial setup ------------- From 6ad7ca2c1a424395fdb22b62a80591ed23ea602e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Oct 2023 23:37:54 +0200 Subject: [PATCH 107/908] mod/notification-email: drop support for old property name --- mod/notification-email.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index 93cb941..16d2b86 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -3,6 +3,8 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # send notifications via e-mail # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/notification-email.md @@ -43,7 +45,7 @@ } :local EMailSettings [ /tool/e-mail/get ]; - :if ([ :typeof [ :toip [ $EitherOr ($EMailSettings->"server") ($EMailSettings->"address") ] ] ] != "ip" && [ $IsDNSResolving ] = false) do={ + :if ([ :typeof [ :toip ($EMailSettings->"server") ] ] != "ip" && [ $IsDNSResolving ] = false) do={ $LogPrintExit2 debug $0 ("Server address is a DNS name and resolving fails, not flushing.") false; :return false; } @@ -138,7 +140,7 @@ :local Cc [ $EitherOr ($EmailGeneralCcOverride->($Notification->"origin")) $EmailGeneralCc ]; :local EMailSettings [ /tool/e-mail/get ]; - :if ([ :len $To ] = 0 || [ $EitherOr ($EMailSettings->"server") ($EMailSettings->"address") ] = "0.0.0.0" || ($EMailSettings->"from") = "<>") do={ + :if ([ :len $To ] = 0 || ($EMailSettings->"server") = "0.0.0.0" || ($EMailSettings->"from") = "<>") do={ :return false; } From 1bebac2a64bdf966b1af946ce6150c91d78ce09b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 29 Aug 2023 09:08:35 +0200 Subject: [PATCH 108/908] hotspot-to-wpa-cleanup: bump RouterOS version dependency --- hotspot-to-wpa-cleanup.template.rsc | 2 +- hotspot-to-wpa-cleanup.wifi.rsc | 2 +- hotspot-to-wpa-cleanup.wifiwave2.rsc | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc index 45cf06c..a6ee028 100644 --- a/hotspot-to-wpa-cleanup.template.rsc +++ b/hotspot-to-wpa-cleanup.template.rsc @@ -5,7 +5,7 @@ # # provides: lease-script, order=80 # NOT /caps-man/ # -# requires RouterOS, version=7.12beta3 +# requires RouterOS, version=7.12 # NOT /caps-man/ # # # manage and clean up private WPA passphrase after hotspot login diff --git a/hotspot-to-wpa-cleanup.wifi.rsc b/hotspot-to-wpa-cleanup.wifi.rsc index f61f418..79031e9 100644 --- a/hotspot-to-wpa-cleanup.wifi.rsc +++ b/hotspot-to-wpa-cleanup.wifi.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=80 -# requires RouterOS, version=7.12beta3 +# requires RouterOS, version=7.12 # # manage and clean up private WPA passphrase after hotspot login # https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md diff --git a/hotspot-to-wpa-cleanup.wifiwave2.rsc b/hotspot-to-wpa-cleanup.wifiwave2.rsc index 0ff3c3f..fba67ca 100644 --- a/hotspot-to-wpa-cleanup.wifiwave2.rsc +++ b/hotspot-to-wpa-cleanup.wifiwave2.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=80 -# requires RouterOS, version=7.12beta3 +# requires RouterOS, version=7.12 # # manage and clean up private WPA passphrase after hotspot login # https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md From f6f557d80fa48dceba8be1ae7ffc5ab5738038cf Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 29 Jan 2024 22:42:49 +0100 Subject: [PATCH 109/908] accesslist-duplicates: bump RouterOS version dependency --- accesslist-duplicates.capsman.rsc | 2 +- accesslist-duplicates.local.rsc | 2 +- accesslist-duplicates.template.rsc | 2 +- accesslist-duplicates.wifi.rsc | 2 +- accesslist-duplicates.wifiwave2.rsc | 2 +- doc/accesslist-duplicates.md | 2 -- 6 files changed, 5 insertions(+), 7 deletions(-) diff --git a/accesslist-duplicates.capsman.rsc b/accesslist-duplicates.capsman.rsc index d5b55ad..72ce90c 100644 --- a/accesslist-duplicates.capsman.rsc +++ b/accesslist-duplicates.capsman.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12beta1 +# requires RouterOS, version=7.12 # # print duplicate antries in wireless access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md diff --git a/accesslist-duplicates.local.rsc b/accesslist-duplicates.local.rsc index 2904437..7b031f8 100644 --- a/accesslist-duplicates.local.rsc +++ b/accesslist-duplicates.local.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12beta1 +# requires RouterOS, version=7.12 # # print duplicate antries in wireless access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md diff --git a/accesslist-duplicates.template.rsc b/accesslist-duplicates.template.rsc index a2cb3a2..9e21d2d 100644 --- a/accesslist-duplicates.template.rsc +++ b/accesslist-duplicates.template.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12beta1 +# requires RouterOS, version=7.12 # # print duplicate antries in wireless access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md diff --git a/accesslist-duplicates.wifi.rsc b/accesslist-duplicates.wifi.rsc index 0035119..3f8fba7 100644 --- a/accesslist-duplicates.wifi.rsc +++ b/accesslist-duplicates.wifi.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12beta1 +# requires RouterOS, version=7.12 # # print duplicate antries in wireless access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md diff --git a/accesslist-duplicates.wifiwave2.rsc b/accesslist-duplicates.wifiwave2.rsc index 4dfda12..7cc0bf9 100644 --- a/accesslist-duplicates.wifiwave2.rsc +++ b/accesslist-duplicates.wifiwave2.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12beta1 +# requires RouterOS, version=7.12 # # print duplicate antries in wireless access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md diff --git a/doc/accesslist-duplicates.md b/doc/accesslist-duplicates.md index 7cb0bc2..090298e 100644 --- a/doc/accesslist-duplicates.md +++ b/doc/accesslist-duplicates.md @@ -3,8 +3,6 @@ Find and remove access list duplicates [⬅️ Go back to main README](../README.md) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) - > ℹ️️ **Info**: This script can not be used on its own but requires the base > installation. See [main README](../README.md) for details. From 5ac89bad04c338224ab4e71597c7062dfead8225 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 29 Jan 2024 22:43:57 +0100 Subject: [PATCH 110/908] mod/ssh-keys-import: bump RouterOS version dependency --- doc/mod/ssh-keys-import.md | 2 -- mod/ssh-keys-import.rsc | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/doc/mod/ssh-keys-import.md b/doc/mod/ssh-keys-import.md index 5fd95af..1d00882 100644 --- a/doc/mod/ssh-keys-import.md +++ b/doc/mod/ssh-keys-import.md @@ -3,8 +3,6 @@ Import ssh keys for public key authentication [⬅️ Go back to main README](../../README.md) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) - > ℹ️️ **Info**: This module can not be used on its own but requires the base > installation. See [main README](../../README.md) for details. diff --git a/mod/ssh-keys-import.rsc b/mod/ssh-keys-import.rsc index 7f3ed06..b88ef9a 100644 --- a/mod/ssh-keys-import.rsc +++ b/mod/ssh-keys-import.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12beta1 +# requires RouterOS, version=7.12 # # import ssh keys for public key authentication # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/ssh-keys-import.md From 1d4f4d0017b849582fb9b61a97e8219626141cbf Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 111/908] accesslist-duplicates: use :jobname to get script name --- accesslist-duplicates.capsman.rsc | 2 +- accesslist-duplicates.local.rsc | 2 +- accesslist-duplicates.template.rsc | 2 +- accesslist-duplicates.wifi.rsc | 2 +- accesslist-duplicates.wifiwave2.rsc | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/accesslist-duplicates.capsman.rsc b/accesslist-duplicates.capsman.rsc index 72ce90c..a20c05d 100644 --- a/accesslist-duplicates.capsman.rsc +++ b/accesslist-duplicates.capsman.rsc @@ -10,7 +10,7 @@ # # !! Do not edit this file, it is generated from template! -:local 0 "accesslist-duplicates.capsman"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/accesslist-duplicates.local.rsc b/accesslist-duplicates.local.rsc index 7b031f8..0feb9f7 100644 --- a/accesslist-duplicates.local.rsc +++ b/accesslist-duplicates.local.rsc @@ -10,7 +10,7 @@ # # !! Do not edit this file, it is generated from template! -:local 0 "accesslist-duplicates.local"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/accesslist-duplicates.template.rsc b/accesslist-duplicates.template.rsc index 9e21d2d..f350d0c 100644 --- a/accesslist-duplicates.template.rsc +++ b/accesslist-duplicates.template.rsc @@ -11,7 +11,7 @@ # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. -:local 0 "accesslist-duplicates%TEMPL%"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/accesslist-duplicates.wifi.rsc b/accesslist-duplicates.wifi.rsc index 3f8fba7..d5f13f0 100644 --- a/accesslist-duplicates.wifi.rsc +++ b/accesslist-duplicates.wifi.rsc @@ -10,7 +10,7 @@ # # !! Do not edit this file, it is generated from template! -:local 0 "accesslist-duplicates.wifi"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/accesslist-duplicates.wifiwave2.rsc b/accesslist-duplicates.wifiwave2.rsc index 7cc0bf9..24f5967 100644 --- a/accesslist-duplicates.wifiwave2.rsc +++ b/accesslist-duplicates.wifiwave2.rsc @@ -10,7 +10,7 @@ # # !! Do not edit this file, it is generated from template! -:local 0 "accesslist-duplicates.wifiwave2"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 72a03c4dbbc4ba1447864047626a046ff1333b71 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 112/908] backup-cloud: use :jobname to get script name --- backup-cloud.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/backup-cloud.rsc b/backup-cloud.rsc index 155ba5c..58fd37a 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -4,11 +4,12 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: backup-script, order=40 +# requires RouterOS, version=7.12 # # upload backup to MikroTik cloud # https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-cloud.md -:local 0 "backup-cloud"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 26dd16d3b9b512c0bba7adf1a25ae25058cfef2d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 113/908] backup-email: use :jobname to get script name --- backup-email.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/backup-email.rsc b/backup-email.rsc index b087f35..214c067 100644 --- a/backup-email.rsc +++ b/backup-email.rsc @@ -4,11 +4,12 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: backup-script, order=20 +# requires RouterOS, version=7.12 # # create and email backup and config file # https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-email.md -:local 0 "backup-email"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 994d3ef05abed9f7da5b3d0d56f2f8cfe5db0bc3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 114/908] backup-partition: use :jobname to get script name --- backup-partition.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/backup-partition.rsc b/backup-partition.rsc index fe1fa66..e67a001 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -4,11 +4,12 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: backup-script, order=70 +# requires RouterOS, version=7.12 # # save configuration to fallback partition # https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-partition.md -:local 0 "backup-partition"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From b4ac193789ec715da824e31a260d87f8be32e4fe Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 115/908] backup-upload: use :jobname to get script name --- backup-upload.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/backup-upload.rsc b/backup-upload.rsc index 063cfb2..34fda2b 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -4,11 +4,12 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: backup-script, order=50 +# requires RouterOS, version=7.12 # # create and upload backup and config file # https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-upload.md -:local 0 "backup-upload"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 111cb59509608e18e084a307cbd07c3821331e20 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 116/908] capsman-download-packages: use :jobname to get script name --- capsman-download-packages.capsman.rsc | 4 +++- capsman-download-packages.template.rsc | 4 +++- capsman-download-packages.wifi.rsc | 4 +++- capsman-download-packages.wifiwave2.rsc | 4 +++- 4 files changed, 12 insertions(+), 4 deletions(-) diff --git a/capsman-download-packages.capsman.rsc b/capsman-download-packages.capsman.rsc index 58b2f1f..82849f8 100644 --- a/capsman-download-packages.capsman.rsc +++ b/capsman-download-packages.capsman.rsc @@ -4,12 +4,14 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # download and cleanup packages for CAP installation from CAPsMAN # https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-download-packages.md # # !! Do not edit this file, it is generated from template! -:local 0 "capsman-download-packages.capsman"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index 90af59c..3eaa377 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -4,13 +4,15 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # download and cleanup packages for CAP installation from CAPsMAN # https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-download-packages.md # # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. -:local 0 "capsman-download-packages%TEMPL%"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/capsman-download-packages.wifi.rsc b/capsman-download-packages.wifi.rsc index 93caeb9..021521e 100644 --- a/capsman-download-packages.wifi.rsc +++ b/capsman-download-packages.wifi.rsc @@ -4,12 +4,14 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # download and cleanup packages for CAP installation from CAPsMAN # https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-download-packages.md # # !! Do not edit this file, it is generated from template! -:local 0 "capsman-download-packages.wifi"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/capsman-download-packages.wifiwave2.rsc b/capsman-download-packages.wifiwave2.rsc index 49ef625..29dca8a 100644 --- a/capsman-download-packages.wifiwave2.rsc +++ b/capsman-download-packages.wifiwave2.rsc @@ -4,12 +4,14 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # download and cleanup packages for CAP installation from CAPsMAN # https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-download-packages.md # # !! Do not edit this file, it is generated from template! -:local 0 "capsman-download-packages.wifiwave2"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From dfeb6b6d614e4e657367dc6753117227990ebd9b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 117/908] capsman-rolling-upgrade: use :jobname to get script name --- capsman-rolling-upgrade.capsman.rsc | 3 ++- capsman-rolling-upgrade.template.rsc | 3 ++- capsman-rolling-upgrade.wifi.rsc | 3 ++- capsman-rolling-upgrade.wifiwave2.rsc | 3 ++- 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/capsman-rolling-upgrade.capsman.rsc b/capsman-rolling-upgrade.capsman.rsc index 1445d4d..7aa20aa 100644 --- a/capsman-rolling-upgrade.capsman.rsc +++ b/capsman-rolling-upgrade.capsman.rsc @@ -5,13 +5,14 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: capsman-rolling-upgrade +# requires RouterOS, version=7.12 # # upgrade CAPs one after another # https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-rolling-upgrade.md # # !! Do not edit this file, it is generated from template! -:local 0 "capsman-rolling-upgrade.capsman"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/capsman-rolling-upgrade.template.rsc b/capsman-rolling-upgrade.template.rsc index 569cdc1..de0b4d1 100644 --- a/capsman-rolling-upgrade.template.rsc +++ b/capsman-rolling-upgrade.template.rsc @@ -5,6 +5,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: capsman-rolling-upgrade +# requires RouterOS, version=7.12 # # upgrade CAPs one after another # https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-rolling-upgrade.md @@ -12,7 +13,7 @@ # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. -:local 0 "capsman-rolling-upgrade%TEMPL%"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/capsman-rolling-upgrade.wifi.rsc b/capsman-rolling-upgrade.wifi.rsc index 426193d..c17c5a1 100644 --- a/capsman-rolling-upgrade.wifi.rsc +++ b/capsman-rolling-upgrade.wifi.rsc @@ -5,13 +5,14 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: capsman-rolling-upgrade +# requires RouterOS, version=7.12 # # upgrade CAPs one after another # https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-rolling-upgrade.md # # !! Do not edit this file, it is generated from template! -:local 0 "capsman-rolling-upgrade.wifi"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/capsman-rolling-upgrade.wifiwave2.rsc b/capsman-rolling-upgrade.wifiwave2.rsc index a362bae..aff47e4 100644 --- a/capsman-rolling-upgrade.wifiwave2.rsc +++ b/capsman-rolling-upgrade.wifiwave2.rsc @@ -5,13 +5,14 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: capsman-rolling-upgrade +# requires RouterOS, version=7.12 # # upgrade CAPs one after another # https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-rolling-upgrade.md # # !! Do not edit this file, it is generated from template! -:local 0 "capsman-rolling-upgrade.wifiwave2"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 60b218628769a03805a71a60bc31d1d7a002ee89 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 118/908] certificate-renew-issued: use :jobname to get script name --- certificate-renew-issued.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/certificate-renew-issued.rsc b/certificate-renew-issued.rsc index c3b4bdb..c6a819a 100644 --- a/certificate-renew-issued.rsc +++ b/certificate-renew-issued.rsc @@ -3,10 +3,12 @@ # Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # renew locally issued certificates # https://git.eworm.de/cgit/routeros-scripts/about/doc/certificate-renew-issued.md -:local 0 "certificate-renew-issued"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From a43202326bf17eb2a14a5d9949c6025d940b4547 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 119/908] check-certificates: use :jobname to get script name --- check-certificates.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index af0f9b4..00a25b3 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -3,10 +3,12 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # check for certificate validity # https://git.eworm.de/cgit/routeros-scripts/about/doc/check-certificates.md -:local 0 "check-certificates"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 531957703542471a39f8df04d8d180d34ab47d1f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 120/908] check-health: use :jobname to get script name --- check-health.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/check-health.rsc b/check-health.rsc index 52c22ca..5c28d73 100644 --- a/check-health.rsc +++ b/check-health.rsc @@ -3,10 +3,12 @@ # Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # check for RouterOS health state # https://git.eworm.de/cgit/routeros-scripts/about/doc/check-health.md -:local 0 "check-health"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 08bd884810f04d64391a5d52dbada17b8c127e3a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 121/908] check-lte-firmware-upgrade: use :jobname to get script name --- check-lte-firmware-upgrade.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/check-lte-firmware-upgrade.rsc b/check-lte-firmware-upgrade.rsc index d6bda72..6a9074a 100644 --- a/check-lte-firmware-upgrade.rsc +++ b/check-lte-firmware-upgrade.rsc @@ -3,10 +3,12 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # check for LTE firmware upgrade, send notification # https://git.eworm.de/cgit/routeros-scripts/about/doc/check-lte-firmware-upgrade.md -:local 0 "check-lte-firmware-upgrade"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 3412ab771f62e757ae62f48626e0ad0c4255c74d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 122/908] check-routeros-update: use :jobname to get script name --- check-routeros-update.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index 3f7813a..204a0d3 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -3,10 +3,12 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # check for RouterOS update, send notification and/or install # https://git.eworm.de/cgit/routeros-scripts/about/doc/check-routeros-update.md -:local 0 "check-routeros-update"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 02d8455a8709eb219b097bf1c0aed97495cfe92c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 123/908] collect-wireless-mac: use :jobname to get script name --- collect-wireless-mac.capsman.rsc | 3 ++- collect-wireless-mac.local.rsc | 3 ++- collect-wireless-mac.template.rsc | 3 ++- collect-wireless-mac.wifi.rsc | 3 ++- collect-wireless-mac.wifiwave2.rsc | 3 ++- 5 files changed, 10 insertions(+), 5 deletions(-) diff --git a/collect-wireless-mac.capsman.rsc b/collect-wireless-mac.capsman.rsc index 9868733..937d8ce 100644 --- a/collect-wireless-mac.capsman.rsc +++ b/collect-wireless-mac.capsman.rsc @@ -4,13 +4,14 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=40 +# requires RouterOS, version=7.12 # # collect wireless mac adresses in access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md # # !! Do not edit this file, it is generated from template! -:local 0 "collect-wireless-mac.capsman"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/collect-wireless-mac.local.rsc b/collect-wireless-mac.local.rsc index 5252d9f..17f969b 100644 --- a/collect-wireless-mac.local.rsc +++ b/collect-wireless-mac.local.rsc @@ -4,13 +4,14 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=40 +# requires RouterOS, version=7.12 # # collect wireless mac adresses in access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md # # !! Do not edit this file, it is generated from template! -:local 0 "collect-wireless-mac.local"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/collect-wireless-mac.template.rsc b/collect-wireless-mac.template.rsc index df95f52..c5420f1 100644 --- a/collect-wireless-mac.template.rsc +++ b/collect-wireless-mac.template.rsc @@ -4,6 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=40 +# requires RouterOS, version=7.12 # # collect wireless mac adresses in access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md @@ -11,7 +12,7 @@ # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. -:local 0 "collect-wireless-mac%TEMPL%"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/collect-wireless-mac.wifi.rsc b/collect-wireless-mac.wifi.rsc index 40d2a9c..7bc442a 100644 --- a/collect-wireless-mac.wifi.rsc +++ b/collect-wireless-mac.wifi.rsc @@ -4,13 +4,14 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=40 +# requires RouterOS, version=7.12 # # collect wireless mac adresses in access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md # # !! Do not edit this file, it is generated from template! -:local 0 "collect-wireless-mac.wifi"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/collect-wireless-mac.wifiwave2.rsc b/collect-wireless-mac.wifiwave2.rsc index 32e88d5..d2b0e6b 100644 --- a/collect-wireless-mac.wifiwave2.rsc +++ b/collect-wireless-mac.wifiwave2.rsc @@ -4,13 +4,14 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=40 +# requires RouterOS, version=7.12 # # collect wireless mac adresses in access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md # # !! Do not edit this file, it is generated from template! -:local 0 "collect-wireless-mac.wifiwave2"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 3f8d680fe8dfeea8d04ce6b67c74163306326b89 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 124/908] daily-psk.capsman: use :jobname to get script name --- daily-psk.capsman.rsc | 4 +++- daily-psk.local.rsc | 4 +++- daily-psk.template.rsc | 4 +++- daily-psk.wifi.rsc | 4 +++- daily-psk.wifiwave2.rsc | 4 +++- 5 files changed, 15 insertions(+), 5 deletions(-) diff --git a/daily-psk.capsman.rsc b/daily-psk.capsman.rsc index 2260588..f576d1d 100644 --- a/daily-psk.capsman.rsc +++ b/daily-psk.capsman.rsc @@ -4,12 +4,14 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # update daily PSK (pre shared key) # https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md # # !! Do not edit this file, it is generated from template! -:local 0 "daily-psk.capsman"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/daily-psk.local.rsc b/daily-psk.local.rsc index 5478534..da12038 100644 --- a/daily-psk.local.rsc +++ b/daily-psk.local.rsc @@ -4,12 +4,14 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # update daily PSK (pre shared key) # https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md # # !! Do not edit this file, it is generated from template! -:local 0 "daily-psk.local"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/daily-psk.template.rsc b/daily-psk.template.rsc index 1111b64..d1abce2 100644 --- a/daily-psk.template.rsc +++ b/daily-psk.template.rsc @@ -4,13 +4,15 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # update daily PSK (pre shared key) # https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md # # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. -:local 0 "daily-psk%TEMPL%"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/daily-psk.wifi.rsc b/daily-psk.wifi.rsc index 6a621e4..488d921 100644 --- a/daily-psk.wifi.rsc +++ b/daily-psk.wifi.rsc @@ -4,12 +4,14 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # update daily PSK (pre shared key) # https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md # # !! Do not edit this file, it is generated from template! -:local 0 "daily-psk.wifi"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/daily-psk.wifiwave2.rsc b/daily-psk.wifiwave2.rsc index e769a6c..89c5c25 100644 --- a/daily-psk.wifiwave2.rsc +++ b/daily-psk.wifiwave2.rsc @@ -4,12 +4,14 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # update daily PSK (pre shared key) # https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md # # !! Do not edit this file, it is generated from template! -:local 0 "daily-psk.wifiwave2"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 492d3a65a7670a354ee05ccbc37b6c77f0e34ebb Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 125/908] dhcp-lease-comment: use :jobname to get script name --- dhcp-lease-comment.capsman.rsc | 3 ++- dhcp-lease-comment.local.rsc | 3 ++- dhcp-lease-comment.template.rsc | 3 ++- dhcp-lease-comment.wifi.rsc | 3 ++- dhcp-lease-comment.wifiwave2.rsc | 3 ++- 5 files changed, 10 insertions(+), 5 deletions(-) diff --git a/dhcp-lease-comment.capsman.rsc b/dhcp-lease-comment.capsman.rsc index 802063a..a3df2ef 100644 --- a/dhcp-lease-comment.capsman.rsc +++ b/dhcp-lease-comment.capsman.rsc @@ -4,13 +4,14 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=60 +# requires RouterOS, version=7.12 # # update dhcp-server lease comment with infos from access-list # https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md # # !! Do not edit this file, it is generated from template! -:local 0 "dhcp-lease-comment.capsman"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/dhcp-lease-comment.local.rsc b/dhcp-lease-comment.local.rsc index 9ab2d8c..5ccb916 100644 --- a/dhcp-lease-comment.local.rsc +++ b/dhcp-lease-comment.local.rsc @@ -4,13 +4,14 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=60 +# requires RouterOS, version=7.12 # # update dhcp-server lease comment with infos from access-list # https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md # # !! Do not edit this file, it is generated from template! -:local 0 "dhcp-lease-comment.local"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/dhcp-lease-comment.template.rsc b/dhcp-lease-comment.template.rsc index 8916282..02bc18c 100644 --- a/dhcp-lease-comment.template.rsc +++ b/dhcp-lease-comment.template.rsc @@ -4,6 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=60 +# requires RouterOS, version=7.12 # # update dhcp-server lease comment with infos from access-list # https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md @@ -11,7 +12,7 @@ # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. -:local 0 "dhcp-lease-comment%TEMPL%"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/dhcp-lease-comment.wifi.rsc b/dhcp-lease-comment.wifi.rsc index 214e2d5..337f282 100644 --- a/dhcp-lease-comment.wifi.rsc +++ b/dhcp-lease-comment.wifi.rsc @@ -4,13 +4,14 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=60 +# requires RouterOS, version=7.12 # # update dhcp-server lease comment with infos from access-list # https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md # # !! Do not edit this file, it is generated from template! -:local 0 "dhcp-lease-comment.wifi"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/dhcp-lease-comment.wifiwave2.rsc b/dhcp-lease-comment.wifiwave2.rsc index 3860c9a..5c0c513 100644 --- a/dhcp-lease-comment.wifiwave2.rsc +++ b/dhcp-lease-comment.wifiwave2.rsc @@ -4,13 +4,14 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=60 +# requires RouterOS, version=7.12 # # update dhcp-server lease comment with infos from access-list # https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md # # !! Do not edit this file, it is generated from template! -:local 0 "dhcp-lease-comment.wifiwave2"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 6c52bd692b3892634275ac4b57e98fba3c146e18 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 126/908] dhcp-to-dns: use :jobname to get script name --- dhcp-to-dns.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/dhcp-to-dns.rsc b/dhcp-to-dns.rsc index 38e8c79..8dccf35 100644 --- a/dhcp-to-dns.rsc +++ b/dhcp-to-dns.rsc @@ -4,11 +4,12 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=20 +# requires RouterOS, version=7.12 # # check DHCP leases and add/remove/update DNS entries # https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-to-dns.md -:local 0 "dhcp-to-dns"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From c9fcd3419f19f93f98744a5cfb9890a3201a4e0c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 127/908] firmware-upgrade-reboot: use :jobname to get script name --- firmware-upgrade-reboot.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/firmware-upgrade-reboot.rsc b/firmware-upgrade-reboot.rsc index 5c5c14f..adcea73 100644 --- a/firmware-upgrade-reboot.rsc +++ b/firmware-upgrade-reboot.rsc @@ -3,10 +3,12 @@ # Copyright (c) 2022-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # install firmware upgrade, and reboot # https://git.eworm.de/cgit/routeros-scripts/about/doc/firmware-upgrade-reboot.md -:local 0 "firmware-upgrade-reboot"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From afd779c0bb21e47691998372a0316d0122a11035 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 128/908] fw-addr-lists: use :jobname to get script name --- fw-addr-lists.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 50fe41c..bc294d1 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -3,10 +3,12 @@ # Copyright (c) 2023-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # download, import and update firewall address-lists # https://git.eworm.de/cgit/routeros-scripts/about/doc/fw-addr-lists.md -:local 0 "fw-addr-lists"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 4b791b7769c2e2949a38ba1b1d4ee34c9e97a3e8 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 129/908] global-functions: use :jobname to get script name --- global-functions.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 36fde6c..314ea6e 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -9,7 +9,7 @@ # global functions # https://git.eworm.de/cgit/routeros-scripts/about/ -:local 0 "global-functions"; +:local 0 [ :jobname ]; # expected configuration version :global ExpectedConfigVersion 118; From 8afbd5bff54be4f9a7f018589e952893c466e4b5 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 130/908] global-wait: use :jobname to get script name --- global-wait.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/global-wait.rsc b/global-wait.rsc index 448643c..9564a12 100644 --- a/global-wait.rsc +++ b/global-wait.rsc @@ -3,9 +3,11 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # wait for global-functions to finish # https://git.eworm.de/cgit/routeros-scripts/about/doc/global-wait.md -:local 0 "global-wait"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 7d47963c7a6335dfe1847766e67eeef28378b64b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 131/908] gps-track: use :jobname to get script name --- gps-track.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/gps-track.rsc b/gps-track.rsc index cd66250..2e6d50f 100644 --- a/gps-track.rsc +++ b/gps-track.rsc @@ -3,10 +3,12 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # track gps data by sending json data to http server # https://git.eworm.de/cgit/routeros-scripts/about/doc/gps-track.md -:local 0 "gps-track"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 9cf536f89172565a112c629f257bb5ab06e37aac Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 132/908] hotspot-to-wpa: use :jobname to get script name --- hotspot-to-wpa.capsman.rsc | 4 +++- hotspot-to-wpa.template.rsc | 4 +++- hotspot-to-wpa.wifi.rsc | 4 +++- hotspot-to-wpa.wifiwave2.rsc | 4 +++- 4 files changed, 12 insertions(+), 4 deletions(-) diff --git a/hotspot-to-wpa.capsman.rsc b/hotspot-to-wpa.capsman.rsc index 8ea2e6b..db3f430 100644 --- a/hotspot-to-wpa.capsman.rsc +++ b/hotspot-to-wpa.capsman.rsc @@ -3,12 +3,14 @@ # Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # add private WPA passphrase after hotspot login # https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md # # !! Do not edit this file, it is generated from template! -:local 0 "hotspot-to-wpa.capsman"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/hotspot-to-wpa.template.rsc b/hotspot-to-wpa.template.rsc index b6ce561..98369a7 100644 --- a/hotspot-to-wpa.template.rsc +++ b/hotspot-to-wpa.template.rsc @@ -3,13 +3,15 @@ # Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # add private WPA passphrase after hotspot login # https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md # # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. -:local 0 "hotspot-to-wpa%TEMPL%"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/hotspot-to-wpa.wifi.rsc b/hotspot-to-wpa.wifi.rsc index 77afad1..5e07eac 100644 --- a/hotspot-to-wpa.wifi.rsc +++ b/hotspot-to-wpa.wifi.rsc @@ -3,12 +3,14 @@ # Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # add private WPA passphrase after hotspot login # https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md # # !! Do not edit this file, it is generated from template! -:local 0 "hotspot-to-wpa.wifi"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/hotspot-to-wpa.wifiwave2.rsc b/hotspot-to-wpa.wifiwave2.rsc index 0c12d39..751c1bf 100644 --- a/hotspot-to-wpa.wifiwave2.rsc +++ b/hotspot-to-wpa.wifiwave2.rsc @@ -3,12 +3,14 @@ # Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # add private WPA passphrase after hotspot login # https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md # # !! Do not edit this file, it is generated from template! -:local 0 "hotspot-to-wpa.wifiwave2"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 79660f10dbc7ed6881b6f4b98bb368e2048b5ea3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 133/908] hotspot-to-wpa-cleanup: use :jobname to get script name --- hotspot-to-wpa-cleanup.capsman.rsc | 3 ++- hotspot-to-wpa-cleanup.template.rsc | 4 +--- hotspot-to-wpa-cleanup.wifi.rsc | 2 +- hotspot-to-wpa-cleanup.wifiwave2.rsc | 2 +- 4 files changed, 5 insertions(+), 6 deletions(-) diff --git a/hotspot-to-wpa-cleanup.capsman.rsc b/hotspot-to-wpa-cleanup.capsman.rsc index 95ae531..7e8749d 100644 --- a/hotspot-to-wpa-cleanup.capsman.rsc +++ b/hotspot-to-wpa-cleanup.capsman.rsc @@ -4,13 +4,14 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=80 +# requires RouterOS, version=7.12 # # manage and clean up private WPA passphrase after hotspot login # https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md # # !! Do not edit this file, it is generated from template! -:local 0 "hotspot-to-wpa-cleanup.capsman"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc index a6ee028..b7b4d9c 100644 --- a/hotspot-to-wpa-cleanup.template.rsc +++ b/hotspot-to-wpa-cleanup.template.rsc @@ -4,9 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=80 -# NOT /caps-man/ # # requires RouterOS, version=7.12 -# NOT /caps-man/ # # # manage and clean up private WPA passphrase after hotspot login # https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md @@ -14,7 +12,7 @@ # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. -:local 0 "hotspot-to-wpa-cleanup%TEMPL%"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/hotspot-to-wpa-cleanup.wifi.rsc b/hotspot-to-wpa-cleanup.wifi.rsc index 79031e9..4e9eda2 100644 --- a/hotspot-to-wpa-cleanup.wifi.rsc +++ b/hotspot-to-wpa-cleanup.wifi.rsc @@ -11,7 +11,7 @@ # # !! Do not edit this file, it is generated from template! -:local 0 "hotspot-to-wpa-cleanup.wifi"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } diff --git a/hotspot-to-wpa-cleanup.wifiwave2.rsc b/hotspot-to-wpa-cleanup.wifiwave2.rsc index fba67ca..afa0c2d 100644 --- a/hotspot-to-wpa-cleanup.wifiwave2.rsc +++ b/hotspot-to-wpa-cleanup.wifiwave2.rsc @@ -11,7 +11,7 @@ # # !! Do not edit this file, it is generated from template! -:local 0 "hotspot-to-wpa-cleanup.wifiwave2"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From aca18f9cc25247d8edfe33675e7891fbfe020977 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 134/908] ipsec-to-dns: use :jobname to get script name --- ipsec-to-dns.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/ipsec-to-dns.rsc b/ipsec-to-dns.rsc index aed7e56..512ef68 100644 --- a/ipsec-to-dns.rsc +++ b/ipsec-to-dns.rsc @@ -3,10 +3,12 @@ # Copyright (c) 2021-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # and add/remove/update DNS entries from IPSec mode-config # https://git.eworm.de/cgit/routeros-scripts/about/doc/ipsec-to-dns.md -:local 0 "ipsec-to-dns"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 19e759d8fb4cf9de2ac6fa9989e01259ddb05609 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 135/908] ipv6-update: use :jobname to get script name --- ipv6-update.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/ipv6-update.rsc b/ipv6-update.rsc index 2e905e4..1d7207b 100644 --- a/ipv6-update.rsc +++ b/ipv6-update.rsc @@ -3,10 +3,12 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # update firewall and dns settings on IPv6 prefix change # https://git.eworm.de/cgit/routeros-scripts/about/doc/ipv6-update.md -:local 0 "ipv6-update"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From b4d666ef1d20dc833230245e09cd9c18a840a2cf Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 136/908] lease-script: use :jobname to get script name --- lease-script.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lease-script.rsc b/lease-script.rsc index 35fa7b4..aae74f8 100644 --- a/lease-script.rsc +++ b/lease-script.rsc @@ -3,10 +3,12 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # run scripts on DHCP lease # https://git.eworm.de/cgit/routeros-scripts/about/doc/lease-script.md -:local 0 "lease-script"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 4653c94f3f735d439b9ce9448644392aaa41a48b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 137/908] log-forward: use :jobname to get script name --- log-forward.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/log-forward.rsc b/log-forward.rsc index 1067184..a789f25 100644 --- a/log-forward.rsc +++ b/log-forward.rsc @@ -3,10 +3,12 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # forward log messages via notification # https://git.eworm.de/cgit/routeros-scripts/about/doc/log-forward.md -:local 0 "log-forward"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 5d40075e442993ad2bed2f646b91bfa987906469 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:18 +0100 Subject: [PATCH 138/908] mode-button: use :jobname to get script name --- mode-button.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/mode-button.rsc b/mode-button.rsc index 3c3e37e..372b2de 100644 --- a/mode-button.rsc +++ b/mode-button.rsc @@ -3,10 +3,12 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # act on multiple mode and reset button presses # https://git.eworm.de/cgit/routeros-scripts/about/doc/mode-button.md -:local 0 "mode-button"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 80f587ddb555267bfe5f4344dc4e10cc268e2bc3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:19 +0100 Subject: [PATCH 139/908] netwatch-dns: use :jobname to get script name --- netwatch-dns.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/netwatch-dns.rsc b/netwatch-dns.rsc index 86d59c7..3b98a32 100644 --- a/netwatch-dns.rsc +++ b/netwatch-dns.rsc @@ -3,10 +3,12 @@ # Copyright (c) 2022-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # monitor and manage dns/doh with netwatch # https://git.eworm.de/cgit/routeros-scripts/about/doc/netwatch-dns.md -:local 0 "netwatch-dns"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 45fda69d3be56ba7d7b320125a9d2613ff7a1b0f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:19 +0100 Subject: [PATCH 140/908] netwatch-notify: use :jobname to get script name --- netwatch-notify.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index 2586c09..ae9c8a8 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -3,10 +3,12 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # monitor netwatch and send notifications # https://git.eworm.de/cgit/routeros-scripts/about/doc/netwatch-notify.md -:local 0 "netwatch-notify"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From cbdfa98576195969b8b6284127ab120b84859f13 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:19 +0100 Subject: [PATCH 141/908] ospf-to-leds: use :jobname to get script name --- ospf-to-leds.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/ospf-to-leds.rsc b/ospf-to-leds.rsc index 416fc0e..47e1d41 100644 --- a/ospf-to-leds.rsc +++ b/ospf-to-leds.rsc @@ -3,10 +3,12 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # visualize ospf instance state via leds # https://git.eworm.de/cgit/routeros-scripts/about/doc/ospf-to-leds.md -:local 0 "ospf-to-leds"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 322466fd00c54410f34f1f370b038ba182cf3833 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:19 +0100 Subject: [PATCH 142/908] packages-update: use :jobname to get script name --- packages-update.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/packages-update.rsc b/packages-update.rsc index 552a682..a7ddc19 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -3,10 +3,12 @@ # Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # download packages and reboot for installation # https://git.eworm.de/cgit/routeros-scripts/about/doc/packages-update.md -:local 0 "packages-update"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 791b04bbe4deefe51274eea010465c9805637910 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:19 +0100 Subject: [PATCH 143/908] ppp-on-up: use :jobname to get script name --- ppp-on-up.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/ppp-on-up.rsc b/ppp-on-up.rsc index ad19fc6..ad09fdc 100644 --- a/ppp-on-up.rsc +++ b/ppp-on-up.rsc @@ -3,10 +3,12 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # run scripts on ppp up # https://git.eworm.de/cgit/routeros-scripts/about/doc/ppp-on-up.md -:local 0 "ppp-on-up"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 58748eea3c62f77e2090ccc937b4a2d240a17213 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:19 +0100 Subject: [PATCH 144/908] sms-action: use :jobname to get script name --- sms-action.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sms-action.rsc b/sms-action.rsc index b553762..49b6cd5 100644 --- a/sms-action.rsc +++ b/sms-action.rsc @@ -3,10 +3,12 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # run action on received SMS # https://git.eworm.de/cgit/routeros-scripts/about/doc/sms-action.md -:local 0 "sms-action"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 6e54c7c30be20d027065ffc35e852cf9383d11b7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:19 +0100 Subject: [PATCH 145/908] sms-forward: use :jobname to get script name --- sms-forward.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sms-forward.rsc b/sms-forward.rsc index fb4d73c..f6d8e12 100644 --- a/sms-forward.rsc +++ b/sms-forward.rsc @@ -4,10 +4,12 @@ # Anatoly Bubenkov # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # forward SMS to e-mail # https://git.eworm.de/cgit/routeros-scripts/about/doc/sms-forward.md -:local 0 "sms-forward"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 24b681761b3f29b30fcaf0672f293c77972931b1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:19 +0100 Subject: [PATCH 146/908] telegram-chat: use :jobname to get script name --- telegram-chat.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/telegram-chat.rsc b/telegram-chat.rsc index 986df03..d8f917b 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -3,10 +3,12 @@ # Copyright (c) 2023-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # use Telegram to chat with your Router and send commands # https://git.eworm.de/cgit/routeros-scripts/about/doc/telegram-chat.md -:local 0 "telegram-chat"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From af7031cc5689d38f19fdc0db4eef5802421b7ba1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:19 +0100 Subject: [PATCH 147/908] update-gre-address: use :jobname to get script name --- update-gre-address.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/update-gre-address.rsc b/update-gre-address.rsc index 5a5fd45..c5c699b 100644 --- a/update-gre-address.rsc +++ b/update-gre-address.rsc @@ -3,11 +3,13 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.12 +# # update gre interface remote address with dynamic address from # ipsec remote peer # https://git.eworm.de/cgit/routeros-scripts/about/doc/update-gre-address.md -:local 0 "update-gre-address"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From b679eefcf73a8901c44a61494b419969ff4ee468 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 Nov 2023 21:31:19 +0100 Subject: [PATCH 148/908] update-tunnelbroker: use :jobname to get script name --- update-tunnelbroker.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/update-tunnelbroker.rsc b/update-tunnelbroker.rsc index bfe0bfc..4d4379a 100644 --- a/update-tunnelbroker.rsc +++ b/update-tunnelbroker.rsc @@ -5,11 +5,12 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: ppp-on-up +# requires RouterOS, version=7.12 # # update local address of tunnelbroker interface # https://git.eworm.de/cgit/routeros-scripts/about/doc/update-tunnelbroker.md -:local 0 "update-tunnelbroker"; +:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 07cdeadf43009a82be0f8cfc5e09fc450e0df26d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 30 Jan 2024 07:10:51 +0100 Subject: [PATCH 149/908] log-forward: use $MAX --- log-forward.rsc | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/log-forward.rsc b/log-forward.rsc index a789f25..69fa1f1 100644 --- a/log-forward.rsc +++ b/log-forward.rsc @@ -25,6 +25,7 @@ :global IfThenElse; :global LogForwardFilterLogForwarding; :global LogPrintExit2; +:global MAX; :global ScriptLock; :global SendNotification2; :global SymbolForNotification; @@ -91,7 +92,5 @@ $ScriptLock $0; :set LogForwardLast ($MessageVal->".id"); } else={ - :if ($LogForwardRateLimit > 0) do={ - :set LogForwardRateLimit ($LogForwardRateLimit - 1); - } + :set LogForwardRateLimit [ $MAX 0 ($LogForwardRateLimit - 1) ]; } From 5b6ed4216e20df9c3d188d72ddab93d490a881db Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 30 Jan 2024 07:18:38 +0100 Subject: [PATCH 150/908] global-functions: $ScriptInstallUpdate: warn just once... ... for every script on required RouterOS version. --- global-functions.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 314ea6e..d8d688c 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -951,6 +951,7 @@ :global Grep; :global IfThenElse; :global LogPrintExit2; + :global LogPrintOnce; :global ParseKeyValueStore; :global RequiredRouterOS; :global SendNotification2; @@ -1026,7 +1027,7 @@ "' failed! Ignoring!") false; } } else={ - $LogPrintExit2 warning $0 ("The script '" . $ScriptVal->"name" . "' requires RouterOS " . \ + $LogPrintOnce warning $0 ("The script '" . $ScriptVal->"name" . "' requires RouterOS " . \ $Required . ", which is not met by your installation. Ignoring!") false; } } else={ From fb463419fe19f9451a1ebb8d70669407c45ca1cd Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 30 Jan 2024 15:00:31 +0100 Subject: [PATCH 151/908] check-certificates: always quote the certificate name --- check-certificates.rsc | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index 00a25b3..1487a3e 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -60,7 +60,7 @@ /file/remove [ find where name=$CertFileName ]; :if ($DecryptionFailed = true) do={ - $LogPrintExit2 warning $0 ("Decryption failed for certificate file " . $CertFileName) false; + $LogPrintExit2 warning $0 ("Decryption failed for certificate file '" . $CertFileName . "'.") false; } :foreach CertInChain in=[ /certificate/find where name~("^" . [ $EscapeForRegEx $CertFileName ] . "_[0-9]+\$") \ @@ -70,7 +70,7 @@ :set Return true; } on-error={ - $LogPrintExit2 debug $0 ("Could not download certificate file " . $CertFileName) false; + $LogPrintExit2 debug $0 ("Could not download certificate file '" . $CertFileName . "'.") false; } } @@ -137,7 +137,7 @@ $WaitFullyConnected; :if ([ :len $CertRenewUrl ] = 0) do={ $LogPrintExit2 info $0 ("No CertRenewUrl given.") true; } - $LogPrintExit2 info $0 ("Attempting to renew certificate " . ($CertVal->"name") . ".") false; + $LogPrintExit2 info $0 ("Attempting to renew certificate '" . ($CertVal->"name") . "'.") false; :local ImportSuccess false; :set LastName ($CertVal->"common-name"); @@ -185,9 +185,9 @@ $WaitFullyConnected; $SendNotification2 ({ origin=$0; silent=true; \ subject=([ $SymbolForNotification "lock-with-ink-pen" ] . "Certificate renewed: " . ($CertVal->"name")); \ message=("A certificate on " . $Identity . " has been renewed.\n\n" . [ $FormatInfo $CertNew ]) }); - $LogPrintExit2 info $0 ("The certificate " . ($CertVal->"name") . " has been renewed.") false; + $LogPrintExit2 info $0 ("The certificate '" . ($CertVal->"name") . "' has been renewed.") false; } on-error={ - $LogPrintExit2 debug $0 ("Could not renew certificate " . ($CertVal->"name") . ".") false; + $LogPrintExit2 debug $0 ("Could not renew certificate '" . ($CertVal->"name") . "'.") false; } } @@ -196,14 +196,14 @@ $WaitFullyConnected; :local CertVal [ /certificate/get $Cert ]; :if ([ :len [ /certificate/scep-server/find where ca-cert=($CertVal->"ca") ] ] > 0) do={ - $LogPrintExit2 debug $0 ("Certificate \"" . ($CertVal->"name") . "\" is handled by SCEP, skipping.") false; + $LogPrintExit2 debug $0 ("Certificate '" . ($CertVal->"name") . "' is handled by SCEP, skipping.") false; } else={ :local State [ $IfThenElse (($CertVal->"expired") = true) "expired" "is about to expire" ]; $SendNotification2 ({ origin=$0; \ subject=([ $SymbolForNotification "warning-sign" ] . "Certificate warning: " . ($CertVal->"name")); \ message=("A certificate on " . $Identity . " " . $State . ".\n\n" . [ $FormatInfo $Cert ]) }); - $LogPrintExit2 info $0 ("The certificate " . ($CertVal->"name") . " " . $State . \ + $LogPrintExit2 info $0 ("The certificate '" . ($CertVal->"name") . "' " . $State . \ ", it is invalid after " . ($CertVal->"invalid-after") . ".") false; } } From ed28ade712e6ba3e699aacdce42a2c7f98a04245 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 31 Jan 2024 15:32:35 +0100 Subject: [PATCH 152/908] global-functions: $IsDNSResolving: drop declaration of unused function --- global-functions.rsc | 2 -- 1 file changed, 2 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index d8d688c..66dc9fa 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -546,8 +546,6 @@ # check if DNS is resolving :set IsDNSResolving do={ - :global CharacterReplace; - :do { :resolve "low-ttl.eworm.de"; } on-error={ From b548ffee5943d077ec3db352f7a08f075850ce26 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 31 Jan 2024 15:34:40 +0100 Subject: [PATCH 153/908] global-functions: $MkDir: drop declaration of unused functions --- global-functions.rsc | 2 -- 1 file changed, 2 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 66dc9fa..452b9d1 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -713,9 +713,7 @@ :set MkDir do={ :local Path [ :tostr $1 ]; - :global CharacterReplace; :global CleanFilePath; - :global GetRandom20CharAlNum; :global LogPrintExit2; :global WaitForFile; From 09988d9892dd3c5894f13b3e9dd3cd63b107c5eb Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 31 Jan 2024 15:27:13 +0100 Subject: [PATCH 154/908] global-functions: introduce $CleanName --- global-functions.rsc | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 452b9d1..3c3e2e1 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -27,6 +27,7 @@ :global CharacterMultiply; :global CharacterReplace; :global CleanFilePath; +:global CleanName; :global DeviceInfo; :global Dos2Unix; :global DownloadPackage; @@ -222,6 +223,24 @@ :return $Path; } +# clean name for DNS, file and more +:set CleanName do={ + :local Input [ :tostr $1 ]; + + :local Return ""; + + :for I from=0 to=([ :len $Input ] - 1) do={ + :local Char [ :pick $Input $I ]; + :if ([ :typeof [ find "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-" $Char ] ] = "nil") do={ + :set Char "-"; + } + :if ($Char != "-" || [ :pick $Return ([ :len $Return ] - 1) ] != "-") do={ + :set Return ($Return . $Char); + } + } + :return $Return; +} + # get readable device info :set DeviceInfo do={ :global ExpectedConfigVersion; From 821dd02e5e5c5274ee5d80a742859447c2f79d17 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 31 Jan 2024 15:31:07 +0100 Subject: [PATCH 155/908] global-functions: $CertificateNameByCN: use $CleanName --- global-functions.rsc | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 3c3e2e1..d37b34b 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -168,11 +168,10 @@ :set CertificateNameByCN do={ :local CommonName [ :tostr $1 ]; - :global CharacterReplace; + :global CleanName; :local Cert [ /certificate/find where common-name=$CommonName ]; - /certificate/set $Cert \ - name=[ $CharacterReplace [ $CharacterReplace [ $CharacterReplace $CommonName "'" "-" ] " " "-" ] "---" "-" ]; + /certificate/set $Cert name=[ $CleanName $CommonName ]; } # multiply given character(s) From c5714e5dc819ce00d550a749d46b023cbf37fef0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 31 Jan 2024 15:29:54 +0100 Subject: [PATCH 156/908] dhcp-to-dns: use $CleanName --- dhcp-to-dns.rsc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/dhcp-to-dns.rsc b/dhcp-to-dns.rsc index 8dccf35..a8ae466 100644 --- a/dhcp-to-dns.rsc +++ b/dhcp-to-dns.rsc @@ -16,7 +16,7 @@ :global Domain; :global Identity; -:global CharacterReplace; +:global CleanName; :global EitherOr; :global IfThenElse; :global LogPrintExit2; @@ -65,8 +65,8 @@ $ScriptLock $0 false 10; :if ([ :len ($LeaseVal->"active-address") ] > 0) do={ :local Comment ($CommentPrefix . ", macaddress=" . $LeaseVal->"active-mac-address" . ", server=" . $LeaseVal->"server"); - :local MacDash [ $CharacterReplace ($LeaseVal->"active-mac-address") ":" "-" ]; - :local HostName [ $CharacterReplace [ $EitherOr ([ $ParseKeyValueStore ($LeaseVal->"comment") ]->"hostname") ($LeaseVal->"host-name") ] " " "" ]; + :local MacDash [ $CleanName ($LeaseVal->"active-mac-address") ]; + :local HostName [ $CleanName [ $EitherOr ([ $ParseKeyValueStore ($LeaseVal->"comment") ]->"hostname") ($LeaseVal->"host-name") ] ]; :local Network [ /ip/dhcp-server/network/find where ($LeaseVal->"active-address") in address ]; :local NetworkVal; :if ([ :len $Network ] > 0) do={ From d0ff07b3cc64450c0a0f33d7e532cfd189936799 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 31 Jan 2024 15:37:01 +0100 Subject: [PATCH 157/908] backup-email: use $CleanName --- backup-email.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backup-email.rsc b/backup-email.rsc index 214c067..86f9003 100644 --- a/backup-email.rsc +++ b/backup-email.rsc @@ -21,7 +21,7 @@ :global Domain; :global Identity; -:global CharacterReplace; +:global CleanName; :global DeviceInfo; :global FormatLine; :global LogPrintExit2; @@ -52,7 +52,7 @@ $WaitFullyConnected; # filename based on identity :local DirName ("tmpfs/" . $0); -:local FileName [ $CharacterReplace ($Identity . "." . $Domain) "." "_" ]; +:local FileName [ $CleanName ($Identity . "." . $Domain) ]; :local FilePath ($DirName . "/" . $FileName); :local BackupFile "none"; :local ExportFile "none"; From c1568a33ddb848f958ac748923484887b743a0e7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 31 Jan 2024 15:37:41 +0100 Subject: [PATCH 158/908] backup-upload: use $CleanName --- backup-upload.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backup-upload.rsc b/backup-upload.rsc index 34fda2b..05bc3ff 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -24,7 +24,7 @@ :global Domain; :global Identity; -:global CharacterReplace; +:global CleanName; :global DeviceInfo; :global IfThenElse; :global LogPrintExit2; @@ -51,7 +51,7 @@ $WaitFullyConnected; # filename based on identity :local DirName ("tmpfs/" . $0); -:local FileName [ $CharacterReplace ($Identity . "." . $Domain) "." "_" ]; +:local FileName [ $CleanName ($Identity . "." . $Domain) ]; :local FilePath ($DirName . "/" . $FileName); :local BackupFile "none"; :local ExportFile "none"; From 237dcd7261a33a4c222df486a8b895a496ef0ef3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 31 Jan 2024 14:33:00 +0100 Subject: [PATCH 159/908] packages-update: prepare message and mention time zone --- packages-update.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/packages-update.rsc b/packages-update.rsc index a7ddc19..3e18413 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -107,16 +107,18 @@ $ScriptLock $0; /system/package/downgrade; } +:local Message ("Scheduled reboot for update between 3 AM and 4 AM local time (" . \ + [ /system/clock/get time-zone-name ] . ")."); :if ([ $ScriptFromTerminal $0 ] = true) do={ :put "Do you want to (s)chedule reboot or (r)eboot now? [s/R]"; :if (([ /terminal/inkey timeout=60 ] % 32) = 19) do={ $Schedule; - $LogPrintExit2 info $0 ("Scheduled reboot for update between 03:00 and 04:00.") true; + $LogPrintExit2 info $0 $Message true; } } else={ :if ($PackagesUpdateDeferReboot = true) do={ $Schedule; - $LogPrintExit2 info $0 ("Scheduled reboot for update between 03:00 and 04:00.") true; + $LogPrintExit2 info $0 $Message true; } } From 461f7b6e76c39c941a3b38a6633df46c3d13a278 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 31 Jan 2024 17:46:31 +0100 Subject: [PATCH 160/908] packages-update: move output and logging to local function... ... and pass script name for clean logging. --- packages-update.rsc | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/packages-update.rsc b/packages-update.rsc index 3e18413..8b7d617 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -23,14 +23,19 @@ :global PackagesUpdateDeferReboot; :local Schedule do={ + :global LogPrintExit2; + :global RebootForUpdate do={ :global RandomDelay; $RandomDelay 3600; /system/reboot; } + /system/scheduler/add name="_RebootForUpdate" start-time=03:00:00 interval=1d \ on-event=("/system/scheduler/remove \"_RebootForUpdate\"; " . \ ":global RebootForUpdate; \$RebootForUpdate;"); + $LogPrintExit2 info $1 ("Scheduled reboot for update between 3 AM and 4 AM local time (" . \ + [ /system/clock/get time-zone-name ] . ").") true; } $ScriptLock $0; @@ -107,18 +112,14 @@ $ScriptLock $0; /system/package/downgrade; } -:local Message ("Scheduled reboot for update between 3 AM and 4 AM local time (" . \ - [ /system/clock/get time-zone-name ] . ")."); :if ([ $ScriptFromTerminal $0 ] = true) do={ :put "Do you want to (s)chedule reboot or (r)eboot now? [s/R]"; :if (([ /terminal/inkey timeout=60 ] % 32) = 19) do={ - $Schedule; - $LogPrintExit2 info $0 $Message true; + $Schedule $0; } } else={ :if ($PackagesUpdateDeferReboot = true) do={ - $Schedule; - $LogPrintExit2 info $0 $Message true; + $Schedule $0; } } From 64e53a7d32106e334cedeab48e5d9fc4499cd9f0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 31 Jan 2024 17:52:48 +0100 Subject: [PATCH 161/908] packages-update: schedule reboot at pre-calculated time --- doc/packages-update.md | 5 ++++- packages-update.rsc | 10 +++++----- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/doc/packages-update.md b/doc/packages-update.md index 280c420..b3acf89 100644 --- a/doc/packages-update.md +++ b/doc/packages-update.md @@ -40,7 +40,10 @@ Configuration The configuration goes to `global-config-overlay`, this is the only parameter: * `PackagesUpdateDeferReboot`: defer the reboot for night (between 3 AM - and 4 AM) + and 5 AM) + +By modifying the scheduler's `start-time` you can force the reboot at +different time. > ℹ️ **Info**: Copy relevant configuration from > [`global-config`](../global-config.rsc) (the one without `-overlay`) to diff --git a/packages-update.rsc b/packages-update.rsc index 8b7d617..863d273 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -23,19 +23,19 @@ :global PackagesUpdateDeferReboot; :local Schedule do={ + :global GetRandomNumber; :global LogPrintExit2; :global RebootForUpdate do={ - :global RandomDelay; - $RandomDelay 3600; /system/reboot; } - /system/scheduler/add name="_RebootForUpdate" start-time=03:00:00 interval=1d \ + :local StartTime [ :tostr [ :totime (10800 + [ $GetRandomNumber 7200 ]) ] ]; + /system/scheduler/add name="_RebootForUpdate" start-time=$StartTime interval=1d \ on-event=("/system/scheduler/remove \"_RebootForUpdate\"; " . \ ":global RebootForUpdate; \$RebootForUpdate;"); - $LogPrintExit2 info $1 ("Scheduled reboot for update between 3 AM and 4 AM local time (" . \ - [ /system/clock/get time-zone-name ] . ").") true; + $LogPrintExit2 info $1 ("Scheduled reboot for update at " . $StartTime . \ + " local time (" . [ /system/clock/get time-zone-name ] . ").") true; } $ScriptLock $0; From ed00c0877f18c7e551ffa6082c62262081f8e81a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 1 Feb 2024 15:39:39 +0100 Subject: [PATCH 162/908] INITIAL-COMMANDS: link initial commands above --- INITIAL-COMMANDS.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/INITIAL-COMMANDS.md b/INITIAL-COMMANDS.md index 9d49851..c58662b 100644 --- a/INITIAL-COMMANDS.md +++ b/INITIAL-COMMANDS.md @@ -37,10 +37,11 @@ Then continue setup with ## Fix existing installation -The commands above allow to fix an existing installation in case it ever -breaks. If `global-config-overlay` did exist before it is renamed with a -date and time suffix (like `global-config-overlay-2024-01-25-09:33:12`). -Make sure to restore the configuration overlay if required. +The [initial commands](#initial-commands) above allow to fix an existing +installation in case it ever breaks. If `global-config-overlay` did exist +before it is renamed with a date and time suffix (like +`global-config-overlay-2024-01-25-09:33:12`). Make sure to restore the +configuration overlay if required. --- [⬅️ Go back to main README](README.md) From 77ef9b2c9593b88b11bc3f2616b8ac9d1f8f2d4c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 2 Feb 2024 10:40:59 +0100 Subject: [PATCH 163/908] backup-partition: use plain variable for name --- backup-partition.rsc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/backup-partition.rsc b/backup-partition.rsc index e67a001..075ca95 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -28,13 +28,13 @@ $ScriptLock $0; $LogPrintExit2 error $0 ("Device is not running from active partition.") true; } -:local ActiveRunningVar [ /partitions/get $ActiveRunning ]; +:local FallbackTo [ /partitions/get $ActiveRunning fallback-to ]; :do { - /partitions/save-config-to ($ActiveRunningVar->"fallback-to"); + /partitions/save-config-to $FallbackTo; $LogPrintExit2 info $0 ("Saved configuration to partition '" . \ - ($ActiveRunningVar->"fallback-to") . "'.") false; + $FallbackTo . "'.") false; } on-error={ $LogPrintExit2 error $0 ("Failed saving configuration to partition '" . \ - ($ActiveRunningVar->"fallback-to") . "'!") true; + $FallbackTo . "'!") true; } From 0694d9af3ec5d7fdee7aad25ec132c4e3f9b2faf Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 2 Feb 2024 10:43:15 +0100 Subject: [PATCH 164/908] backup-partition: add a scheduler in backup... ... that logs a warning when backup is booted. --- backup-partition.rsc | 4 ++++ doc/backup-partition.md | 5 +++++ 2 files changed, 9 insertions(+) diff --git a/backup-partition.rsc b/backup-partition.rsc index 075ca95..5d131c9 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -31,7 +31,11 @@ $ScriptLock $0; :local FallbackTo [ /partitions/get $ActiveRunning fallback-to ]; :do { + /system/scheduler/add start-time=startup \ + name=("running-from-" . $FallbackTo) \ + on-event=(":log warning \"Running from partition '" . $FallbackTo . "'!"); /partitions/save-config-to $FallbackTo; + /system/scheduler/remove ("running-from-" . $FallbackTo); $LogPrintExit2 info $0 ("Saved configuration to partition '" . \ $FallbackTo . "'.") false; } on-error={ diff --git a/doc/backup-partition.md b/doc/backup-partition.md index e95422c..0c64647 100644 --- a/doc/backup-partition.md +++ b/doc/backup-partition.md @@ -15,6 +15,10 @@ This script saves the current configuration to fallback For this to work you need a device with sufficient flash storage that is properly partitioned. +To make you aware of a possible issue a scheduler logging a warning is +added in the backup partition's configuration. You may want to use +[log-forward](log-forward.md) to be notified. + Requirements and installation ----------------------------- @@ -39,6 +43,7 @@ See also * [Upload backup to Mikrotik cloud](backup-cloud.md) * [Send backup via e-mail](backup-email.md) * [Upload backup to server](backup-upload.md) +* [Forward log messages via notification](log-forward.md) --- [⬅️ Go back to main README](../README.md) From 7b30af90b707e6b0fe8629722bd17605e1e09b93 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 2 Feb 2024 10:53:31 +0100 Subject: [PATCH 165/908] backup-partition: get the actual real name... ... to prevent confusion after restore. --- backup-partition.rsc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/backup-partition.rsc b/backup-partition.rsc index 5d131c9..0eaf166 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -31,11 +31,11 @@ $ScriptLock $0; :local FallbackTo [ /partitions/get $ActiveRunning fallback-to ]; :do { - /system/scheduler/add start-time=startup \ - name=("running-from-" . $FallbackTo) \ - on-event=(":log warning \"Running from partition '" . $FallbackTo . "'!"); + /system/scheduler/add start-time=startup name="running-from-backup-partition" \ + on-event=(":log warning (\"Running from partition '\" . " . \ + "[ /partitions/get [ find where running ] name ] . \"'!\")"); /partitions/save-config-to $FallbackTo; - /system/scheduler/remove ("running-from-" . $FallbackTo); + /system/scheduler/remove "running-from-backup-partition"; $LogPrintExit2 info $0 ("Saved configuration to partition '" . \ $FallbackTo . "'.") false; } on-error={ From c21da0454b60b45e5e8619c3327c3b4101d89e0c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 2 Feb 2024 11:07:36 +0100 Subject: [PATCH 166/908] backup-partition: make sure to remove the scheduler on failure --- backup-partition.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/backup-partition.rsc b/backup-partition.rsc index 0eaf166..1db5e1d 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -39,6 +39,7 @@ $ScriptLock $0; $LogPrintExit2 info $0 ("Saved configuration to partition '" . \ $FallbackTo . "'.") false; } on-error={ + /system/scheduler/remove [ find where name="running-from-backup-partition" ]; $LogPrintExit2 error $0 ("Failed saving configuration to partition '" . \ $FallbackTo . "'!") true; } From 53b09529a85613e42e9010064856e6b352d34ea1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 2 Feb 2024 12:01:09 +0100 Subject: [PATCH 167/908] doc/backup-partition: add warning about RouterOS version --- doc/backup-partition.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/doc/backup-partition.md b/doc/backup-partition.md index 0c64647..18edc0c 100644 --- a/doc/backup-partition.md +++ b/doc/backup-partition.md @@ -19,6 +19,10 @@ To make you aware of a possible issue a scheduler logging a warning is added in the backup partition's configuration. You may want to use [log-forward](log-forward.md) to be notified. +> ⚠️ **Warning**: Only the configuration is saved to backup partition. +> Every now and then you should copy your installation over for a recent +> RouterOS version! + Requirements and installation ----------------------------- From 643f15a0b9d55a8d7dbce2f0cd6280cf7ecdfddb Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 31 Jan 2024 20:52:16 +0100 Subject: [PATCH 168/908] introduce BRANCHES info --- BRANCHES.md | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 BRANCHES.md diff --git a/BRANCHES.md b/BRANCHES.md new file mode 100644 index 0000000..c431711 --- /dev/null +++ b/BRANCHES.md @@ -0,0 +1,43 @@ +Installing from branches +======================== + +[⬅️ Go back to main README](README.md) + +> ⚠️ **Warning**: Living on the edge? Great, read on! +> If not: Please use the `main` branch and leave this page! + +These scripts are developed in a [git](https://git-scm.com/) repository. +Development and experimental branches are used to provide early access +for specific changes. You can install scripts from these branches +for testing. + +## Install single script + +To install a single script from `next` branch: + + $ScriptInstallUpdate script-name "url-suffix=?h=next"; + +## Switch existing script + +Alternatively switch an existing script to update from `next` branch: + + /system/script/set comment="url-suffix=?h=next" script-name; + $ScriptInstallUpdate; + +## Switch installation + +Last but not least - to switch the complete installation to the `next` +branch edit `global-config-overlay` and add: + + :global ScriptUpdatesUrlSuffix "?h=next"; + +... then reload the configuration and update: + + /system/script/run global-config; + $ScriptInstallUpdate; + +> ℹ️ **Info**: Replace `next` with *whatever* to use another specific branch. + +--- +[⬅️ Go back to main README](README.md) +[⬆️ Go back to top](#top) From e83154c9c3e54d8ff4b1cb04bd288cddf1af4606 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 8 Feb 2024 20:54:02 +0100 Subject: [PATCH 169/908] check-lte-firmware-upgrade: give more detailed infos on modem --- check-lte-firmware-upgrade.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/check-lte-firmware-upgrade.rsc b/check-lte-firmware-upgrade.rsc index 6a9074a..40a8568 100644 --- a/check-lte-firmware-upgrade.rsc +++ b/check-lte-firmware-upgrade.rsc @@ -29,8 +29,8 @@ $ScriptLock $0; :global Identity; :global SentLteFirmwareUpgradeNotification; - :global CharacterReplace; :global FormatLine; + :global IfThenElse; :global LogPrintExit2; :global ScriptFromTerminal; :global SendNotification2; @@ -84,7 +84,9 @@ $ScriptLock $0; subject=([ $SymbolForNotification "sparkles" ] . "LTE firmware upgrade"); \ message=("A new firmware version " . ($Firmware->"latest") . " is available for " . \ "LTE interface " . $IntName . " on " . $Identity . ".\n\n" . \ - [ $FormatLine "Interface" [ $CharacterReplace ($Info->"manufacturer" . " " . $Info->"model") ("\"") "" ] ] . "\n" . \ + [ $IfThenElse ([ :len ($Info->"manufacturer") ] > 0) ([ $FormatLine "Manufacturer" ($Info->"manufacturer") ] . "\n") ] . \ + [ $IfThenElse ([ :len ($Info->"model") ] > 0) ([ $FormatLine "Model" ($Info->"model") ] . "\n") ] . \ + [ $IfThenElse ([ :len ($Info->"revision") ] > 0) ([ $FormatLine "Revision" ($Info->"revision") ] . "\n") ] . \ "Firmware version:\n" . \ [ $FormatLine " Installed" ($Firmware->"installed") ] . "\n" . \ [ $FormatLine " Available" ($Firmware->"latest") ]); silent=true }); From 860acffbdb679a0ce378513e7b0bd9a5805accfd Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 8 Feb 2024 20:56:35 +0100 Subject: [PATCH 170/908] unattended-lte-firmware-upgrade: add error handling --- unattended-lte-firmware-upgrade.rsc | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/unattended-lte-firmware-upgrade.rsc b/unattended-lte-firmware-upgrade.rsc index 1cbdbfb..904f952 100644 --- a/unattended-lte-firmware-upgrade.rsc +++ b/unattended-lte-firmware-upgrade.rsc @@ -24,13 +24,17 @@ :set LTEFirmwareUpgrade; /system/scheduler/remove ($1 . "-firmware-upgrade"); - /interface/lte/firmware-upgrade $1 upgrade=yes; - :log info ("LTE firmware upgrade on '" . $1 . "' finished, waiting for reset."); - :delay 240s; - :local Firmware [ /interface/lte/firmware-upgrade $1 once as-value ]; - :if (($Firmware->"installed") != ($Firmware->"latest")) do={ - :log warning ("LTE firmware versions still differ. Resetting again..."); - /interface/lte/at-chat $1 input="AT+RESET"; + :do { + /interface/lte/firmware-upgrade $1 upgrade=yes; + :log info ("LTE firmware upgrade on '" . $1 . "' finished, waiting for reset."); + :delay 240s; + :local Firmware [ /interface/lte/firmware-upgrade $1 once as-value ]; + :if (($Firmware->"installed") != ($Firmware->"latest")) do={ + :log warning ("LTE firmware versions still differ. Resetting again..."); + /interface/lte/at-chat $1 input="AT+RESET"; + } + } on-error={ + :log error ("LTE firmware upgrade on '" . $1 . "' failed."); } } From 872abbea7d147a8c6291270ba9389731e998b1e0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 8 Feb 2024 20:58:46 +0100 Subject: [PATCH 171/908] doc/unattended-lte-firmware-upgrade: more devices supported... --- doc/unattended-lte-firmware-upgrade.md | 1 + 1 file changed, 1 insertion(+) diff --git a/doc/unattended-lte-firmware-upgrade.md b/doc/unattended-lte-firmware-upgrade.md index 8bc9e71..a9c9b7c 100644 --- a/doc/unattended-lte-firmware-upgrade.md +++ b/doc/unattended-lte-firmware-upgrade.md @@ -12,6 +12,7 @@ This script upgrades LTE firmware on compatible devices: * R11e-LTE-US * R11e-4G * R11e-LTE6 +* ... and more - probably what ever Mikrotik builds into their devices A temporary scheduler is created to be independent from terminal. Thus starting the upgrade process over the broadband connection is supported. From b286cb680326ff31ad3592aeace5962cf0377072 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 19 Feb 2024 11:03:17 +0100 Subject: [PATCH 172/908] netwatch-notify: do not update with record in cache Using `:resolve` we have just one address, but chances are several records do exist. These end up in cache, so we are happy to find them there - no need to update then. --- netwatch-notify.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index ae9c8a8..77b0e69 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -79,7 +79,8 @@ $ScriptLock $0; :if ([ $IsDNSResolving ] = true) do={ :do { :local Resolve [ :resolve ($HostInfo->"resolve") ]; - :if ($Resolve != $HostVal->"host") do={ + :if ($Resolve != $HostVal->"host" and \ + [ :len [ /ip/dns/cache/find where name=($HostInfo->"resolve") data=[ :tostr ($HostVal->"host") ] ] ] = 0) do={ $LogPrintExit2 info $0 ("Name '" . $HostInfo->"resolve" . [ $IfThenElse \ ($HostInfo->"resolve" != $HostInfo->"name") ("' for " . $Type . " '" . \ $HostInfo->"name") "" ] . "' resolves to different address " . $Resolve . \ From 471e0ead051117f9c4de71f05d9af0f8d6750931 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 28 Feb 2024 22:56:43 +0100 Subject: [PATCH 173/908] doc/netwatch-notify: update for multiple records --- doc/netwatch-notify.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/netwatch-notify.md b/doc/netwatch-notify.md index b673af8..6925ca5 100644 --- a/doc/netwatch-notify.md +++ b/doc/netwatch-notify.md @@ -83,9 +83,9 @@ with a resolvable name: /tool/netwatch/add comment="notify, name=example.com, resolve=example.com"; -But be warned: Dynamic updates will probably cause issues if the name has -more than one record in dns - a high rate of configuration changes (and flash -writes) at least. +This supports multiple A or AAAA records for a name just fine, but be +warned: A CNAME to multiple records will cause a high rate of configuration +changes (and flash writes)! ### No notification on host down From 1c2048628d68a94e08bfcae98f33bb0bce53a25c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 26 Feb 2024 08:13:34 +0100 Subject: [PATCH 174/908] netwatch-notify: use logical operator, no literal "and" Just like we do everywhere else. --- netwatch-notify.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index 77b0e69..d2a18ca 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -79,7 +79,7 @@ $ScriptLock $0; :if ([ $IsDNSResolving ] = true) do={ :do { :local Resolve [ :resolve ($HostInfo->"resolve") ]; - :if ($Resolve != $HostVal->"host" and \ + :if ($Resolve != $HostVal->"host" && \ [ :len [ /ip/dns/cache/find where name=($HostInfo->"resolve") data=[ :tostr ($HostVal->"host") ] ] ] = 0) do={ $LogPrintExit2 info $0 ("Name '" . $HostInfo->"resolve" . [ $IfThenElse \ ($HostInfo->"resolve" != $HostInfo->"name") ("' for " . $Type . " '" . \ From 1344694708eba29f02864f9c5016e835084a0788 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 21 Feb 2024 09:05:29 +0100 Subject: [PATCH 175/908] netwatch-notify: handle status "down" in its own condition... ... instead of else-branch. This makes sure to skip hosts that just became "unknown". (Possible soon!) --- netwatch-notify.rsc | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index d2a18ca..a562c85 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -125,7 +125,9 @@ $ScriptLock $0; :set ($Metric->"notified") false; :set ($Metric->"parent") ($HostInfo->"parent"); :set ($Metric->"since"); - } else={ + } + + :if ($HostVal->"status" = "down") do={ :set ($Metric->"count-down") ($Metric->"count-down" + 1); :set ($Metric->"count-up") 0; :set ($Metric->"parent") ($HostInfo->"parent"); @@ -178,6 +180,7 @@ $ScriptLock $0; :set ($Metric->"notified") true; } } + :set ($NetwatchNotify->$Name) { "count-down"=($Metric->"count-down"); "count-up"=($Metric->"count-up"); From b1199ca50a16c9accb9a49ae334c4620a69993cc Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 21 Feb 2024 09:05:52 +0100 Subject: [PATCH 176/908] netwatch-notify: ... and switch state to "unknown" on host update --- netwatch-notify.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index a562c85..186ac0a 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -87,6 +87,7 @@ $ScriptLock $0; ", updating.") false; /tool/netwatch/set host=$Resolve $Host; :set ($Metric->"resolve-failcnt") 0; + :set ($HostVal->"status") "unknown"; } } on-error={ :set ($Metric->"resolve-failcnt") ($Metric->"resolve-failcnt" + 1); From 45875ad68e4898d5c66ee08335e0c32fe04a95a6 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 26 Feb 2024 23:17:07 +0100 Subject: [PATCH 177/908] netwatch-notify: simplify the check --- netwatch-notify.rsc | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index 186ac0a..53ea7e3 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -79,8 +79,7 @@ $ScriptLock $0; :if ([ $IsDNSResolving ] = true) do={ :do { :local Resolve [ :resolve ($HostInfo->"resolve") ]; - :if ($Resolve != $HostVal->"host" && \ - [ :len [ /ip/dns/cache/find where name=($HostInfo->"resolve") data=[ :tostr ($HostVal->"host") ] ] ] = 0) do={ + :if ([ :len [ /ip/dns/cache/find where name=($HostInfo->"resolve") data=[ :tostr ($HostVal->"host") ] ] ] = 0) do={ $LogPrintExit2 info $0 ("Name '" . $HostInfo->"resolve" . [ $IfThenElse \ ($HostInfo->"resolve" != $HostInfo->"name") ("' for " . $Type . " '" . \ $HostInfo->"name") "" ] . "' resolves to different address " . $Resolve . \ From c2f5272f18c2161150481b9569ee17bc2c3d2289 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 27 Feb 2024 17:56:08 +0100 Subject: [PATCH 178/908] =?UTF-8?q?netwatch-notify:=20restore=20the=20chec?= =?UTF-8?q?k=20=F0=9F=A5=B4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This reverts commit 28da1da49e275fef6089a103edf6c158bbff317f. Chances are that we have to resolve a CNAME, that does not match when querying the cache. How to handle CNAME do multiple A records? 🤨 --- netwatch-notify.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index 53ea7e3..186ac0a 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -79,7 +79,8 @@ $ScriptLock $0; :if ([ $IsDNSResolving ] = true) do={ :do { :local Resolve [ :resolve ($HostInfo->"resolve") ]; - :if ([ :len [ /ip/dns/cache/find where name=($HostInfo->"resolve") data=[ :tostr ($HostVal->"host") ] ] ] = 0) do={ + :if ($Resolve != $HostVal->"host" && \ + [ :len [ /ip/dns/cache/find where name=($HostInfo->"resolve") data=[ :tostr ($HostVal->"host") ] ] ] = 0) do={ $LogPrintExit2 info $0 ("Name '" . $HostInfo->"resolve" . [ $IfThenElse \ ($HostInfo->"resolve" != $HostInfo->"name") ("' for " . $Type . " '" . \ $HostInfo->"name") "" ] . "' resolves to different address " . $Resolve . \ From 93bed1b081bb23624b988627d2db6e71d55e796a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 26 Feb 2024 23:18:02 +0100 Subject: [PATCH 179/908] netwatch-notify: work around race condition This used to crash every now and then with: > script;error script error: no such item (4) I guess this is caused by querying the dns cache just exactly when a record expires. The chance is maximized: The script is started by scheduler every minute, and the record's ttl is a multiple of a minute. Let's query records that are not about to expire immediately, and try again. --- netwatch-notify.rsc | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index 186ac0a..c8de7e1 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -80,14 +80,18 @@ $ScriptLock $0; :do { :local Resolve [ :resolve ($HostInfo->"resolve") ]; :if ($Resolve != $HostVal->"host" && \ - [ :len [ /ip/dns/cache/find where name=($HostInfo->"resolve") data=[ :tostr ($HostVal->"host") ] ] ] = 0) do={ - $LogPrintExit2 info $0 ("Name '" . $HostInfo->"resolve" . [ $IfThenElse \ - ($HostInfo->"resolve" != $HostInfo->"name") ("' for " . $Type . " '" . \ - $HostInfo->"name") "" ] . "' resolves to different address " . $Resolve . \ - ", updating.") false; - /tool/netwatch/set host=$Resolve $Host; - :set ($Metric->"resolve-failcnt") 0; - :set ($HostVal->"status") "unknown"; + [ :len [ /ip/dns/cache/find where name=($HostInfo->"resolve") data=[ :tostr ($HostVal->"host") ] ttl>0s ] ] = 0) do={ + :delay 1500ms; + :resolve ($HostInfo->"resolve"); + :if ([ :len [ /ip/dns/cache/find where name=($HostInfo->"resolve") data=[ :tostr ($HostVal->"host") ] ] ] = 0) do={ + $LogPrintExit2 info $0 ("Name '" . $HostInfo->"resolve" . [ $IfThenElse \ + ($HostInfo->"resolve" != $HostInfo->"name") ("' for " . $Type . " '" . \ + $HostInfo->"name") "" ] . "' resolves to different address " . $Resolve . \ + ", updating.") false; + /tool/netwatch/set host=$Resolve $Host; + :set ($Metric->"resolve-failcnt") 0; + :set ($HostVal->"status") "unknown"; + } } } on-error={ :set ($Metric->"resolve-failcnt") ($Metric->"resolve-failcnt" + 1); From 01d2c3ea7e3b00a3020705120d896fd6689fab1a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 27 Feb 2024 23:18:31 +0100 Subject: [PATCH 180/908] netwatch-notify: try another workaround The last one did not make it... Perhaps the cache just needs a moment to settle? --- netwatch-notify.rsc | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index c8de7e1..5c6ae40 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -79,10 +79,8 @@ $ScriptLock $0; :if ([ $IsDNSResolving ] = true) do={ :do { :local Resolve [ :resolve ($HostInfo->"resolve") ]; - :if ($Resolve != $HostVal->"host" && \ - [ :len [ /ip/dns/cache/find where name=($HostInfo->"resolve") data=[ :tostr ($HostVal->"host") ] ttl>0s ] ] = 0) do={ - :delay 1500ms; - :resolve ($HostInfo->"resolve"); + :if ($Resolve != $HostVal->"host") do={ + :delay 100ms; :if ([ :len [ /ip/dns/cache/find where name=($HostInfo->"resolve") data=[ :tostr ($HostVal->"host") ] ] ] = 0) do={ $LogPrintExit2 info $0 ("Name '" . $HostInfo->"resolve" . [ $IfThenElse \ ($HostInfo->"resolve" != $HostInfo->"name") ("' for " . $Type . " '" . \ From 6f29c640e4e63b6a5e0d986b63dafa54dc2cc3fa Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 28 Feb 2024 22:19:26 +0100 Subject: [PATCH 181/908] netwatch-notify: move check in DNS cache to local function --- netwatch-notify.rsc | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index 5c6ae40..1b6a005 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -52,6 +52,19 @@ :return ("Ran hook:\n" . $Hook); } +:local ResolveExpected do={ + :local Name [ :tostr $1 ]; + :local Expected [ :tostr $2 ]; + + :delay 100ms; + + :if ([ :len [ /ip/dns/cache/find where name=$Name data=$Expected ] ] > 0) do={ + :return true; + } + + :return false; +} + $ScriptLock $0; :local ScriptFromTerminalCached [ $ScriptFromTerminal $0 ]; @@ -80,8 +93,7 @@ $ScriptLock $0; :do { :local Resolve [ :resolve ($HostInfo->"resolve") ]; :if ($Resolve != $HostVal->"host") do={ - :delay 100ms; - :if ([ :len [ /ip/dns/cache/find where name=($HostInfo->"resolve") data=[ :tostr ($HostVal->"host") ] ] ] = 0) do={ + :if ([ $ResolveExpected ($HostInfo->"resolve") ($HostVal->"host") ] = false) do={ $LogPrintExit2 info $0 ("Name '" . $HostInfo->"resolve" . [ $IfThenElse \ ($HostInfo->"resolve" != $HostInfo->"name") ("' for " . $Type . " '" . \ $HostInfo->"name") "" ] . "' resolves to different address " . $Resolve . \ From a924de274c482b79777d9c1ca9d2e1d1919155cb Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 28 Feb 2024 22:29:55 +0100 Subject: [PATCH 182/908] netwatch-notify: handle CNAME to multiple records --- doc/netwatch-notify.md | 6 +++--- netwatch-notify.rsc | 9 +++++++++ 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/doc/netwatch-notify.md b/doc/netwatch-notify.md index 6925ca5..a7cc2d6 100644 --- a/doc/netwatch-notify.md +++ b/doc/netwatch-notify.md @@ -83,9 +83,9 @@ with a resolvable name: /tool/netwatch/add comment="notify, name=example.com, resolve=example.com"; -This supports multiple A or AAAA records for a name just fine, but be -warned: A CNAME to multiple records will cause a high rate of configuration -changes (and flash writes)! +This supports multiple A or AAAA records for a name just fine, even a CNAME +to those. But be warned: CNAME chains to multiple records will cause a high +rate of configuration changes (and flash writes)! ### No notification on host down diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index 1b6a005..cd4fc0d 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -62,6 +62,15 @@ :return true; } + :local Cname [ /ip/dns/cache/find where name=$Name type="CNAME" ]; + :if ([ :len $Cname ] > 0) do={ + :set Cname [ /ip/dns/cache/get $Cname data ]; + :set Cname [ :pick $Cname 0 ([ :len $Cname ] - 1) ]; + :if ([ :len [ /ip/dns/cache/find where name=$Cname data=$Expected ] ] > 0) do={ + :return true; + } + } + :return false; } From 1687e2780fb8a10c84b8ca829a536b4030703418 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Sat, 24 Feb 2024 23:21:42 +0100 Subject: [PATCH 183/908] fw-addr-lists: get timeout from loop --- fw-addr-lists.rsc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index bc294d1..7845b8a 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -107,10 +107,10 @@ $WaitFullyConnected; } } - :foreach Address,Ignore in=$Addresses do={ - $LogPrintExit2 debug $0 ("Adding for " . ($Addresses->$Address) . ": " . $Address) false; + :foreach Address,Timeout in=$Addresses do={ + $LogPrintExit2 debug $0 ("Adding for " . $Timeout . ": " . $Address) false; :do { - /ip/firewall/address-list/add list=$FwListName comment=$ListComment address=$Address timeout=($Addresses->$Address); + /ip/firewall/address-list/add list=$FwListName comment=$ListComment address=$Address timeout=$Timeout; :set ($Addresses->$Address); :set CntAdd ($CntAdd + 1); } on-error={ From 31966479dc9c5b58bb46e3bb9f85dcc6433a94ed Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Sat, 24 Feb 2024 23:23:05 +0100 Subject: [PATCH 184/908] fw-addr-lists: update wording --- fw-addr-lists.rsc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 7845b8a..7ab575c 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -94,13 +94,13 @@ $WaitFullyConnected; :foreach Entry in=[ /ip/firewall/address-list/find where list=$FwListName comment=$ListComment ] do={ :local Address [ /ip/firewall/address-list/get $Entry address ]; :if ([ :typeof ($Addresses->$Address) ] = "time") do={ - $LogPrintExit2 debug $0 ("Renewing for " . ($Addresses->$Address) . ": " . $Address) false; + $LogPrintExit2 debug $0 ("Renewing address for " . ($Addresses->$Address) . ": " . $Address) false; /ip/firewall/address-list/set $Entry timeout=($Addresses->$Address); :set ($Addresses->$Address); :set CntRenew ($CntRenew + 1); } else={ :if ($Failure = false) do={ - $LogPrintExit2 debug $0 ("Removing: " . $Address) false; + $LogPrintExit2 debug $0 ("Removing address: " . $Address) false; /ip/firewall/address-list/remove $Entry; :set CntRemove ($CntRemove + 1); } @@ -108,7 +108,7 @@ $WaitFullyConnected; } :foreach Address,Timeout in=$Addresses do={ - $LogPrintExit2 debug $0 ("Adding for " . $Timeout . ": " . $Address) false; + $LogPrintExit2 debug $0 ("Adding address for " . $Timeout . ": " . $Address) false; :do { /ip/firewall/address-list/add list=$FwListName comment=$ListComment address=$Address timeout=$Timeout; :set ($Addresses->$Address); From 0125f102b4f420ed86e9eb968d088576e1fb4c3e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 23 Feb 2024 11:15:46 +0100 Subject: [PATCH 185/908] fw-addr-lists: rename variable --- fw-addr-lists.rsc | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 7ab575c..c0212c6 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -38,10 +38,10 @@ $WaitFullyConnected; :local ListComment ("managed by " . $0); :foreach FwListName,FwList in=$FwAddrLists do={ - :local Addresses ({}); :local CntAdd 0; :local CntRenew 0; :local CntRemove 0; + :local IPv4Addresses ({}); :local Failure false; :foreach List in=$FwList do={ @@ -85,7 +85,7 @@ $WaitFullyConnected; :local Address ([ :pick $Line 0 [ $FindDelim $Line ] ] . ($List->"cidr")); :if ($Address ~ "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}(/[0-9]{1,2})?\$" || \ $Address ~ "^[\\.a-zA-Z0-9-]+\\.[a-zA-Z]{2,}\$") do={ - :set ($Addresses->$Address) $TimeOut; + :set ($IPv4Addresses->$Address) $TimeOut; } :set Data [ :pick $Data ([ :len $Line ] + 1) [ :len $Data ] ]; } @@ -93,28 +93,28 @@ $WaitFullyConnected; :foreach Entry in=[ /ip/firewall/address-list/find where list=$FwListName comment=$ListComment ] do={ :local Address [ /ip/firewall/address-list/get $Entry address ]; - :if ([ :typeof ($Addresses->$Address) ] = "time") do={ - $LogPrintExit2 debug $0 ("Renewing address for " . ($Addresses->$Address) . ": " . $Address) false; - /ip/firewall/address-list/set $Entry timeout=($Addresses->$Address); - :set ($Addresses->$Address); + :if ([ :typeof ($IPv4Addresses->$Address) ] = "time") do={ + $LogPrintExit2 debug $0 ("Renewing IPv4 address for " . ($IPv4Addresses->$Address) . ": " . $Address) false; + /ip/firewall/address-list/set $Entry timeout=($IPv4Addresses->$Address); + :set ($IPv4Addresses->$Address); :set CntRenew ($CntRenew + 1); } else={ :if ($Failure = false) do={ - $LogPrintExit2 debug $0 ("Removing address: " . $Address) false; + $LogPrintExit2 debug $0 ("Removing IPv4 address: " . $Address) false; /ip/firewall/address-list/remove $Entry; :set CntRemove ($CntRemove + 1); } } } - :foreach Address,Timeout in=$Addresses do={ - $LogPrintExit2 debug $0 ("Adding address for " . $Timeout . ": " . $Address) false; + :foreach Address,Timeout in=$IPv4Addresses do={ + $LogPrintExit2 debug $0 ("Adding IPv4 address for " . $Timeout . ": " . $Address) false; :do { /ip/firewall/address-list/add list=$FwListName comment=$ListComment address=$Address timeout=$Timeout; - :set ($Addresses->$Address); + :set ($IPv4Addresses->$Address); :set CntAdd ($CntAdd + 1); } on-error={ - $LogPrintExit2 warning $0 ("Failed to add address " . $Address . " to list '" . $FwListName . "'.") false; + $LogPrintExit2 warning $0 ("Failed to add IPv4 address " . $Address . " to list '" . $FwListName . "'.") false; } } From 62790ae091e167a1aea4c5a5fec128ee5c41ca4c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 23 Feb 2024 11:19:56 +0100 Subject: [PATCH 186/908] fw-addr-lists: add support for IPv6 --- doc/fw-addr-lists.md | 35 +++++++++++++++++++++++++++++++++-- fw-addr-lists.rsc | 34 +++++++++++++++++++++++++++++++++- global-functions.rsc | 2 +- news-and-changes.rsc | 1 + 4 files changed, 68 insertions(+), 4 deletions(-) diff --git a/doc/fw-addr-lists.md b/doc/fw-addr-lists.md index 5805905..6dc6b66 100644 --- a/doc/fw-addr-lists.md +++ b/doc/fw-addr-lists.md @@ -56,8 +56,12 @@ available in my repository and downloaded automatically. Import it manually (menu `/certificate/`) if missing. Create firewall rules to process the packets that are related to addresses -from address-lists. This rejects the packets from and to ip addresses listed -in address-list `block`. +from address-lists. + +### IPv4 rules + +This rejects the packets from and to IPv4 addresses listed in +address-list `block`. /ip/firewall/filter/add chain=input src-address-list=block action=reject reject-with=icmp-admin-prohibited; /ip/firewall/filter/add chain=forward src-address-list=block action=reject reject-with=icmp-admin-prohibited; @@ -85,6 +89,33 @@ Alternatively handle the packets in firewall's raw section if you prefer: > ⚠️ **Warning**: Just again... The order of firewall rules is important. Make > sure they actually take effect as expected! +### IPv6 rules + +These are the same rules, but for IPv6. + +Reject packets in address-list `block`: + + /ipv6/firewall/filter/add chain=input src-address-list=block action=reject reject-with=icmp-admin-prohibited; + /ipv6/firewall/filter/add chain=forward src-address-list=block action=reject reject-with=icmp-admin-prohibited; + /ipv6/firewall/filter/add chain=forward dst-address-list=block action=reject reject-with=icmp-admin-prohibited; + /ipv6/firewall/filter/add chain=output dst-address-list=block action=reject reject-with=icmp-admin-prohibited; + +Allow packets in address-list `allow`: + + /ipv6/firewall/filter/add chain=input src-address-list=allow action=accept; + /ipv6/firewall/filter/add chain=forward src-address-list=allow action=accept; + /ipv6/firewall/filter/add chain=forward dst-address-list=allow action=accept; + /ipv6/firewall/filter/add chain=output dst-address-list=allow action=accept; + +Drop packets in firewall's raw section: + + /ipv6/firewall/raw/add chain=prerouting src-address-list=block action=drop; + /ipv6/firewall/raw/add chain=prerouting dst-address-list=block action=drop; + /ipv6/firewall/raw/add chain=output dst-address-list=block action=drop; + +> ⚠️ **Warning**: Just again... The order of firewall rules is important. Make +> sure they actually take effect as expected! + --- [⬅️ Go back to main README](../README.md) [⬆️ Go back to top](#top) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index c0212c6..14da2e2 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -24,7 +24,7 @@ :global WaitFullyConnected; :local FindDelim do={ - :local ValidChars "0123456789./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-"; + :local ValidChars "0123456789.:/ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-"; :for I from=0 to=[ :len $1 ] do={ :if ([ :typeof [ :find $ValidChars [ :pick ($1 . " ") $I ] ] ] != "num") do={ :return $I; @@ -42,6 +42,7 @@ $WaitFullyConnected; :local CntRenew 0; :local CntRemove 0; :local IPv4Addresses ({}); + :local IPv6Addresses ({}); :local Failure false; :foreach List in=$FwList do={ @@ -87,6 +88,10 @@ $WaitFullyConnected; $Address ~ "^[\\.a-zA-Z0-9-]+\\.[a-zA-Z]{2,}\$") do={ :set ($IPv4Addresses->$Address) $TimeOut; } + :if ($Address ~ "^[0-9a-zA-Z]*:[0-9a-zA-Z:\\.]+(/[0-9]{1,3})?\$" || \ + $Address ~ "^[\\.a-zA-Z0-9-]+\\.[a-zA-Z]{2,}\$") do={ + :set ($IPv6Addresses->$Address) $TimeOut; + } :set Data [ :pick $Data ([ :len $Line ] + 1) [ :len $Data ] ]; } } @@ -107,6 +112,22 @@ $WaitFullyConnected; } } + :foreach Entry in=[ /ipv6/firewall/address-list/find where list=$FwListName comment=$ListComment ] do={ + :local Address [ /ipv6/firewall/address-list/get $Entry address ]; + :if ([ :typeof ($IPv6Addresses->$Address) ] = "time") do={ + $LogPrintExit2 debug $0 ("Renewing IPv6 address for " . ($IPv6Addresses->$Address) . ": " . $Address) false; + /ipv6/firewall/address-list/set $Entry timeout=($IPv6Addresses->$Address); + :set ($IPv6Addresses->$Address); + :set CntRenew ($CntRenew + 1); + } else={ + :if ($Failure = false) do={ + $LogPrintExit2 debug $0 ("Removing: " . $Address) false; + /ipv6/firewall/address-list/remove $Entry; + :set CntRemove ($CntRemove + 1); + } + } + } + :foreach Address,Timeout in=$IPv4Addresses do={ $LogPrintExit2 debug $0 ("Adding IPv4 address for " . $Timeout . ": " . $Address) false; :do { @@ -118,5 +139,16 @@ $WaitFullyConnected; } } + :foreach Address,Timeout in=$IPv6Addresses do={ + $LogPrintExit2 debug $0 ("Adding IPv6 address for " . $Timeout . ": " . $Address) false; + :do { + /ipv6/firewall/address-list/add list=$FwListName comment=$ListComment address=$Address timeout=$Timeout; + :set ($IPv6Addresses->$Address); + :set CntAdd ($CntAdd + 1); + } on-error={ + $LogPrintExit2 warning $0 ("Failed to add IPv6 address " . $Address . " to list '" . $FwListName . "'.") false; + } + } + $LogPrintExit2 info $0 ("list: " . $FwListName . " -- added: " . $CntAdd . " - renewed: " . $CntRenew . " - removed: " . $CntRemove) false; } diff --git a/global-functions.rsc b/global-functions.rsc index d37b34b..92fabff 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -12,7 +12,7 @@ :local 0 [ :jobname ]; # expected configuration version -:global ExpectedConfigVersion 118; +:global ExpectedConfigVersion 119; # global variables not to be changed by user :global GlobalFunctionsReady false; diff --git a/news-and-changes.rsc b/news-and-changes.rsc index b6f5169..d0e9938 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -43,6 +43,7 @@ [ $IfThenElse ($Resource->"total-hdd-space" < 16000000) ("Your " . $Resource->"board-name" . " is specifically affected! ") \ [ $IfThenElse ($Resource->"free-hdd-space" > 4000000) ("(Your " . $Resource->"board-name" . " does not suffer this issue.) ") ] ] . \ "Huge configuration and lots of scripts give an extra risk. Take care!"); + 119="Added support for IPv6 to script 'fw-addr-lists'."; }; # Migration steps to be applied on script updates From 50a69149072be4f66cbd05362fef9ec68f293323 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 1 Mar 2024 12:09:29 +0100 Subject: [PATCH 187/908] netwatch-notify: (mis-)use firewall address-list for lookup... MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ... and drop the racy code querying dns cache. 😁 --- doc/netwatch-notify.md | 4 ++-- netwatch-notify.rsc | 16 +++++----------- 2 files changed, 7 insertions(+), 13 deletions(-) diff --git a/doc/netwatch-notify.md b/doc/netwatch-notify.md index a7cc2d6..e252d39 100644 --- a/doc/netwatch-notify.md +++ b/doc/netwatch-notify.md @@ -84,8 +84,8 @@ with a resolvable name: /tool/netwatch/add comment="notify, name=example.com, resolve=example.com"; This supports multiple A or AAAA records for a name just fine, even a CNAME -to those. But be warned: CNAME chains to multiple records will cause a high -rate of configuration changes (and flash writes)! +to those. An update happens only if no more record with the configured host +address is found. ### No notification on host down diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index cd4fc0d..6501ea9 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -56,21 +56,15 @@ :local Name [ :tostr $1 ]; :local Expected [ :tostr $2 ]; - :delay 100ms; + :global GetRandom20CharAlNum; - :if ([ :len [ /ip/dns/cache/find where name=$Name data=$Expected ] ] > 0) do={ + :local FwAddrList ($0 . "-" . [ $GetRandom20CharAlNum ]); + /ip/firewall/address-list/add address=$Name list=$FwAddrList dynamic=yes timeout=1s; + :delay 20ms; + :if ([ :len [ /ip/firewall/address-list/find where list=$FwAddrList address=$Expected ] ] > 0) do={ :return true; } - :local Cname [ /ip/dns/cache/find where name=$Name type="CNAME" ]; - :if ([ :len $Cname ] > 0) do={ - :set Cname [ /ip/dns/cache/get $Cname data ]; - :set Cname [ :pick $Cname 0 ([ :len $Cname ] - 1) ]; - :if ([ :len [ /ip/dns/cache/find where name=$Cname data=$Expected ] ] > 0) do={ - :return true; - } - } - :return false; } From 4869d74edf055de1d7a8304a8ac3c29fe11ae3e3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 1 Mar 2024 21:02:46 +0100 Subject: [PATCH 188/908] netwatch-notify: handle IPv6 / AAAA resolving --- netwatch-notify.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index 6501ea9..5fde355 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -60,8 +60,10 @@ :local FwAddrList ($0 . "-" . [ $GetRandom20CharAlNum ]); /ip/firewall/address-list/add address=$Name list=$FwAddrList dynamic=yes timeout=1s; + /ipv6/firewall/address-list/add address=$Name list=$FwAddrList dynamic=yes timeout=1s; :delay 20ms; - :if ([ :len [ /ip/firewall/address-list/find where list=$FwAddrList address=$Expected ] ] > 0) do={ + :if ([ :len [ /ip/firewall/address-list/find where list=$FwAddrList address=$Expected ] ] > 0 || \ + [ :len [ /ipv6/firewall/address-list/find where list=$FwAddrList address=$Expected ] ] > 0) do={ :return true; } From 64aa6ef1249be378f02b8c211f53a7f12da4f695 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Sun, 3 Mar 2024 20:32:23 +0100 Subject: [PATCH 189/908] netwatch-notify: check one after another This can bring an extra delay, but saves a check in most cases. --- netwatch-notify.rsc | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index 5fde355..8c59af8 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -60,10 +60,13 @@ :local FwAddrList ($0 . "-" . [ $GetRandom20CharAlNum ]); /ip/firewall/address-list/add address=$Name list=$FwAddrList dynamic=yes timeout=1s; + :delay 20ms; + :if ([ :len [ /ip/firewall/address-list/find where list=$FwAddrList address=$Expected ] ] > 0) do={ + :return true; + } /ipv6/firewall/address-list/add address=$Name list=$FwAddrList dynamic=yes timeout=1s; :delay 20ms; - :if ([ :len [ /ip/firewall/address-list/find where list=$FwAddrList address=$Expected ] ] > 0 || \ - [ :len [ /ipv6/firewall/address-list/find where list=$FwAddrList address=$Expected ] ] > 0) do={ + :if ([ :len [ /ipv6/firewall/address-list/find where list=$FwAddrList address=$Expected ] ] > 0) do={ :return true; } From efc2e75f019227274cb934a5907b3782fb8d5d71 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:00 +0100 Subject: [PATCH 190/908] accesslist-duplicates: move code into function --- accesslist-duplicates.capsman.rsc | 27 ++++++++------- accesslist-duplicates.local.rsc | 27 ++++++++------- accesslist-duplicates.template.rsc | 51 ++++++++++++++++------------- accesslist-duplicates.wifi.rsc | 27 ++++++++------- accesslist-duplicates.wifiwave2.rsc | 27 ++++++++------- 5 files changed, 92 insertions(+), 67 deletions(-) diff --git a/accesslist-duplicates.capsman.rsc b/accesslist-duplicates.capsman.rsc index a20c05d..f781eb3 100644 --- a/accesslist-duplicates.capsman.rsc +++ b/accesslist-duplicates.capsman.rsc @@ -10,22 +10,27 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Seen ({}); +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:foreach AccList in=[ /caps-man/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ - :local Mac [ /caps-man/access-list/get $AccList mac-address ]; - :if ($Seen->$Mac = 1) do={ - /caps-man/access-list/print where mac-address=$Mac; - :local Remove [ :tonum [ /terminal/ask prompt="\nNumeric id to remove, any key to skip!" ] ]; + :local Seen ({}); - :if ([ :typeof $Remove ] = "num") do={ - :put ("Removing numeric id " . $Remove . "...\n"); - /caps-man/access-list/remove $Remove; + :foreach AccList in=[ /caps-man/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ + :local Mac [ /caps-man/access-list/get $AccList mac-address ]; + :if ($Seen->$Mac = 1) do={ + /caps-man/access-list/print where mac-address=$Mac; + :local Remove [ :tonum [ /terminal/ask prompt="\nNumeric id to remove, any key to skip!" ] ]; + + :if ([ :typeof $Remove ] = "num") do={ + :put ("Removing numeric id " . $Remove . "...\n"); + /caps-man/access-list/remove $Remove; + } } + :set ($Seen->$Mac) 1; } - :set ($Seen->$Mac) 1; } + +$Main [ :jobname ]; diff --git a/accesslist-duplicates.local.rsc b/accesslist-duplicates.local.rsc index 0feb9f7..b235cd1 100644 --- a/accesslist-duplicates.local.rsc +++ b/accesslist-duplicates.local.rsc @@ -10,22 +10,27 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Seen ({}); +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:foreach AccList in=[ /interface/wireless/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ - :local Mac [ /interface/wireless/access-list/get $AccList mac-address ]; - :if ($Seen->$Mac = 1) do={ - /interface/wireless/access-list/print where mac-address=$Mac; - :local Remove [ :tonum [ /terminal/ask prompt="\nNumeric id to remove, any key to skip!" ] ]; + :local Seen ({}); - :if ([ :typeof $Remove ] = "num") do={ - :put ("Removing numeric id " . $Remove . "...\n"); - /interface/wireless/access-list/remove $Remove; + :foreach AccList in=[ /interface/wireless/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ + :local Mac [ /interface/wireless/access-list/get $AccList mac-address ]; + :if ($Seen->$Mac = 1) do={ + /interface/wireless/access-list/print where mac-address=$Mac; + :local Remove [ :tonum [ /terminal/ask prompt="\nNumeric id to remove, any key to skip!" ] ]; + + :if ([ :typeof $Remove ] = "num") do={ + :put ("Removing numeric id " . $Remove . "...\n"); + /interface/wireless/access-list/remove $Remove; + } } + :set ($Seen->$Mac) 1; } - :set ($Seen->$Mac) 1; } + +$Main [ :jobname ]; diff --git a/accesslist-duplicates.template.rsc b/accesslist-duplicates.template.rsc index f350d0c..97f6138 100644 --- a/accesslist-duplicates.template.rsc +++ b/accesslist-duplicates.template.rsc @@ -11,34 +11,39 @@ # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Seen ({}); +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:foreach AccList in=[ /caps-man/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ -:foreach AccList in=[ /interface/wifi/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ -:foreach AccList in=[ /interface/wifiwave2/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ -:foreach AccList in=[ /interface/wireless/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ - :local Mac [ /caps-man/access-list/get $AccList mac-address ]; - :local Mac [ /interface/wifi/access-list/get $AccList mac-address ]; - :local Mac [ /interface/wifiwave2/access-list/get $AccList mac-address ]; - :local Mac [ /interface/wireless/access-list/get $AccList mac-address ]; - :if ($Seen->$Mac = 1) do={ - /caps-man/access-list/print where mac-address=$Mac; - /interface/wifi/access-list/print where mac-address=$Mac; - /interface/wifiwave2/access-list/print where mac-address=$Mac; - /interface/wireless/access-list/print where mac-address=$Mac; - :local Remove [ :tonum [ /terminal/ask prompt="\nNumeric id to remove, any key to skip!" ] ]; + :local Seen ({}); - :if ([ :typeof $Remove ] = "num") do={ - :put ("Removing numeric id " . $Remove . "...\n"); - /caps-man/access-list/remove $Remove; - /interface/wifi/access-list/remove $Remove; - /interface/wifiwave2/access-list/remove $Remove; - /interface/wireless/access-list/remove $Remove; + :foreach AccList in=[ /caps-man/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ + :foreach AccList in=[ /interface/wifi/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ + :foreach AccList in=[ /interface/wifiwave2/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ + :foreach AccList in=[ /interface/wireless/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ + :local Mac [ /caps-man/access-list/get $AccList mac-address ]; + :local Mac [ /interface/wifi/access-list/get $AccList mac-address ]; + :local Mac [ /interface/wifiwave2/access-list/get $AccList mac-address ]; + :local Mac [ /interface/wireless/access-list/get $AccList mac-address ]; + :if ($Seen->$Mac = 1) do={ + /caps-man/access-list/print where mac-address=$Mac; + /interface/wifi/access-list/print where mac-address=$Mac; + /interface/wifiwave2/access-list/print where mac-address=$Mac; + /interface/wireless/access-list/print where mac-address=$Mac; + :local Remove [ :tonum [ /terminal/ask prompt="\nNumeric id to remove, any key to skip!" ] ]; + + :if ([ :typeof $Remove ] = "num") do={ + :put ("Removing numeric id " . $Remove . "...\n"); + /caps-man/access-list/remove $Remove; + /interface/wifi/access-list/remove $Remove; + /interface/wifiwave2/access-list/remove $Remove; + /interface/wireless/access-list/remove $Remove; + } } + :set ($Seen->$Mac) 1; } - :set ($Seen->$Mac) 1; } + +$Main [ :jobname ]; diff --git a/accesslist-duplicates.wifi.rsc b/accesslist-duplicates.wifi.rsc index d5f13f0..04ac19c 100644 --- a/accesslist-duplicates.wifi.rsc +++ b/accesslist-duplicates.wifi.rsc @@ -10,22 +10,27 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Seen ({}); +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:foreach AccList in=[ /interface/wifi/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ - :local Mac [ /interface/wifi/access-list/get $AccList mac-address ]; - :if ($Seen->$Mac = 1) do={ - /interface/wifi/access-list/print where mac-address=$Mac; - :local Remove [ :tonum [ /terminal/ask prompt="\nNumeric id to remove, any key to skip!" ] ]; + :local Seen ({}); - :if ([ :typeof $Remove ] = "num") do={ - :put ("Removing numeric id " . $Remove . "...\n"); - /interface/wifi/access-list/remove $Remove; + :foreach AccList in=[ /interface/wifi/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ + :local Mac [ /interface/wifi/access-list/get $AccList mac-address ]; + :if ($Seen->$Mac = 1) do={ + /interface/wifi/access-list/print where mac-address=$Mac; + :local Remove [ :tonum [ /terminal/ask prompt="\nNumeric id to remove, any key to skip!" ] ]; + + :if ([ :typeof $Remove ] = "num") do={ + :put ("Removing numeric id " . $Remove . "...\n"); + /interface/wifi/access-list/remove $Remove; + } } + :set ($Seen->$Mac) 1; } - :set ($Seen->$Mac) 1; } + +$Main [ :jobname ]; diff --git a/accesslist-duplicates.wifiwave2.rsc b/accesslist-duplicates.wifiwave2.rsc index 24f5967..232d941 100644 --- a/accesslist-duplicates.wifiwave2.rsc +++ b/accesslist-duplicates.wifiwave2.rsc @@ -10,22 +10,27 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Seen ({}); +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:foreach AccList in=[ /interface/wifiwave2/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ - :local Mac [ /interface/wifiwave2/access-list/get $AccList mac-address ]; - :if ($Seen->$Mac = 1) do={ - /interface/wifiwave2/access-list/print where mac-address=$Mac; - :local Remove [ :tonum [ /terminal/ask prompt="\nNumeric id to remove, any key to skip!" ] ]; + :local Seen ({}); - :if ([ :typeof $Remove ] = "num") do={ - :put ("Removing numeric id " . $Remove . "...\n"); - /interface/wifiwave2/access-list/remove $Remove; + :foreach AccList in=[ /interface/wifiwave2/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ + :local Mac [ /interface/wifiwave2/access-list/get $AccList mac-address ]; + :if ($Seen->$Mac = 1) do={ + /interface/wifiwave2/access-list/print where mac-address=$Mac; + :local Remove [ :tonum [ /terminal/ask prompt="\nNumeric id to remove, any key to skip!" ] ]; + + :if ([ :typeof $Remove ] = "num") do={ + :put ("Removing numeric id " . $Remove . "...\n"); + /interface/wifiwave2/access-list/remove $Remove; + } } + :set ($Seen->$Mac) 1; } - :set ($Seen->$Mac) 1; } + +$Main [ :jobname ]; From 33d129496c1a6d3092231d707ae5e12fa56315ea Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:00 +0100 Subject: [PATCH 191/908] backup-cloud: move code into function --- backup-cloud.rsc | 89 +++++++++++++++++++++++++----------------------- 1 file changed, 47 insertions(+), 42 deletions(-) diff --git a/backup-cloud.rsc b/backup-cloud.rsc index 58fd37a..94966c5 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -9,55 +9,60 @@ # upload backup to MikroTik cloud # https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-cloud.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global BackupPassword; -:global BackupRandomDelay; -:global Identity; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global DeviceInfo; -:global FormatLine; -:global HumanReadableNum; -:global LogPrintExit2; -:global RandomDelay; -:global ScriptFromTerminal; -:global ScriptLock; -:global SendNotification2; -:global SymbolForNotification; -:global WaitFullyConnected; + :global BackupPassword; + :global BackupRandomDelay; + :global Identity; -$ScriptLock $0; -$WaitFullyConnected; + :global DeviceInfo; + :global FormatLine; + :global HumanReadableNum; + :global LogPrintExit2; + :global RandomDelay; + :global ScriptFromTerminal; + :global ScriptLock; + :global SendNotification2; + :global SymbolForNotification; + :global WaitFullyConnected; -:if ([ $ScriptFromTerminal $0 ] = false && $BackupRandomDelay > 0) do={ - $RandomDelay $BackupRandomDelay; -} + $ScriptLock $ScriptName; + $WaitFullyConnected; -:do { - # we are not interested in output, but print is - # required to fetch information from cloud - /system/backup/cloud/print as-value; - :if ([ :len [ /system/backup/cloud/find ] ] > 0) do={ - /system/backup/cloud/upload-file action=create-and-upload \ - password=$BackupPassword replace=[ get ([ find ]->0) name ]; - } else={ - /system/backup/cloud/upload-file action=create-and-upload \ - password=$BackupPassword; + :if ([ $ScriptFromTerminal $ScriptName ] = false && $BackupRandomDelay > 0) do={ + $RandomDelay $BackupRandomDelay; } - :local Cloud [ /system/backup/cloud/get ([ find ]->0) ]; - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "floppy-disk,cloud" ] . "Cloud backup"); \ - message=("Uploaded backup for " . $Identity . " to cloud.\n\n" . \ - [ $DeviceInfo ] . "\n\n" . \ - [ $FormatLine "Name" ($Cloud->"name") ] . "\n" . \ - [ $FormatLine "Size" ([ $HumanReadableNum ($Cloud->"size") 1024 ] . "iB") ] . "\n" . \ - [ $FormatLine "Download key" ($Cloud->"secret-download-key") ]); silent=true }); -} on-error={ - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "floppy-disk,warning-sign" ] . "Cloud backup failed"); \ - message=("Failed uploading backup for " . $Identity . " to cloud!\n\n" . [ $DeviceInfo ]) }); - $LogPrintExit2 error $0 ("Failed uploading backup for " . $Identity . " to cloud!") true; + :do { + # we are not interested in output, but print is + # required to fetch information from cloud + /system/backup/cloud/print as-value; + :if ([ :len [ /system/backup/cloud/find ] ] > 0) do={ + /system/backup/cloud/upload-file action=create-and-upload \ + password=$BackupPassword replace=[ get ([ find ]->0) name ]; + } else={ + /system/backup/cloud/upload-file action=create-and-upload \ + password=$BackupPassword; + } + :local Cloud [ /system/backup/cloud/get ([ find ]->0) ]; + + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "floppy-disk,cloud" ] . "Cloud backup"); \ + message=("Uploaded backup for " . $Identity . " to cloud.\n\n" . \ + [ $DeviceInfo ] . "\n\n" . \ + [ $FormatLine "Name" ($Cloud->"name") ] . "\n" . \ + [ $FormatLine "Size" ([ $HumanReadableNum ($Cloud->"size") 1024 ] . "iB") ] . "\n" . \ + [ $FormatLine "Download key" ($Cloud->"secret-download-key") ]); silent=true }); + } on-error={ + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "floppy-disk,warning-sign" ] . "Cloud backup failed"); \ + message=("Failed uploading backup for " . $Identity . " to cloud!\n\n" . [ $DeviceInfo ]) }); + $LogPrintExit2 error $ScriptName ("Failed uploading backup for " . $Identity . " to cloud!") true; + } } + +$Main [ :jobname ]; From 19fb7b61ea4c92fe61db5cbfa34fe0a932acea39 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:00 +0100 Subject: [PATCH 192/908] backup-email: move code into function --- backup-email.rsc | 191 ++++++++++++++++++++++++----------------------- 1 file changed, 98 insertions(+), 93 deletions(-) diff --git a/backup-email.rsc b/backup-email.rsc index 86f9003..7380a5d 100644 --- a/backup-email.rsc +++ b/backup-email.rsc @@ -9,104 +9,109 @@ # create and email backup and config file # https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-email.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global BackupPassword; -:global BackupRandomDelay; -:global BackupSendBinary; -:global BackupSendExport; -:global BackupSendGlobalConfig; -:global Domain; -:global Identity; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global CleanName; -:global DeviceInfo; -:global FormatLine; -:global LogPrintExit2; -:global MkDir; -:global RandomDelay; -:global ScriptFromTerminal; -:global ScriptLock; -:global SendEMail2; -:global SymbolForNotification; -:global WaitForFile; -:global WaitFullyConnected; + :global BackupPassword; + :global BackupRandomDelay; + :global BackupSendBinary; + :global BackupSendExport; + :global BackupSendGlobalConfig; + :global Domain; + :global Identity; -:if ([ :typeof $SendEMail2 ] = "nothing") do={ - $LogPrintExit2 error $0 ("The module for sending notifications via e-mail is not installed.") true; -} + :global CleanName; + :global DeviceInfo; + :global FormatLine; + :global LogPrintExit2; + :global MkDir; + :global RandomDelay; + :global ScriptFromTerminal; + :global ScriptLock; + :global SendEMail2; + :global SymbolForNotification; + :global WaitForFile; + :global WaitFullyConnected; -:if ($BackupSendBinary != true && \ - $BackupSendExport != true) do={ - $LogPrintExit2 error $0 ("Configured to send neither backup nor config export.") true; -} - -$ScriptLock $0; -$WaitFullyConnected; - -:if ([ $ScriptFromTerminal $0 ] = false && $BackupRandomDelay > 0) do={ - $RandomDelay $BackupRandomDelay; -} - -# filename based on identity -:local DirName ("tmpfs/" . $0); -:local FileName [ $CleanName ($Identity . "." . $Domain) ]; -:local FilePath ($DirName . "/" . $FileName); -:local BackupFile "none"; -:local ExportFile "none"; -:local ConfigFile "none"; -:local Attach ({}); - -:if ([ $MkDir $DirName ] = false) do={ - $LogPrintExit2 error $0 ("Failed creating directory!") true; -} - -# binary backup -:if ($BackupSendBinary = true) do={ - /system/backup/save encryption=aes-sha256 name=$FilePath password=$BackupPassword; - $WaitForFile ($FilePath . ".backup"); - :set BackupFile ($FileName . ".backup"); - :set Attach ($Attach, ($FilePath . ".backup")); -} - -# create configuration export -:if ($BackupSendExport = true) do={ - /export terse show-sensitive file=$FilePath; - $WaitForFile ($FilePath . ".rsc"); - :set ExportFile ($FileName . ".rsc"); - :set Attach ($Attach, ($FilePath . ".rsc")); -} - -# global-config-overlay -:if ($BackupSendGlobalConfig = true) do={ - # Do *NOT* use '/file/add ...' here, as it is limited to 4095 bytes! - :execute script={ :put [ /system/script/get global-config-overlay source ]; } \ - file=($FilePath . ".conf\00"); - $WaitForFile ($FilePath . ".conf"); - :set ConfigFile ($FileName . ".conf"); - :set Attach ($Attach, ($FilePath . ".conf")); -} - -# send email with status and files -$SendEMail2 ({ origin=$0; \ - subject=([ $SymbolForNotification "floppy-disk,incoming-envelope" ] . \ - "Backup & Config"); \ - message=("See attached files for backup and config export for " . \ - $Identity . ".\n\n" . \ - [ $DeviceInfo ] . "\n\n" . \ - [ $FormatLine "Backup file" $BackupFile ] . "\n" . \ - [ $FormatLine "Export file" $ExportFile ] . "\n" . \ - [ $FormatLine "Config file" $ConfigFile ]); \ - attach=$Attach; remove-attach=true }); - -# wait for the mail to be sent -:local I 0; -:while ([ :len [ /file/find where name ~ ($FilePath . "\\.(backup|rsc)\$") ] ] > 0) do={ - :if ($I >= 120) do={ - $LogPrintExit2 warning $0 ("Files are still available, sending e-mail failed.") true; + :if ([ :typeof $SendEMail2 ] = "nothing") do={ + $LogPrintExit2 error $ScriptName ("The module for sending notifications via e-mail is not installed.") true; + } + + :if ($BackupSendBinary != true && \ + $BackupSendExport != true) do={ + $LogPrintExit2 error $ScriptName ("Configured to send neither backup nor config export.") true; + } + + $ScriptLock $ScriptName; + $WaitFullyConnected; + + :if ([ $ScriptFromTerminal $ScriptName ] = false && $BackupRandomDelay > 0) do={ + $RandomDelay $BackupRandomDelay; + } + + # filename based on identity + :local DirName ("tmpfs/" . $ScriptName); + :local FileName [ $CleanName ($Identity . "." . $Domain) ]; + :local FilePath ($DirName . "/" . $FileName); + :local BackupFile "none"; + :local ExportFile "none"; + :local ConfigFile "none"; + :local Attach ({}); + + :if ([ $MkDir $DirName ] = false) do={ + $LogPrintExit2 error $ScriptName ("Failed creating directory!") true; + } + + # binary backup + :if ($BackupSendBinary = true) do={ + /system/backup/save encryption=aes-sha256 name=$FilePath password=$BackupPassword; + $WaitForFile ($FilePath . ".backup"); + :set BackupFile ($FileName . ".backup"); + :set Attach ($Attach, ($FilePath . ".backup")); + } + + # create configuration export + :if ($BackupSendExport = true) do={ + /export terse show-sensitive file=$FilePath; + $WaitForFile ($FilePath . ".rsc"); + :set ExportFile ($FileName . ".rsc"); + :set Attach ($Attach, ($FilePath . ".rsc")); + } + + # global-config-overlay + :if ($BackupSendGlobalConfig = true) do={ + # Do *NOT* use '/file/add ...' here, as it is limited to 4095 bytes! + :execute script={ :put [ /system/script/get global-config-overlay source ]; } \ + file=($FilePath . ".conf\00"); + $WaitForFile ($FilePath . ".conf"); + :set ConfigFile ($FileName . ".conf"); + :set Attach ($Attach, ($FilePath . ".conf")); + } + + # send email with status and files + $SendEMail2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "floppy-disk,incoming-envelope" ] . \ + "Backup & Config"); \ + message=("See attached files for backup and config export for " . \ + $Identity . ".\n\n" . \ + [ $DeviceInfo ] . "\n\n" . \ + [ $FormatLine "Backup file" $BackupFile ] . "\n" . \ + [ $FormatLine "Export file" $ExportFile ] . "\n" . \ + [ $FormatLine "Config file" $ConfigFile ]); \ + attach=$Attach; remove-attach=true }); + + # wait for the mail to be sent + :local I 0; + :while ([ :len [ /file/find where name ~ ($FilePath . "\\.(backup|rsc)\$") ] ] > 0) do={ + :if ($I >= 120) do={ + $LogPrintExit2 warning $ScriptName ("Files are still available, sending e-mail failed.") true; + } + :delay 1s; + :set I ($I + 1); } - :delay 1s; - :set I ($I + 1); } + +$Main [ :jobname ]; From 0ded98c9e2329e7ea20f296cc818e67803860cd3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:00 +0100 Subject: [PATCH 193/908] backup-partition: move code into function --- backup-partition.rsc | 59 ++++++++++++++++++++++++-------------------- 1 file changed, 32 insertions(+), 27 deletions(-) diff --git a/backup-partition.rsc b/backup-partition.rsc index 1db5e1d..4793f12 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -9,37 +9,42 @@ # save configuration to fallback partition # https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-partition.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global LogPrintExit2; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0; + :global LogPrintExit2; + :global ScriptLock; -:if ([ :len [ /partitions/find ] ] < 2) do={ - $LogPrintExit2 error $0 ("Device does not have a fallback partition.") true; + $ScriptLock $ScriptName; + + :if ([ :len [ /partitions/find ] ] < 2) do={ + $LogPrintExit2 error $ScriptName ("Device does not have a fallback partition.") true; + } + + :local ActiveRunning [ /partitions/find where active running ]; + + :if ([ :len $ActiveRunning ] < 1) do={ + $LogPrintExit2 error $ScriptName ("Device is not running from active partition.") true; + } + + :local FallbackTo [ /partitions/get $ActiveRunning fallback-to ]; + + :do { + /system/scheduler/add start-time=startup name="running-from-backup-partition" \ + on-event=(":log warning (\"Running from partition '\" . " . \ + "[ /partitions/get [ find where running ] name ] . \"'!\")"); + /partitions/save-config-to $FallbackTo; + /system/scheduler/remove "running-from-backup-partition"; + $LogPrintExit2 info $ScriptName ("Saved configuration to partition '" . \ + $FallbackTo . "'.") false; + } on-error={ + /system/scheduler/remove [ find where name="running-from-backup-partition" ]; + $LogPrintExit2 error $ScriptName ("Failed saving configuration to partition '" . \ + $FallbackTo . "'!") true; + } } -:local ActiveRunning [ /partitions/find where active running ]; - -:if ([ :len $ActiveRunning ] < 1) do={ - $LogPrintExit2 error $0 ("Device is not running from active partition.") true; -} - -:local FallbackTo [ /partitions/get $ActiveRunning fallback-to ]; - -:do { - /system/scheduler/add start-time=startup name="running-from-backup-partition" \ - on-event=(":log warning (\"Running from partition '\" . " . \ - "[ /partitions/get [ find where running ] name ] . \"'!\")"); - /partitions/save-config-to $FallbackTo; - /system/scheduler/remove "running-from-backup-partition"; - $LogPrintExit2 info $0 ("Saved configuration to partition '" . \ - $FallbackTo . "'.") false; -} on-error={ - /system/scheduler/remove [ find where name="running-from-backup-partition" ]; - $LogPrintExit2 error $0 ("Failed saving configuration to partition '" . \ - $FallbackTo . "'!") true; -} +$Main [ :jobname ]; From 1c26dde356222817a3a562bd3d27f3e45382c748 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:00 +0100 Subject: [PATCH 194/908] backup-upload: move code into function --- backup-upload.rsc | 267 +++++++++++++++++++++++----------------------- 1 file changed, 136 insertions(+), 131 deletions(-) diff --git a/backup-upload.rsc b/backup-upload.rsc index 05bc3ff..dfba15e 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -9,143 +9,148 @@ # create and upload backup and config file # https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-upload.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global BackupPassword; -:global BackupRandomDelay; -:global BackupSendBinary; -:global BackupSendExport; -:global BackupSendGlobalConfig; -:global BackupUploadPass; -:global BackupUploadUrl; -:global BackupUploadUser; -:global Domain; -:global Identity; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global CleanName; -:global DeviceInfo; -:global IfThenElse; -:global LogPrintExit2; -:global MkDir; -:global RandomDelay; -:global ScriptFromTerminal; -:global ScriptLock; -:global SendNotification2; -:global SymbolForNotification; -:global WaitForFile; -:global WaitFullyConnected; + :global BackupPassword; + :global BackupRandomDelay; + :global BackupSendBinary; + :global BackupSendExport; + :global BackupSendGlobalConfig; + :global BackupUploadPass; + :global BackupUploadUrl; + :global BackupUploadUser; + :global Domain; + :global Identity; -:if ($BackupSendBinary != true && \ - $BackupSendExport != true) do={ - $LogPrintExit2 error $0 ("Configured to send neither backup nor config export.") true; -} - -$ScriptLock $0; -$WaitFullyConnected; - -:if ([ $ScriptFromTerminal $0 ] = false && $BackupRandomDelay > 0) do={ - $RandomDelay $BackupRandomDelay; -} - -# filename based on identity -:local DirName ("tmpfs/" . $0); -:local FileName [ $CleanName ($Identity . "." . $Domain) ]; -:local FilePath ($DirName . "/" . $FileName); -:local BackupFile "none"; -:local ExportFile "none"; -:local ConfigFile "none"; -:local Failed 0; - -:if ([ $MkDir $DirName ] = false) do={ - $LogPrintExit2 error $0 ("Failed creating directory!") true; -} - -# binary backup -:if ($BackupSendBinary = true) do={ - /system/backup/save encryption=aes-sha256 name=$FilePath password=$BackupPassword; - $WaitForFile ($FilePath . ".backup"); - - :do { - /tool/fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".backup") \ - user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".backup"); - :set BackupFile [ /file/get ($FilePath . ".backup") ]; - :set ($BackupFile->"name") ($FileName . ".backup"); - } on-error={ - $LogPrintExit2 error $0 ("Uploading backup file failed!") false; - :set BackupFile "failed"; - :set Failed 1; - } - - /file/remove ($FilePath . ".backup"); -} - -# create configuration export -:if ($BackupSendExport = true) do={ - /export terse show-sensitive file=$FilePath; - $WaitForFile ($FilePath . ".rsc"); - - :do { - /tool/fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".rsc") \ - user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".rsc"); - :set ExportFile [ /file/get ($FilePath . ".rsc") ]; - :set ($ExportFile->"name") ($FileName . ".rsc"); - } on-error={ - $LogPrintExit2 error $0 ("Uploading configuration export failed!") false; - :set ExportFile "failed"; - :set Failed 1; - } - - /file/remove ($FilePath . ".rsc"); -} - -# global-config-overlay -:if ($BackupSendGlobalConfig = true) do={ - # Do *NOT* use '/file/add ...' here, as it is limited to 4095 bytes! - :execute script={ :put [ /system/script/get global-config-overlay source ]; } \ - file=($FilePath . ".conf\00"); - $WaitForFile ($FilePath . ".conf"); - - :do { - /tool/fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".conf") \ - user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".conf"); - :set ConfigFile [ /file/get ($FilePath . ".conf") ]; - :set ($ConfigFile->"name") ($FileName . ".conf"); - } on-error={ - $LogPrintExit2 error $0 ("Uploading global-config-overlay failed!") false; - :set ConfigFile "failed"; - :set Failed 1; - } - - /file/remove ($FilePath . ".conf"); -} - -:local FileInfo do={ - :local Name $1; - :local File $2; - - :global FormatLine; - :global HumanReadableNum; + :global CleanName; + :global DeviceInfo; :global IfThenElse; + :global LogPrintExit2; + :global MkDir; + :global RandomDelay; + :global ScriptFromTerminal; + :global ScriptLock; + :global SendNotification2; + :global SymbolForNotification; + :global WaitForFile; + :global WaitFullyConnected; - :return \ - [ $IfThenElse ([ :typeof $File ] = "array") \ - ($Name . ":\n" . [ $FormatLine " name" ($File->"name") ] . "\n" . \ - [ $FormatLine " size" ([ $HumanReadableNum ($File->"size") 1024 ] . "iB") ]) \ - [ $FormatLine $Name $File ] ]; + :if ($BackupSendBinary != true && \ + $BackupSendExport != true) do={ + $LogPrintExit2 error $ScriptName ("Configured to send neither backup nor config export.") true; + } + + $ScriptLock $ScriptName; + $WaitFullyConnected; + + :if ([ $ScriptFromTerminal $ScriptName ] = false && $BackupRandomDelay > 0) do={ + $RandomDelay $BackupRandomDelay; + } + + # filename based on identity + :local DirName ("tmpfs/" . $ScriptName); + :local FileName [ $CleanName ($Identity . "." . $Domain) ]; + :local FilePath ($DirName . "/" . $FileName); + :local BackupFile "none"; + :local ExportFile "none"; + :local ConfigFile "none"; + :local Failed 0; + + :if ([ $MkDir $DirName ] = false) do={ + $LogPrintExit2 error $ScriptName ("Failed creating directory!") true; + } + + # binary backup + :if ($BackupSendBinary = true) do={ + /system/backup/save encryption=aes-sha256 name=$FilePath password=$BackupPassword; + $WaitForFile ($FilePath . ".backup"); + + :do { + /tool/fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".backup") \ + user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".backup"); + :set BackupFile [ /file/get ($FilePath . ".backup") ]; + :set ($BackupFile->"name") ($FileName . ".backup"); + } on-error={ + $LogPrintExit2 error $ScriptName ("Uploading backup file failed!") false; + :set BackupFile "failed"; + :set Failed 1; + } + + /file/remove ($FilePath . ".backup"); + } + + # create configuration export + :if ($BackupSendExport = true) do={ + /export terse show-sensitive file=$FilePath; + $WaitForFile ($FilePath . ".rsc"); + + :do { + /tool/fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".rsc") \ + user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".rsc"); + :set ExportFile [ /file/get ($FilePath . ".rsc") ]; + :set ($ExportFile->"name") ($FileName . ".rsc"); + } on-error={ + $LogPrintExit2 error $ScriptName ("Uploading configuration export failed!") false; + :set ExportFile "failed"; + :set Failed 1; + } + + /file/remove ($FilePath . ".rsc"); + } + + # global-config-overlay + :if ($BackupSendGlobalConfig = true) do={ + # Do *NOT* use '/file/add ...' here, as it is limited to 4095 bytes! + :execute script={ :put [ /system/script/get global-config-overlay source ]; } \ + file=($FilePath . ".conf\00"); + $WaitForFile ($FilePath . ".conf"); + + :do { + /tool/fetch upload=yes url=($BackupUploadUrl . "/" . $FileName . ".conf") \ + user=$BackupUploadUser password=$BackupUploadPass src-path=($FilePath . ".conf"); + :set ConfigFile [ /file/get ($FilePath . ".conf") ]; + :set ($ConfigFile->"name") ($FileName . ".conf"); + } on-error={ + $LogPrintExit2 error $ScriptName ("Uploading global-config-overlay failed!") false; + :set ConfigFile "failed"; + :set Failed 1; + } + + /file/remove ($FilePath . ".conf"); + } + + :local FileInfo do={ + :local Name $1; + :local File $2; + + :global FormatLine; + :global HumanReadableNum; + :global IfThenElse; + + :return \ + [ $IfThenElse ([ :typeof $File ] = "array") \ + ($Name . ":\n" . [ $FormatLine " name" ($File->"name") ] . "\n" . \ + [ $FormatLine " size" ([ $HumanReadableNum ($File->"size") 1024 ] . "iB") ]) \ + [ $FormatLine $Name $File ] ]; + } + + $SendNotification2 ({ origin=$ScriptName; \ + subject=[ $IfThenElse ($Failed > 0) \ + ([ $SymbolForNotification "floppy-disk,warning-sign" ] . "Backup & Config upload with failure") \ + ([ $SymbolForNotification "floppy-disk,arrow-up" ] . "Backup & Config upload") ]; \ + message=("Backup and config export upload for " . $Identity . ".\n\n" . \ + [ $DeviceInfo ] . "\n\n" . \ + [ $FileInfo "Backup file" $BackupFile ] . "\n" . \ + [ $FileInfo "Export file" $ExportFile ] . "\n" . \ + [ $FileInfo "Config file" $ConfigFile ]); silent=true }); + + :if ($Failed = 1) do={ + :error "An error occured!"; + } } -$SendNotification2 ({ origin=$0; \ - subject=[ $IfThenElse ($Failed > 0) \ - ([ $SymbolForNotification "floppy-disk,warning-sign" ] . "Backup & Config upload with failure") \ - ([ $SymbolForNotification "floppy-disk,arrow-up" ] . "Backup & Config upload") ]; \ - message=("Backup and config export upload for " . $Identity . ".\n\n" . \ - [ $DeviceInfo ] . "\n\n" . \ - [ $FileInfo "Backup file" $BackupFile ] . "\n" . \ - [ $FileInfo "Export file" $ExportFile ] . "\n" . \ - [ $FileInfo "Config file" $ConfigFile ]); silent=true }); - -:if ($Failed = 1) do={ - :error "An error occured!"; -} +$Main [ :jobname ]; From c2df671d6f31c0e652542f731d66cbccace43f85 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:00 +0100 Subject: [PATCH 195/908] capsman-download-packages: move code into function --- capsman-download-packages.capsman.rsc | 99 ++++++++++---------- capsman-download-packages.template.rsc | 117 ++++++++++++------------ capsman-download-packages.wifi.rsc | 103 +++++++++++---------- capsman-download-packages.wifiwave2.rsc | 99 ++++++++++---------- 4 files changed, 219 insertions(+), 199 deletions(-) diff --git a/capsman-download-packages.capsman.rsc b/capsman-download-packages.capsman.rsc index 82849f8..18ecf57 100644 --- a/capsman-download-packages.capsman.rsc +++ b/capsman-download-packages.capsman.rsc @@ -11,66 +11,71 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global CleanFilePath; -:global DownloadPackage; -:global LogPrintExit2; -:global MkDir; -:global ScriptLock; -:global WaitFullyConnected; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0; -$WaitFullyConnected; + :global CleanFilePath; + :global DownloadPackage; + :global LogPrintExit2; + :global MkDir; + :global ScriptLock; + :global WaitFullyConnected; -:local PackagePath [ $CleanFilePath [ /caps-man/manager/get package-path ] ]; -:local InstalledVersion [ /system/package/update/get installed-version ]; -:local Updated false; + $ScriptLock $ScriptName; + $WaitFullyConnected; -:if ([ :len $PackagePath ] = 0) do={ - $LogPrintExit2 warning $0 ("The CAPsMAN package path is not defined, can not download packages.") true; -} + :local PackagePath [ $CleanFilePath [ /caps-man/manager/get package-path ] ]; + :local InstalledVersion [ /system/package/update/get installed-version ]; + :local Updated false; -:if ([ :len [ /file/find where name=$PackagePath type="directory" ] ] = 0) do={ - :if ([ $MkDir $PackagePath ] = false) do={ - $LogPrintExit2 warning $0 ("Creating directory at CAPsMAN package path (" . \ - $PackagePath . ") failed!") true; + :if ([ :len $PackagePath ] = 0) do={ + $LogPrintExit2 warning $ScriptName ("The CAPsMAN package path is not defined, can not download packages.") true; } - $LogPrintExit2 info $0 ("Created directory at CAPsMAN package path (" . $PackagePath . \ - "). Please place your packages!") false; -} -:foreach Package in=[ /file/find where type=package \ - package-version!=$InstalledVersion name~("^" . $PackagePath) ] do={ - :local File [ /file/get $Package ]; - :if ($File->"package-architecture" = "mips") do={ - :set ($File->"package-architecture") "mipsbe"; + :if ([ :len [ /file/find where name=$PackagePath type="directory" ] ] = 0) do={ + :if ([ $MkDir $PackagePath ] = false) do={ + $LogPrintExit2 warning $ScriptName ("Creating directory at CAPsMAN package path (" . \ + $PackagePath . ") failed!") true; + } + $LogPrintExit2 info $ScriptName ("Created directory at CAPsMAN package path (" . $PackagePath . \ + "). Please place your packages!") false; } - :if ([ $DownloadPackage ($File->"package-name") $InstalledVersion \ - ($File->"package-architecture") $PackagePath ] = true) do={ - :set Updated true; - /file/remove $Package; - } -} -:if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={ - $LogPrintExit2 info $0 ("No packages available, downloading default set.") false; - :foreach Arch in={ "arm"; "mipsbe" } do={ - :foreach Package in={ "routeros"; "wireless" } do={ - :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={ - :set Updated true; + :foreach Package in=[ /file/find where type=package \ + package-version!=$InstalledVersion name~("^" . $PackagePath) ] do={ + :local File [ /file/get $Package ]; + :if ($File->"package-architecture" = "mips") do={ + :set ($File->"package-architecture") "mipsbe"; + } + :if ([ $DownloadPackage ($File->"package-name") $InstalledVersion \ + ($File->"package-architecture") $PackagePath ] = true) do={ + :set Updated true; + /file/remove $Package; + } + } + + :if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={ + $LogPrintExit2 info $ScriptName ("No packages available, downloading default set.") false; + :foreach Arch in={ "arm"; "mipsbe" } do={ + :foreach Package in={ "routeros"; "wireless" } do={ + :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={ + :set Updated true; + } } } } + + :if ($Updated = true) do={ + :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade\n" ]->0); + :if ([ :len $Script ] > 0) do={ + /system/script/run $Script; + } else={ + /caps-man/remote-cap/upgrade [ find where version!=$InstalledVersion ]; + } + } } -:if ($Updated = true) do={ - :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade\n" ]->0); - :if ([ :len $Script ] > 0) do={ - /system/script/run $Script; - } else={ - /caps-man/remote-cap/upgrade [ find where version!=$InstalledVersion ]; - } -} +$Main [ :jobname ]; diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index 3eaa377..8cc7b2d 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -12,85 +12,90 @@ # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global CleanFilePath; -:global DownloadPackage; -:global LogPrintExit2; -:global MkDir; -:global ScriptLock; -:global WaitFullyConnected; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0; -$WaitFullyConnected; + :global CleanFilePath; + :global DownloadPackage; + :global LogPrintExit2; + :global MkDir; + :global ScriptLock; + :global WaitFullyConnected; -:local PackagePath [ $CleanFilePath [ /caps-man/manager/get package-path ] ]; -:local PackagePath [ $CleanFilePath [ /interface/wifi/capsman/get package-path ] ]; -:local PackagePath [ $CleanFilePath [ /interface/wifiwave2/capsman/get package-path ] ]; -:local InstalledVersion [ /system/package/update/get installed-version ]; -:local Updated false; + $ScriptLock $ScriptName; + $WaitFullyConnected; -:if ([ :len $PackagePath ] = 0) do={ - $LogPrintExit2 warning $0 ("The CAPsMAN package path is not defined, can not download packages.") true; -} + :local PackagePath [ $CleanFilePath [ /caps-man/manager/get package-path ] ]; + :local PackagePath [ $CleanFilePath [ /interface/wifi/capsman/get package-path ] ]; + :local PackagePath [ $CleanFilePath [ /interface/wifiwave2/capsman/get package-path ] ]; + :local InstalledVersion [ /system/package/update/get installed-version ]; + :local Updated false; -:if ([ :len [ /file/find where name=$PackagePath type="directory" ] ] = 0) do={ - :if ([ $MkDir $PackagePath ] = false) do={ - $LogPrintExit2 warning $0 ("Creating directory at CAPsMAN package path (" . \ - $PackagePath . ") failed!") true; + :if ([ :len $PackagePath ] = 0) do={ + $LogPrintExit2 warning $ScriptName ("The CAPsMAN package path is not defined, can not download packages.") true; } - $LogPrintExit2 info $0 ("Created directory at CAPsMAN package path (" . $PackagePath . \ - "). Please place your packages!") false; -} -:foreach Package in=[ /file/find where type=package \ - package-version!=$InstalledVersion name~("^" . $PackagePath) ] do={ - :local File [ /file/get $Package ]; - :if ($File->"package-architecture" = "mips") do={ - :set ($File->"package-architecture") "mipsbe"; + :if ([ :len [ /file/find where name=$PackagePath type="directory" ] ] = 0) do={ + :if ([ $MkDir $PackagePath ] = false) do={ + $LogPrintExit2 warning $ScriptName ("Creating directory at CAPsMAN package path (" . \ + $PackagePath . ") failed!") true; + } + $LogPrintExit2 info $ScriptName ("Created directory at CAPsMAN package path (" . $PackagePath . \ + "). Please place your packages!") false; } - :if ([ $DownloadPackage ($File->"package-name") $InstalledVersion \ - ($File->"package-architecture") $PackagePath ] = true) do={ - :set Updated true; - /file/remove $Package; - } -} -:if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={ - $LogPrintExit2 info $0 ("No packages available, downloading default set.") false; + :foreach Package in=[ /file/find where type=package \ + package-version!=$InstalledVersion name~("^" . $PackagePath) ] do={ + :local File [ /file/get $Package ]; + :if ($File->"package-architecture" = "mips") do={ + :set ($File->"package-architecture") "mipsbe"; + } + :if ([ $DownloadPackage ($File->"package-name") $InstalledVersion \ + ($File->"package-architecture") $PackagePath ] = true) do={ + :set Updated true; + /file/remove $Package; + } + } + + :if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={ + $LogPrintExit2 info $ScriptName ("No packages available, downloading default set.") false; # NOT /interface/wifi/ # # NOT /interface/wifiwave2/ # - :foreach Arch in={ "arm"; "mipsbe" } do={ - :foreach Package in={ "routeros"; "wireless" } do={ + :foreach Arch in={ "arm"; "mipsbe" } do={ + :foreach Package in={ "routeros"; "wireless" } do={ # NOT /interface/wifi/ # # NOT /interface/wifiwave2/ # # NOT /caps-man/ # - :foreach Arch in={ "arm"; "arm64" } do={ + :foreach Arch in={ "arm"; "arm64" } do={ # NOT /interface/wifi/ # - :foreach Package in={ "routeros"; "wifiwave2" } do={ + :foreach Package in={ "routeros"; "wifiwave2" } do={ # NOT /interface/wifi/ # # NOT /interface/wifiwave2/ # - :local Packages { "arm"={ "routeros"; "wifi-qcom"; "wifi-qcom-ac" }; - "arm64"={ "routeros"; "wifi-qcom" } }; - :foreach Package in=($Packages->$Arch) do={ + :local Packages { "arm"={ "routeros"; "wifi-qcom"; "wifi-qcom-ac" }; + "arm64"={ "routeros"; "wifi-qcom" } }; + :foreach Package in=($Packages->$Arch) do={ # NOT /interface/wifiwave2/ # # NOT /caps-man/ # - :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={ - :set Updated true; + :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={ + :set Updated true; + } } } } + + :if ($Updated = true) do={ + :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade\n" ]->0); + :if ([ :len $Script ] > 0) do={ + /system/script/run $Script; + } else={ + /caps-man/remote-cap/upgrade [ find where version!=$InstalledVersion ]; + /interface/wifi/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ]; + /interface/wifiwave2/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ]; + } + } } -:if ($Updated = true) do={ - :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade\n" ]->0); - :if ([ :len $Script ] > 0) do={ - /system/script/run $Script; - } else={ - /caps-man/remote-cap/upgrade [ find where version!=$InstalledVersion ]; - /interface/wifi/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ]; - /interface/wifiwave2/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ]; - } -} +$Main [ :jobname ]; diff --git a/capsman-download-packages.wifi.rsc b/capsman-download-packages.wifi.rsc index 021521e..6f62c54 100644 --- a/capsman-download-packages.wifi.rsc +++ b/capsman-download-packages.wifi.rsc @@ -11,68 +11,73 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global CleanFilePath; -:global DownloadPackage; -:global LogPrintExit2; -:global MkDir; -:global ScriptLock; -:global WaitFullyConnected; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0; -$WaitFullyConnected; + :global CleanFilePath; + :global DownloadPackage; + :global LogPrintExit2; + :global MkDir; + :global ScriptLock; + :global WaitFullyConnected; -:local PackagePath [ $CleanFilePath [ /interface/wifi/capsman/get package-path ] ]; -:local InstalledVersion [ /system/package/update/get installed-version ]; -:local Updated false; + $ScriptLock $ScriptName; + $WaitFullyConnected; -:if ([ :len $PackagePath ] = 0) do={ - $LogPrintExit2 warning $0 ("The CAPsMAN package path is not defined, can not download packages.") true; -} + :local PackagePath [ $CleanFilePath [ /interface/wifi/capsman/get package-path ] ]; + :local InstalledVersion [ /system/package/update/get installed-version ]; + :local Updated false; -:if ([ :len [ /file/find where name=$PackagePath type="directory" ] ] = 0) do={ - :if ([ $MkDir $PackagePath ] = false) do={ - $LogPrintExit2 warning $0 ("Creating directory at CAPsMAN package path (" . \ - $PackagePath . ") failed!") true; + :if ([ :len $PackagePath ] = 0) do={ + $LogPrintExit2 warning $ScriptName ("The CAPsMAN package path is not defined, can not download packages.") true; } - $LogPrintExit2 info $0 ("Created directory at CAPsMAN package path (" . $PackagePath . \ - "). Please place your packages!") false; -} -:foreach Package in=[ /file/find where type=package \ - package-version!=$InstalledVersion name~("^" . $PackagePath) ] do={ - :local File [ /file/get $Package ]; - :if ($File->"package-architecture" = "mips") do={ - :set ($File->"package-architecture") "mipsbe"; + :if ([ :len [ /file/find where name=$PackagePath type="directory" ] ] = 0) do={ + :if ([ $MkDir $PackagePath ] = false) do={ + $LogPrintExit2 warning $ScriptName ("Creating directory at CAPsMAN package path (" . \ + $PackagePath . ") failed!") true; + } + $LogPrintExit2 info $ScriptName ("Created directory at CAPsMAN package path (" . $PackagePath . \ + "). Please place your packages!") false; } - :if ([ $DownloadPackage ($File->"package-name") $InstalledVersion \ - ($File->"package-architecture") $PackagePath ] = true) do={ - :set Updated true; - /file/remove $Package; - } -} -:if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={ - $LogPrintExit2 info $0 ("No packages available, downloading default set.") false; - :foreach Arch in={ "arm"; "arm64" } do={ - :local Packages { "arm"={ "routeros"; "wifi-qcom"; "wifi-qcom-ac" }; - "arm64"={ "routeros"; "wifi-qcom" } }; - :foreach Package in=($Packages->$Arch) do={ - :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={ - :set Updated true; + :foreach Package in=[ /file/find where type=package \ + package-version!=$InstalledVersion name~("^" . $PackagePath) ] do={ + :local File [ /file/get $Package ]; + :if ($File->"package-architecture" = "mips") do={ + :set ($File->"package-architecture") "mipsbe"; + } + :if ([ $DownloadPackage ($File->"package-name") $InstalledVersion \ + ($File->"package-architecture") $PackagePath ] = true) do={ + :set Updated true; + /file/remove $Package; + } + } + + :if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={ + $LogPrintExit2 info $ScriptName ("No packages available, downloading default set.") false; + :foreach Arch in={ "arm"; "arm64" } do={ + :local Packages { "arm"={ "routeros"; "wifi-qcom"; "wifi-qcom-ac" }; + "arm64"={ "routeros"; "wifi-qcom" } }; + :foreach Package in=($Packages->$Arch) do={ + :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={ + :set Updated true; + } } } } + + :if ($Updated = true) do={ + :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade\n" ]->0); + :if ([ :len $Script ] > 0) do={ + /system/script/run $Script; + } else={ + /interface/wifi/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ]; + } + } } -:if ($Updated = true) do={ - :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade\n" ]->0); - :if ([ :len $Script ] > 0) do={ - /system/script/run $Script; - } else={ - /interface/wifi/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ]; - } -} +$Main [ :jobname ]; diff --git a/capsman-download-packages.wifiwave2.rsc b/capsman-download-packages.wifiwave2.rsc index 29dca8a..705da70 100644 --- a/capsman-download-packages.wifiwave2.rsc +++ b/capsman-download-packages.wifiwave2.rsc @@ -11,66 +11,71 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global CleanFilePath; -:global DownloadPackage; -:global LogPrintExit2; -:global MkDir; -:global ScriptLock; -:global WaitFullyConnected; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0; -$WaitFullyConnected; + :global CleanFilePath; + :global DownloadPackage; + :global LogPrintExit2; + :global MkDir; + :global ScriptLock; + :global WaitFullyConnected; -:local PackagePath [ $CleanFilePath [ /interface/wifiwave2/capsman/get package-path ] ]; -:local InstalledVersion [ /system/package/update/get installed-version ]; -:local Updated false; + $ScriptLock $ScriptName; + $WaitFullyConnected; -:if ([ :len $PackagePath ] = 0) do={ - $LogPrintExit2 warning $0 ("The CAPsMAN package path is not defined, can not download packages.") true; -} + :local PackagePath [ $CleanFilePath [ /interface/wifiwave2/capsman/get package-path ] ]; + :local InstalledVersion [ /system/package/update/get installed-version ]; + :local Updated false; -:if ([ :len [ /file/find where name=$PackagePath type="directory" ] ] = 0) do={ - :if ([ $MkDir $PackagePath ] = false) do={ - $LogPrintExit2 warning $0 ("Creating directory at CAPsMAN package path (" . \ - $PackagePath . ") failed!") true; + :if ([ :len $PackagePath ] = 0) do={ + $LogPrintExit2 warning $ScriptName ("The CAPsMAN package path is not defined, can not download packages.") true; } - $LogPrintExit2 info $0 ("Created directory at CAPsMAN package path (" . $PackagePath . \ - "). Please place your packages!") false; -} -:foreach Package in=[ /file/find where type=package \ - package-version!=$InstalledVersion name~("^" . $PackagePath) ] do={ - :local File [ /file/get $Package ]; - :if ($File->"package-architecture" = "mips") do={ - :set ($File->"package-architecture") "mipsbe"; + :if ([ :len [ /file/find where name=$PackagePath type="directory" ] ] = 0) do={ + :if ([ $MkDir $PackagePath ] = false) do={ + $LogPrintExit2 warning $ScriptName ("Creating directory at CAPsMAN package path (" . \ + $PackagePath . ") failed!") true; + } + $LogPrintExit2 info $ScriptName ("Created directory at CAPsMAN package path (" . $PackagePath . \ + "). Please place your packages!") false; } - :if ([ $DownloadPackage ($File->"package-name") $InstalledVersion \ - ($File->"package-architecture") $PackagePath ] = true) do={ - :set Updated true; - /file/remove $Package; - } -} -:if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={ - $LogPrintExit2 info $0 ("No packages available, downloading default set.") false; - :foreach Arch in={ "arm"; "arm64" } do={ - :foreach Package in={ "routeros"; "wifiwave2" } do={ - :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={ - :set Updated true; + :foreach Package in=[ /file/find where type=package \ + package-version!=$InstalledVersion name~("^" . $PackagePath) ] do={ + :local File [ /file/get $Package ]; + :if ($File->"package-architecture" = "mips") do={ + :set ($File->"package-architecture") "mipsbe"; + } + :if ([ $DownloadPackage ($File->"package-name") $InstalledVersion \ + ($File->"package-architecture") $PackagePath ] = true) do={ + :set Updated true; + /file/remove $Package; + } + } + + :if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={ + $LogPrintExit2 info $ScriptName ("No packages available, downloading default set.") false; + :foreach Arch in={ "arm"; "arm64" } do={ + :foreach Package in={ "routeros"; "wifiwave2" } do={ + :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={ + :set Updated true; + } } } } + + :if ($Updated = true) do={ + :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade\n" ]->0); + :if ([ :len $Script ] > 0) do={ + /system/script/run $Script; + } else={ + /interface/wifiwave2/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ]; + } + } } -:if ($Updated = true) do={ - :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade\n" ]->0); - :if ([ :len $Script ] > 0) do={ - /system/script/run $Script; - } else={ - /interface/wifiwave2/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ]; - } -} +$Main [ :jobname ]; From 4cbf9fab746e9ce62e3cb66c794aad3e2601dc06 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:00 +0100 Subject: [PATCH 196/908] capsman-rolling-upgrade: move code into function --- capsman-rolling-upgrade.capsman.rsc | 41 +++++++++++-------- capsman-rolling-upgrade.template.rsc | 59 +++++++++++++++------------ capsman-rolling-upgrade.wifi.rsc | 43 ++++++++++--------- capsman-rolling-upgrade.wifiwave2.rsc | 43 ++++++++++--------- 4 files changed, 103 insertions(+), 83 deletions(-) diff --git a/capsman-rolling-upgrade.capsman.rsc b/capsman-rolling-upgrade.capsman.rsc index 7aa20aa..fb0904d 100644 --- a/capsman-rolling-upgrade.capsman.rsc +++ b/capsman-rolling-upgrade.capsman.rsc @@ -12,30 +12,35 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global LogPrintExit2; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0; + :global LogPrintExit2; + :global ScriptLock; -:local InstalledVersion [ /system/package/update/get installed-version ]; + $ScriptLock $ScriptName; -:local RemoteCapCount [ :len [ /caps-man/remote-cap/find ] ]; -:if ($RemoteCapCount > 0) do={ - :local Delay (600 / $RemoteCapCount); - :if ($Delay > 120) do={ :set Delay 120; } - :foreach RemoteCap in=[ /caps-man/remote-cap/find where version!=$InstalledVersion ] do={ - :local RemoteCapVal [ /caps-man/remote-cap/get $RemoteCap ]; - :if ([ :len $RemoteCapVal ] > 1) do={ - $LogPrintExit2 info $0 ("Starting upgrade for " . $RemoteCapVal->"name" . \ - " (" . $RemoteCapVal->"identity" . ")...") false; - /caps-man/remote-cap/upgrade $RemoteCap; - } else={ - $LogPrintExit2 warning $0 ("Remote CAP vanished, skipping upgrade.") false; + :local InstalledVersion [ /system/package/update/get installed-version ]; + + :local RemoteCapCount [ :len [ /caps-man/remote-cap/find ] ]; + :if ($RemoteCapCount > 0) do={ + :local Delay (600 / $RemoteCapCount); + :if ($Delay > 120) do={ :set Delay 120; } + :foreach RemoteCap in=[ /caps-man/remote-cap/find where version!=$InstalledVersion ] do={ + :local RemoteCapVal [ /caps-man/remote-cap/get $RemoteCap ]; + :if ([ :len $RemoteCapVal ] > 1) do={ + $LogPrintExit2 info $ScriptName ("Starting upgrade for " . $RemoteCapVal->"name" . \ + " (" . $RemoteCapVal->"identity" . ")...") false; + /caps-man/remote-cap/upgrade $RemoteCap; + } else={ + $LogPrintExit2 warning $ScriptName ("Remote CAP vanished, skipping upgrade.") false; + } + :delay ($Delay . "s"); } - :delay ($Delay . "s"); } } + +$Main [ :jobname ]; diff --git a/capsman-rolling-upgrade.template.rsc b/capsman-rolling-upgrade.template.rsc index de0b4d1..6ea9ac0 100644 --- a/capsman-rolling-upgrade.template.rsc +++ b/capsman-rolling-upgrade.template.rsc @@ -13,41 +13,46 @@ # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global LogPrintExit2; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0; + :global LogPrintExit2; + :global ScriptLock; -:local InstalledVersion [ /system/package/update/get installed-version ]; + $ScriptLock $ScriptName; -:local RemoteCapCount [ :len [ /caps-man/remote-cap/find ] ]; -:local RemoteCapCount [ :len [ /interface/wifi/capsman/remote-cap/find ] ]; -:local RemoteCapCount [ :len [ /interface/wifiwave2/capsman/remote-cap/find ] ]; -:if ($RemoteCapCount > 0) do={ - :local Delay (600 / $RemoteCapCount); - :if ($Delay > 120) do={ :set Delay 120; } - :foreach RemoteCap in=[ /caps-man/remote-cap/find where version!=$InstalledVersion ] do={ - :foreach RemoteCap in=[ /interface/wifi/capsman/remote-cap/find where version!=$InstalledVersion ] do={ - :foreach RemoteCap in=[ /interface/wifiwave2/capsman/remote-cap/find where version!=$InstalledVersion ] do={ - :local RemoteCapVal [ /caps-man/remote-cap/get $RemoteCap ]; - :local RemoteCapVal [ /interface/wifi/capsman/remote-cap/get $RemoteCap ]; - :local RemoteCapVal [ /interface/wifiwave2/capsman/remote-cap/get $RemoteCap ]; - :if ([ :len $RemoteCapVal ] > 1) do={ + :local InstalledVersion [ /system/package/update/get installed-version ]; + + :local RemoteCapCount [ :len [ /caps-man/remote-cap/find ] ]; + :local RemoteCapCount [ :len [ /interface/wifi/capsman/remote-cap/find ] ]; + :local RemoteCapCount [ :len [ /interface/wifiwave2/capsman/remote-cap/find ] ]; + :if ($RemoteCapCount > 0) do={ + :local Delay (600 / $RemoteCapCount); + :if ($Delay > 120) do={ :set Delay 120; } + :foreach RemoteCap in=[ /caps-man/remote-cap/find where version!=$InstalledVersion ] do={ + :foreach RemoteCap in=[ /interface/wifi/capsman/remote-cap/find where version!=$InstalledVersion ] do={ + :foreach RemoteCap in=[ /interface/wifiwave2/capsman/remote-cap/find where version!=$InstalledVersion ] do={ + :local RemoteCapVal [ /caps-man/remote-cap/get $RemoteCap ]; + :local RemoteCapVal [ /interface/wifi/capsman/remote-cap/get $RemoteCap ]; + :local RemoteCapVal [ /interface/wifiwave2/capsman/remote-cap/get $RemoteCap ]; + :if ([ :len $RemoteCapVal ] > 1) do={ # NOT /caps-man/ # - :set ($RemoteCapVal->"name") ($RemoteCapVal->"common-name"); + :set ($RemoteCapVal->"name") ($RemoteCapVal->"common-name"); # NOT /caps-man/ # - $LogPrintExit2 info $0 ("Starting upgrade for " . $RemoteCapVal->"name" . \ - " (" . $RemoteCapVal->"identity" . ")...") false; - /caps-man/remote-cap/upgrade $RemoteCap; - /interface/wifi/capsman/remote-cap/upgrade $RemoteCap; - /interface/wifiwave2/capsman/remote-cap/upgrade $RemoteCap; - } else={ - $LogPrintExit2 warning $0 ("Remote CAP vanished, skipping upgrade.") false; + $LogPrintExit2 info $ScriptName ("Starting upgrade for " . $RemoteCapVal->"name" . \ + " (" . $RemoteCapVal->"identity" . ")...") false; + /caps-man/remote-cap/upgrade $RemoteCap; + /interface/wifi/capsman/remote-cap/upgrade $RemoteCap; + /interface/wifiwave2/capsman/remote-cap/upgrade $RemoteCap; + } else={ + $LogPrintExit2 warning $ScriptName ("Remote CAP vanished, skipping upgrade.") false; + } + :delay ($Delay . "s"); } - :delay ($Delay . "s"); } } + +$Main [ :jobname ]; diff --git a/capsman-rolling-upgrade.wifi.rsc b/capsman-rolling-upgrade.wifi.rsc index c17c5a1..d788c29 100644 --- a/capsman-rolling-upgrade.wifi.rsc +++ b/capsman-rolling-upgrade.wifi.rsc @@ -12,31 +12,36 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global LogPrintExit2; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0; + :global LogPrintExit2; + :global ScriptLock; -:local InstalledVersion [ /system/package/update/get installed-version ]; + $ScriptLock $ScriptName; -:local RemoteCapCount [ :len [ /interface/wifi/capsman/remote-cap/find ] ]; -:if ($RemoteCapCount > 0) do={ - :local Delay (600 / $RemoteCapCount); - :if ($Delay > 120) do={ :set Delay 120; } - :foreach RemoteCap in=[ /interface/wifi/capsman/remote-cap/find where version!=$InstalledVersion ] do={ - :local RemoteCapVal [ /interface/wifi/capsman/remote-cap/get $RemoteCap ]; - :if ([ :len $RemoteCapVal ] > 1) do={ - :set ($RemoteCapVal->"name") ($RemoteCapVal->"common-name"); - $LogPrintExit2 info $0 ("Starting upgrade for " . $RemoteCapVal->"name" . \ - " (" . $RemoteCapVal->"identity" . ")...") false; - /interface/wifi/capsman/remote-cap/upgrade $RemoteCap; - } else={ - $LogPrintExit2 warning $0 ("Remote CAP vanished, skipping upgrade.") false; + :local InstalledVersion [ /system/package/update/get installed-version ]; + + :local RemoteCapCount [ :len [ /interface/wifi/capsman/remote-cap/find ] ]; + :if ($RemoteCapCount > 0) do={ + :local Delay (600 / $RemoteCapCount); + :if ($Delay > 120) do={ :set Delay 120; } + :foreach RemoteCap in=[ /interface/wifi/capsman/remote-cap/find where version!=$InstalledVersion ] do={ + :local RemoteCapVal [ /interface/wifi/capsman/remote-cap/get $RemoteCap ]; + :if ([ :len $RemoteCapVal ] > 1) do={ + :set ($RemoteCapVal->"name") ($RemoteCapVal->"common-name"); + $LogPrintExit2 info $ScriptName ("Starting upgrade for " . $RemoteCapVal->"name" . \ + " (" . $RemoteCapVal->"identity" . ")...") false; + /interface/wifi/capsman/remote-cap/upgrade $RemoteCap; + } else={ + $LogPrintExit2 warning $ScriptName ("Remote CAP vanished, skipping upgrade.") false; + } + :delay ($Delay . "s"); } - :delay ($Delay . "s"); } } + +$Main [ :jobname ]; diff --git a/capsman-rolling-upgrade.wifiwave2.rsc b/capsman-rolling-upgrade.wifiwave2.rsc index aff47e4..78e348d 100644 --- a/capsman-rolling-upgrade.wifiwave2.rsc +++ b/capsman-rolling-upgrade.wifiwave2.rsc @@ -12,31 +12,36 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global LogPrintExit2; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0; + :global LogPrintExit2; + :global ScriptLock; -:local InstalledVersion [ /system/package/update/get installed-version ]; + $ScriptLock $ScriptName; -:local RemoteCapCount [ :len [ /interface/wifiwave2/capsman/remote-cap/find ] ]; -:if ($RemoteCapCount > 0) do={ - :local Delay (600 / $RemoteCapCount); - :if ($Delay > 120) do={ :set Delay 120; } - :foreach RemoteCap in=[ /interface/wifiwave2/capsman/remote-cap/find where version!=$InstalledVersion ] do={ - :local RemoteCapVal [ /interface/wifiwave2/capsman/remote-cap/get $RemoteCap ]; - :if ([ :len $RemoteCapVal ] > 1) do={ - :set ($RemoteCapVal->"name") ($RemoteCapVal->"common-name"); - $LogPrintExit2 info $0 ("Starting upgrade for " . $RemoteCapVal->"name" . \ - " (" . $RemoteCapVal->"identity" . ")...") false; - /interface/wifiwave2/capsman/remote-cap/upgrade $RemoteCap; - } else={ - $LogPrintExit2 warning $0 ("Remote CAP vanished, skipping upgrade.") false; + :local InstalledVersion [ /system/package/update/get installed-version ]; + + :local RemoteCapCount [ :len [ /interface/wifiwave2/capsman/remote-cap/find ] ]; + :if ($RemoteCapCount > 0) do={ + :local Delay (600 / $RemoteCapCount); + :if ($Delay > 120) do={ :set Delay 120; } + :foreach RemoteCap in=[ /interface/wifiwave2/capsman/remote-cap/find where version!=$InstalledVersion ] do={ + :local RemoteCapVal [ /interface/wifiwave2/capsman/remote-cap/get $RemoteCap ]; + :if ([ :len $RemoteCapVal ] > 1) do={ + :set ($RemoteCapVal->"name") ($RemoteCapVal->"common-name"); + $LogPrintExit2 info $ScriptName ("Starting upgrade for " . $RemoteCapVal->"name" . \ + " (" . $RemoteCapVal->"identity" . ")...") false; + /interface/wifiwave2/capsman/remote-cap/upgrade $RemoteCap; + } else={ + $LogPrintExit2 warning $ScriptName ("Remote CAP vanished, skipping upgrade.") false; + } + :delay ($Delay . "s"); } - :delay ($Delay . "s"); } } + +$Main [ :jobname ]; From 2d112c0b3313f1a1d1e830035602d94c81cbc20c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:00 +0100 Subject: [PATCH 197/908] certificate-renew-issued: move code into function --- certificate-renew-issued.rsc | 51 ++++++++++++++++++++---------------- 1 file changed, 28 insertions(+), 23 deletions(-) diff --git a/certificate-renew-issued.rsc b/certificate-renew-issued.rsc index c6a819a..79ed0ba 100644 --- a/certificate-renew-issued.rsc +++ b/certificate-renew-issued.rsc @@ -8,36 +8,41 @@ # renew locally issued certificates # https://git.eworm.de/cgit/routeros-scripts/about/doc/certificate-renew-issued.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global CertIssuedExportPass; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global LogPrintExit2; -:global MkDir; -:global ScriptLock; + :global CertIssuedExportPass; -$ScriptLock $0; + :global LogPrintExit2; + :global MkDir; + :global ScriptLock; -:foreach Cert in=[ /certificate/find where issued expires-after<3w ] do={ - :local CertVal [ /certificate/get $Cert ]; - /certificate/issued-revoke $Cert; - /certificate/set name=($CertVal->"name" . "-revoked-" . [ /system/clock/get date ]) $Cert; - /certificate/add name=($CertVal->"name") common-name=($CertVal->"common-name") \ - key-usage=($CertVal->"key-usage") subject-alt-name=($CertVal->"subject-alt-name"); - /certificate/sign ($CertVal->"name") ca=($CertVal->"ca"); - :if ([ :typeof ($CertIssuedExportPass->($CertVal->"common-name")) ] = "str") do={ - :if ([ $MkDir "cert-issued" ] = true) do={ - /certificate/export-certificate ($CertVal->"name") type=pkcs12 \ - file-name=("cert-issued/" . $CertVal->"common-name") \ - export-passphrase=($CertIssuedExportPass->($CertVal->"common-name")); - $LogPrintExit2 info $0 ("Issued a new certificate for \"" . $CertVal->"common-name" . \ - "\", exported to \"cert-issued/" . $CertVal->"common-name" . ".p12\".") false; + $ScriptLock $ScriptName; + + :foreach Cert in=[ /certificate/find where issued expires-after<3w ] do={ + :local CertVal [ /certificate/get $Cert ]; + /certificate/issued-revoke $Cert; + /certificate/set name=($CertVal->"name" . "-revoked-" . [ /system/clock/get date ]) $Cert; + /certificate/add name=($CertVal->"name") common-name=($CertVal->"common-name") \ + key-usage=($CertVal->"key-usage") subject-alt-name=($CertVal->"subject-alt-name"); + /certificate/sign ($CertVal->"name") ca=($CertVal->"ca"); + :if ([ :typeof ($CertIssuedExportPass->($CertVal->"common-name")) ] = "str") do={ + :if ([ $MkDir "cert-issued" ] = true) do={ + /certificate/export-certificate ($CertVal->"name") type=pkcs12 \ + file-name=("cert-issued/" . $CertVal->"common-name") \ + export-passphrase=($CertIssuedExportPass->($CertVal->"common-name")); + $LogPrintExit2 info $ScriptName ("Issued a new certificate for \"" . $CertVal->"common-name" . \ + "\", exported to \"cert-issued/" . $CertVal->"common-name" . ".p12\".") false; + } else={ + $LogPrintExit2 warning $ScriptName ("Failed creating directory, not exporting certificate.") false; + } } else={ - $LogPrintExit2 warning $0 ("Failed creating directory, not exporting certificate.") false; + $LogPrintExit2 info $ScriptName ("Issued a new certificate for \"" . $CertVal->"common-name" . "\".") false; } - } else={ - $LogPrintExit2 info $0 ("Issued a new certificate for \"" . $CertVal->"common-name" . "\".") false; } } + +$Main [ :jobname ]; From fc3fad5e87884d73f00fa6900f16280969c3c18d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:00 +0100 Subject: [PATCH 198/908] check-certificates: move code into function --- check-certificates.rsc | 347 +++++++++++++++++++++-------------------- 1 file changed, 176 insertions(+), 171 deletions(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index 1487a3e..f15f145 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -8,202 +8,207 @@ # check for certificate validity # https://git.eworm.de/cgit/routeros-scripts/about/doc/check-certificates.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global CertRenewTime; -:global CertRenewUrl; -:global CertWarnTime; -:global Identity; - -:global CertificateAvailable -:global EscapeForRegEx; -:global IfThenElse; -:global LogPrintExit2; -:global ParseKeyValueStore; -:global ScriptLock; -:global SendNotification2; -:global SymbolForNotification; -:global UrlEncode; -:global WaitFullyConnected; - -:local CheckCertificatesDownloadImport do={ - :local Name [ :tostr $1 ]; +:local Main do={ + :local ScriptName [ :tostr $1 ]; + :global CertRenewTime; :global CertRenewUrl; - :global CertRenewPass; + :global CertWarnTime; + :global Identity; - :global CertificateNameByCN; + :global CertificateAvailable :global EscapeForRegEx; - :global FetchUserAgent; - :global LogPrintExit2; - :global UrlEncode; - :global WaitForFile; - - :local Return false; - - :foreach Type in={ ".pem"; ".p12" } do={ - :local CertFileName ([ $UrlEncode $Name ] . $Type); - :do { - /tool/fetch check-certificate=yes-without-crl http-header-field=({ $FetchUserAgent }) \ - ($CertRenewUrl . $CertFileName) dst-path=$CertFileName as-value; - $WaitForFile $CertFileName; - - :local DecryptionFailed true; - :foreach PassPhrase in=$CertRenewPass do={ - :local Result [ /certificate/import file-name=$CertFileName passphrase=$PassPhrase as-value ]; - :if ($Result->"decryption-failures" = 0) do={ - :set DecryptionFailed false; - } - } - /file/remove [ find where name=$CertFileName ]; - - :if ($DecryptionFailed = true) do={ - $LogPrintExit2 warning $0 ("Decryption failed for certificate file '" . $CertFileName . "'.") false; - } - - :foreach CertInChain in=[ /certificate/find where name~("^" . [ $EscapeForRegEx $CertFileName ] . "_[0-9]+\$") \ - common-name!=$Name !(subject-alt-name~("(^|\\W)(DNS|IP):" . [ $EscapeForRegEx $Name ] . "(\\W|\$)")) !(common-name=[]) ] do={ - $CertificateNameByCN [ /certificate/get $CertInChain common-name ]; - } - - :set Return true; - } on-error={ - $LogPrintExit2 debug $0 ("Could not download certificate file '" . $CertFileName . "'.") false; - } - } - - :return $Return; -} - -:local FormatInfo do={ - :local Cert $1; - - :global FormatLine; - :global FormatMultiLines; :global IfThenElse; + :global LogPrintExit2; + :global ParseKeyValueStore; + :global ScriptLock; + :global SendNotification2; + :global SymbolForNotification; + :global UrlEncode; + :global WaitFullyConnected; - :local FormatExpire do={ - :global CharacterReplace; - :return [ $CharacterReplace [ $CharacterReplace [ :tostr $1 ] "w" "w " ] "d" "d " ]; + :local CheckCertificatesDownloadImport do={ + :local Name [ :tostr $1 ]; + + :global CertRenewUrl; + :global CertRenewPass; + + :global CertificateNameByCN; + :global EscapeForRegEx; + :global FetchUserAgent; + :global LogPrintExit2; + :global UrlEncode; + :global WaitForFile; + + :local Return false; + + :foreach Type in={ ".pem"; ".p12" } do={ + :local CertFileName ([ $UrlEncode $Name ] . $Type); + :do { + /tool/fetch check-certificate=yes-without-crl http-header-field=({ $FetchUserAgent }) \ + ($CertRenewUrl . $CertFileName) dst-path=$CertFileName as-value; + $WaitForFile $CertFileName; + + :local DecryptionFailed true; + :foreach PassPhrase in=$CertRenewPass do={ + :local Result [ /certificate/import file-name=$CertFileName passphrase=$PassPhrase as-value ]; + :if ($Result->"decryption-failures" = 0) do={ + :set DecryptionFailed false; + } + } + /file/remove [ find where name=$CertFileName ]; + + :if ($DecryptionFailed = true) do={ + $LogPrintExit2 warning $0 ("Decryption failed for certificate file '" . $CertFileName . "'.") false; + } + + :foreach CertInChain in=[ /certificate/find where name~("^" . [ $EscapeForRegEx $CertFileName ] . "_[0-9]+\$") \ + common-name!=$Name !(subject-alt-name~("(^|\\W)(DNS|IP):" . [ $EscapeForRegEx $Name ] . "(\\W|\$)")) !(common-name=[]) ] do={ + $CertificateNameByCN [ /certificate/get $CertInChain common-name ]; + } + + :set Return true; + } on-error={ + $LogPrintExit2 debug $0 ("Could not download certificate file '" . $CertFileName . "'.") false; + } + } + + :return $Return; } - :local FormatCertChain do={ + :local FormatInfo do={ :local Cert $1; - :global EitherOr; - :global ParseKeyValueStore; + :global FormatLine; + :global FormatMultiLines; + :global IfThenElse; + + :local FormatExpire do={ + :global CharacterReplace; + :return [ $CharacterReplace [ $CharacterReplace [ :tostr $1 ] "w" "w " ] "d" "d " ]; + } + + :local FormatCertChain do={ + :local Cert $1; + + :global EitherOr; + :global ParseKeyValueStore; + + :local CertVal [ /certificate/get $Cert ]; + :local Return ""; + + :for I from=0 to=5 do={ + :set Return ($Return . [ $EitherOr ([ $ParseKeyValueStore ($CertVal->"issuer") ]->"CN") \ + ([ $ParseKeyValueStore (($CertVal->"issuer")->0) ]->"CN") ]); + :set CertVal [ /certificate/get [ find where skid=($CertVal->"akid") ] ]; + :if (($CertVal->"akid") = "" || ($CertVal->"akid") = ($CertVal->"skid")) do={ + :return $Return; + } + :set Return ($Return . " -> "); + } + :return ($Return . "..."); + } :local CertVal [ /certificate/get $Cert ]; - :local Return ""; - :for I from=0 to=5 do={ - :set Return ($Return . [ $EitherOr ([ $ParseKeyValueStore ($CertVal->"issuer") ]->"CN") \ - ([ $ParseKeyValueStore (($CertVal->"issuer")->0) ]->"CN") ]); - :set CertVal [ /certificate/get [ find where skid=($CertVal->"akid") ] ]; - :if (($CertVal->"akid") = "" || ($CertVal->"akid") = ($CertVal->"skid")) do={ - :return $Return; - } - :set Return ($Return . " -> "); - } - :return ($Return . "..."); + :return ( \ + [ $FormatLine "Name" ($CertVal->"name") ] . "\n" . \ + [ $IfThenElse ([ :len ($CertVal->"common-name") ] > 0) ([ $FormatLine "CommonName" ($CertVal->"common-name") ] . "\n") ] . \ + [ $IfThenElse ([ :len ($CertVal->"subject-alt-name") ] > 0) ([ $FormatMultiLines "SubjectAltNames" ($CertVal->"subject-alt-name") ] . "\n") ] . \ + [ $FormatLine "Private key" [ $IfThenElse (($CertVal->"private-key") = true) "available" "missing" ] ] . "\n" . \ + [ $FormatLine "Fingerprint" ($CertVal->"fingerprint") ] . "\n" . \ + [ $IfThenElse ([ :len ($CertVal->"ca") ] > 0) [ $FormatLine "Issuer" ($CertVal->"ca") ] [ $FormatLine "Issuer chain" [ $FormatCertChain $Cert ] ] ] . "\n" . \ + "Validity:\n" . \ + [ $FormatLine " from" ($CertVal->"invalid-before") ] . "\n" . \ + [ $FormatLine " to" ($CertVal->"invalid-after") ] . "\n" . \ + [ $FormatLine "Expires in" [ $IfThenElse (($CertVal->"expired") = true) "expired" [ $FormatExpire ($CertVal->"expires-after") ] ] ]); } - :local CertVal [ /certificate/get $Cert ]; + $ScriptLock $ScriptName; + $WaitFullyConnected; - :return ( \ - [ $FormatLine "Name" ($CertVal->"name") ] . "\n" . \ - [ $IfThenElse ([ :len ($CertVal->"common-name") ] > 0) ([ $FormatLine "CommonName" ($CertVal->"common-name") ] . "\n") ] . \ - [ $IfThenElse ([ :len ($CertVal->"subject-alt-name") ] > 0) ([ $FormatMultiLines "SubjectAltNames" ($CertVal->"subject-alt-name") ] . "\n") ] . \ - [ $FormatLine "Private key" [ $IfThenElse (($CertVal->"private-key") = true) "available" "missing" ] ] . "\n" . \ - [ $FormatLine "Fingerprint" ($CertVal->"fingerprint") ] . "\n" . \ - [ $IfThenElse ([ :len ($CertVal->"ca") ] > 0) [ $FormatLine "Issuer" ($CertVal->"ca") ] [ $FormatLine "Issuer chain" [ $FormatCertChain $Cert ] ] ] . "\n" . \ - "Validity:\n" . \ - [ $FormatLine " from" ($CertVal->"invalid-before") ] . "\n" . \ - [ $FormatLine " to" ($CertVal->"invalid-after") ] . "\n" . \ - [ $FormatLine "Expires in" [ $IfThenElse (($CertVal->"expired") = true) "expired" [ $FormatExpire ($CertVal->"expires-after") ] ] ]); -} + :foreach Cert in=[ /certificate/find where !revoked !ca !scep-url expires-after<$CertRenewTime ] do={ + :local CertVal [ /certificate/get $Cert ]; + :local CertNew; + :local LastName; -$ScriptLock $0; -$WaitFullyConnected; - -:foreach Cert in=[ /certificate/find where !revoked !ca !scep-url expires-after<$CertRenewTime ] do={ - :local CertVal [ /certificate/get $Cert ]; - :local CertNew; - :local LastName; - - :do { - :if ([ :len $CertRenewUrl ] = 0) do={ - $LogPrintExit2 info $0 ("No CertRenewUrl given.") true; - } - $LogPrintExit2 info $0 ("Attempting to renew certificate '" . ($CertVal->"name") . "'.") false; - - :local ImportSuccess false; - :set LastName ($CertVal->"common-name"); - :set ImportSuccess [ $CheckCertificatesDownloadImport $LastName ]; - :foreach SAN in=($CertVal->"subject-alt-name") do={ - :if ($ImportSuccess = false) do={ - :set LastName [ :pick $SAN ([ :find $SAN ":" ] + 1) [ :len $SAN ] ]; - :set ImportSuccess [ $CheckCertificatesDownloadImport $LastName ]; + :do { + :if ([ :len $CertRenewUrl ] = 0) do={ + $LogPrintExit2 info $ScriptName ("No CertRenewUrl given.") true; } - } + $LogPrintExit2 info $ScriptName ("Attempting to renew certificate '" . ($CertVal->"name") . "'.") false; - :if ([ :len ($CertVal->"fingerprint") ] > 0 && $CertVal->"fingerprint" != [ /certificate/get $Cert fingerprint ]) do={ - $LogPrintExit2 debug $0 ("Certificate '" . $CertVal->"name" . "' was updated in place.") false; - :set CertVal [ /certificate/get $Cert ]; + :local ImportSuccess false; + :set LastName ($CertVal->"common-name"); + :set ImportSuccess [ $CheckCertificatesDownloadImport $LastName ]; + :foreach SAN in=($CertVal->"subject-alt-name") do={ + :if ($ImportSuccess = false) do={ + :set LastName [ :pick $SAN ([ :find $SAN ":" ] + 1) [ :len $SAN ] ]; + :set ImportSuccess [ $CheckCertificatesDownloadImport $LastName ]; + } + } + + :if ([ :len ($CertVal->"fingerprint") ] > 0 && $CertVal->"fingerprint" != [ /certificate/get $Cert fingerprint ]) do={ + $LogPrintExit2 debug $ScriptName ("Certificate '" . $CertVal->"name" . "' was updated in place.") false; + :set CertVal [ /certificate/get $Cert ]; + } else={ + $LogPrintExit2 debug $ScriptName ("Certificate '" . $CertVal->"name" . "' was not updated, but replaced.") false; + + :set CertNew [ /certificate/find where name~("^" . [ $EscapeForRegEx [ $UrlEncode $LastName ] ] . "\\.(p12|pem)_[0-9]+\$") \ + (common-name=($CertVal->"common-name") or subject-alt-name~("(^|\\W)(DNS|IP):" . [ $EscapeForRegEx $LastName ] . "(\\W|\$)")) \ + fingerprint!=[ :tostr ($CertVal->"fingerprint") ] expires-after>$CertRenewTime ]; + :local CertNewVal [ /certificate/get $CertNew ]; + + :if ([ $CertificateAvailable ([ $ParseKeyValueStore ($CertNewVal->"issuer") ]->"CN") ] = false) do={ + $LogPrintExit2 warning $ScriptName ("The certificate chain is not available!") false; + } + + :if (($CertVal->"private-key") = true && ($CertVal->"private-key") != ($CertNewVal->"private-key")) do={ + /certificate/remove $CertNew; + $LogPrintExit2 warning $ScriptName ("Old certificate '" . ($CertVal->"name") . "' has a private key, new certificate does not. Aborting renew.") true; + } + + /ip/service/set certificate=($CertNewVal->"name") [ find where certificate=($CertVal->"name") ]; + + /ip/ipsec/identity/set certificate=($CertNewVal->"name") [ find where certificate=($CertVal->"name") ]; + /ip/ipsec/identity/set remote-certificate=($CertNewVal->"name") [ find where remote-certificate=($CertVal->"name") ]; + + /ip/hotspot/profile/set ssl-certificate=($CertNewVal->"name") [ find where ssl-certificate=($CertVal->"name") ]; + + /certificate/remove $Cert; + /certificate/set $CertNew name=($CertVal->"name"); + :set CertNewVal; + :set CertVal [ /certificate/get $CertNew ]; + } + + $SendNotification2 ({ origin=$ScriptName; silent=true; \ + subject=([ $SymbolForNotification "lock-with-ink-pen" ] . "Certificate renewed: " . ($CertVal->"name")); \ + message=("A certificate on " . $Identity . " has been renewed.\n\n" . [ $FormatInfo $CertNew ]) }); + $LogPrintExit2 info $ScriptName ("The certificate '" . ($CertVal->"name") . "' has been renewed.") false; + } on-error={ + $LogPrintExit2 debug $ScriptName ("Could not renew certificate '" . ($CertVal->"name") . "'.") false; + } + } + + :foreach Cert in=[ /certificate/find where !revoked !scep-url !(expires-after=[]) \ + expires-after<$CertWarnTime !(fingerprint=[]) ] do={ + :local CertVal [ /certificate/get $Cert ]; + + :if ([ :len [ /certificate/scep-server/find where ca-cert=($CertVal->"ca") ] ] > 0) do={ + $LogPrintExit2 debug $ScriptName ("Certificate '" . ($CertVal->"name") . "' is handled by SCEP, skipping.") false; } else={ - $LogPrintExit2 debug $0 ("Certificate '" . $CertVal->"name" . "' was not updated, but replaced.") false; + :local State [ $IfThenElse (($CertVal->"expired") = true) "expired" "is about to expire" ]; - :set CertNew [ /certificate/find where name~("^" . [ $EscapeForRegEx [ $UrlEncode $LastName ] ] . "\\.(p12|pem)_[0-9]+\$") \ - (common-name=($CertVal->"common-name") or subject-alt-name~("(^|\\W)(DNS|IP):" . [ $EscapeForRegEx $LastName ] . "(\\W|\$)")) \ - fingerprint!=[ :tostr ($CertVal->"fingerprint") ] expires-after>$CertRenewTime ]; - :local CertNewVal [ /certificate/get $CertNew ]; - - :if ([ $CertificateAvailable ([ $ParseKeyValueStore ($CertNewVal->"issuer") ]->"CN") ] = false) do={ - $LogPrintExit2 warning $0 ("The certificate chain is not available!") false; - } - - :if (($CertVal->"private-key") = true && ($CertVal->"private-key") != ($CertNewVal->"private-key")) do={ - /certificate/remove $CertNew; - $LogPrintExit2 warning $0 ("Old certificate '" . ($CertVal->"name") . "' has a private key, new certificate does not. Aborting renew.") true; - } - - /ip/service/set certificate=($CertNewVal->"name") [ find where certificate=($CertVal->"name") ]; - - /ip/ipsec/identity/set certificate=($CertNewVal->"name") [ find where certificate=($CertVal->"name") ]; - /ip/ipsec/identity/set remote-certificate=($CertNewVal->"name") [ find where remote-certificate=($CertVal->"name") ]; - - /ip/hotspot/profile/set ssl-certificate=($CertNewVal->"name") [ find where ssl-certificate=($CertVal->"name") ]; - - /certificate/remove $Cert; - /certificate/set $CertNew name=($CertVal->"name"); - :set CertNewVal; - :set CertVal [ /certificate/get $CertNew ]; + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "warning-sign" ] . "Certificate warning: " . ($CertVal->"name")); \ + message=("A certificate on " . $Identity . " " . $State . ".\n\n" . [ $FormatInfo $Cert ]) }); + $LogPrintExit2 info $ScriptName ("The certificate '" . ($CertVal->"name") . "' " . $State . \ + ", it is invalid after " . ($CertVal->"invalid-after") . ".") false; } - - $SendNotification2 ({ origin=$0; silent=true; \ - subject=([ $SymbolForNotification "lock-with-ink-pen" ] . "Certificate renewed: " . ($CertVal->"name")); \ - message=("A certificate on " . $Identity . " has been renewed.\n\n" . [ $FormatInfo $CertNew ]) }); - $LogPrintExit2 info $0 ("The certificate '" . ($CertVal->"name") . "' has been renewed.") false; - } on-error={ - $LogPrintExit2 debug $0 ("Could not renew certificate '" . ($CertVal->"name") . "'.") false; } } -:foreach Cert in=[ /certificate/find where !revoked !scep-url !(expires-after=[]) \ - expires-after<$CertWarnTime !(fingerprint=[]) ] do={ - :local CertVal [ /certificate/get $Cert ]; - - :if ([ :len [ /certificate/scep-server/find where ca-cert=($CertVal->"ca") ] ] > 0) do={ - $LogPrintExit2 debug $0 ("Certificate '" . ($CertVal->"name") . "' is handled by SCEP, skipping.") false; - } else={ - :local State [ $IfThenElse (($CertVal->"expired") = true) "expired" "is about to expire" ]; - - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "warning-sign" ] . "Certificate warning: " . ($CertVal->"name")); \ - message=("A certificate on " . $Identity . " " . $State . ".\n\n" . [ $FormatInfo $Cert ]) }); - $LogPrintExit2 info $0 ("The certificate '" . ($CertVal->"name") . "' " . $State . \ - ", it is invalid after " . ($CertVal->"invalid-after") . ".") false; - } -} +$Main [ :jobname ]; From 80180b432d2dcd0cad6595c5757926bb6ec7305c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:00 +0100 Subject: [PATCH 199/908] check-health: move code into function --- check-health.rsc | 289 ++++++++++++++++++++++++----------------------- 1 file changed, 147 insertions(+), 142 deletions(-) diff --git a/check-health.rsc b/check-health.rsc index 5c28d73..b819665 100644 --- a/check-health.rsc +++ b/check-health.rsc @@ -8,165 +8,170 @@ # check for RouterOS health state # https://git.eworm.de/cgit/routeros-scripts/about/doc/check-health.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global CheckHealthCPUUtilization; -:global CheckHealthCPUUtilizationNotified; -:global CheckHealthLast; -:global CheckHealthRAMUtilizationNotified; -:global CheckHealthTemperature; -:global CheckHealthTemperatureDeviation; -:global CheckHealthTemperatureNotified; -:global CheckHealthVoltageLow; -:global CheckHealthVoltagePercent; -:global Identity; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global FormatLine; -:global HumanReadableNum; -:global IfThenElse; -:global LogPrintExit2; -:global ScriptLock; -:global SendNotification2; -:global SymbolForNotification; + :global CheckHealthCPUUtilization; + :global CheckHealthCPUUtilizationNotified; + :global CheckHealthLast; + :global CheckHealthRAMUtilizationNotified; + :global CheckHealthTemperature; + :global CheckHealthTemperatureDeviation; + :global CheckHealthTemperatureNotified; + :global CheckHealthVoltageLow; + :global CheckHealthVoltagePercent; + :global Identity; -:local TempToNum do={ - :global CharacterReplace; - :local T [ :toarray [ $CharacterReplace $1 "." "," ] ]; - :return ($T->0 * 10 + $T->1); -} + :global FormatLine; + :global HumanReadableNum; + :global IfThenElse; + :global LogPrintExit2; + :global ScriptLock; + :global SendNotification2; + :global SymbolForNotification; -$ScriptLock $0; + :local TempToNum do={ + :global CharacterReplace; + :local T [ :toarray [ $CharacterReplace $1 "." "," ] ]; + :return ($T->0 * 10 + $T->1); + } -:local Resource [ /system/resource/get ]; + $ScriptLock $ScriptName; -:set CheckHealthCPUUtilization (($CheckHealthCPUUtilization * 4 + ($Resource->"cpu-load") * 10) / 5); -:if ($CheckHealthCPUUtilization > 750 && $CheckHealthCPUUtilizationNotified != true) do={ - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "abacus,chart-increasing" ] . "Health warning: CPU utilization"); \ - message=("The average CPU utilization on " . $Identity . " is at " . ($CheckHealthCPUUtilization / 10) . "%!") }); - :set CheckHealthCPUUtilizationNotified true; -} -:if ($CheckHealthCPUUtilization < 650 && $CheckHealthCPUUtilizationNotified = true) do={ - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "abacus,chart-decreasing" ] . "Health recovery: CPU utilization"); \ - message=("The average CPU utilization on " . $Identity . " decreased to " . ($CheckHealthCPUUtilization / 10) . "%.") }); - :set CheckHealthCPUUtilizationNotified false; -} + :local Resource [ /system/resource/get ]; -:local CheckHealthRAMUtilization (($Resource->"total-memory" - $Resource->"free-memory") * 100 / $Resource->"total-memory"); -:if ($CheckHealthRAMUtilization >=80 && $CheckHealthRAMUtilizationNotified != true) do={ - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "card-file-box,chart-increasing" ] . "Health warning: RAM utilization"); \ - message=("The RAM utilization on " . $Identity . " is at " . $CheckHealthRAMUtilization . "%!\n\n" . \ - [ $FormatLine "total" ([ $HumanReadableNum ($Resource->"total-memory") 1024 ] . "iB") 8 ] . "\n" . \ - [ $FormatLine "used" ([ $HumanReadableNum ($Resource->"total-memory" - $Resource->"free-memory") 1024 ] . "iB") 8 ] . "\n" . \ - [ $FormatLine "free" ([ $HumanReadableNum ($Resource->"free-memory") 1024 ] . "iB") 8 ]) }); - :set CheckHealthRAMUtilizationNotified true; -} -:if ($CheckHealthRAMUtilization < 70 && $CheckHealthRAMUtilizationNotified = true) do={ - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "card-file-box,chart-decreasing" ] . "Health recovery: RAM utilization"); \ - message=("The RAM utilization on " . $Identity . " decreased to " . $CheckHealthRAMUtilization . "%.") }); - :set CheckHealthRAMUtilizationNotified false; -} + :set CheckHealthCPUUtilization (($CheckHealthCPUUtilization * 4 + ($Resource->"cpu-load") * 10) / 5); + :if ($CheckHealthCPUUtilization > 750 && $CheckHealthCPUUtilizationNotified != true) do={ + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "abacus,chart-increasing" ] . "Health warning: CPU utilization"); \ + message=("The average CPU utilization on " . $Identity . " is at " . ($CheckHealthCPUUtilization / 10) . "%!") }); + :set CheckHealthCPUUtilizationNotified true; + } + :if ($CheckHealthCPUUtilization < 650 && $CheckHealthCPUUtilizationNotified = true) do={ + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "abacus,chart-decreasing" ] . "Health recovery: CPU utilization"); \ + message=("The average CPU utilization on " . $Identity . " decreased to " . ($CheckHealthCPUUtilization / 10) . "%.") }); + :set CheckHealthCPUUtilizationNotified false; + } -:if ([ :len [ /system/health/find ] ] = 0) do={ - $LogPrintExit2 debug $0 ("Your device does not provide any health values.") true; -} + :local CheckHealthRAMUtilization (($Resource->"total-memory" - $Resource->"free-memory") * 100 / $Resource->"total-memory"); + :if ($CheckHealthRAMUtilization >=80 && $CheckHealthRAMUtilizationNotified != true) do={ + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "card-file-box,chart-increasing" ] . "Health warning: RAM utilization"); \ + message=("The RAM utilization on " . $Identity . " is at " . $CheckHealthRAMUtilization . "%!\n\n" . \ + [ $FormatLine "total" ([ $HumanReadableNum ($Resource->"total-memory") 1024 ] . "iB") 8 ] . "\n" . \ + [ $FormatLine "used" ([ $HumanReadableNum ($Resource->"total-memory" - $Resource->"free-memory") 1024 ] . "iB") 8 ] . "\n" . \ + [ $FormatLine "free" ([ $HumanReadableNum ($Resource->"free-memory") 1024 ] . "iB") 8 ]) }); + :set CheckHealthRAMUtilizationNotified true; + } + :if ($CheckHealthRAMUtilization < 70 && $CheckHealthRAMUtilizationNotified = true) do={ + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "card-file-box,chart-decreasing" ] . "Health recovery: RAM utilization"); \ + message=("The RAM utilization on " . $Identity . " decreased to " . $CheckHealthRAMUtilization . "%.") }); + :set CheckHealthRAMUtilizationNotified false; + } -:if ([ :typeof $CheckHealthLast ] != "array") do={ - :set CheckHealthLast ({}); -} -:if ([ :typeof $CheckHealthTemperatureNotified ] != "array") do={ - :set CheckHealthTemperatureNotified ({}); -} + :if ([ :len [ /system/health/find ] ] = 0) do={ + $LogPrintExit2 debug $ScriptName ("Your device does not provide any health values.") true; + } + + :if ([ :typeof $CheckHealthLast ] != "array") do={ + :set CheckHealthLast ({}); + } + :if ([ :typeof $CheckHealthTemperatureNotified ] != "array") do={ + :set CheckHealthTemperatureNotified ({}); + } -:foreach Voltage in=[ /system/health/find where type="V" ] do={ - :local Name [ /system/health/get $Voltage name ]; - :local Value [ /system/health/get $Voltage value ]; + :foreach Voltage in=[ /system/health/find where type="V" ] do={ + :local Name [ /system/health/get $Voltage name ]; + :local Value [ /system/health/get $Voltage value ]; - :if ([ :typeof ($CheckHealthLast->$Name) ] != "nothing") do={ - :local NumCurr [ $TempToNum $Value ]; - :local NumLast [ $TempToNum ($CheckHealthLast->$Name) ]; + :if ([ :typeof ($CheckHealthLast->$Name) ] != "nothing") do={ + :local NumCurr [ $TempToNum $Value ]; + :local NumLast [ $TempToNum ($CheckHealthLast->$Name) ]; - :if ($NumLast * (100 + $CheckHealthVoltagePercent) < $NumCurr * 100 || \ - $NumLast * 100 > $NumCurr * (100 + $CheckHealthVoltagePercent)) do={ - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification ("high-voltage-sign,chart-" . [ $IfThenElse ($NumLast < \ - $NumCurr) "in" "de" ] . "creasing") ] . "Health warning: " . $Name); \ - message=("The " . $Name . " on " . $Identity . " jumped more than " . $CheckHealthVoltagePercent . "%.\n\n" . \ - [ $FormatLine "old value" ($CheckHealthLast->$Name . " V") 12 ] . "\n" . \ - [ $FormatLine "new value" ($Value . " V") 12 ]) }); - } else={ - :if ($NumCurr <= $CheckHealthVoltageLow && $NumLast > $CheckHealthVoltageLow) do={ - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "high-voltage-sign,chart-decreasing" ] . "Health warning: Low " . $Name); \ - message=("The " . $Name . " on " . $Identity . " dropped to " . $Value . " V below hard limit.") }); - } - :if ($NumCurr > $CheckHealthVoltageLow && $NumLast <= $CheckHealthVoltageLow) do={ - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "high-voltage-sign,chart-increasing" ] . "Health recovery: Low " . $Name); \ - message=("The " . $Name . " on " . $Identity . " recovered to " . $Value . " V above hard limit.") }); + :if ($NumLast * (100 + $CheckHealthVoltagePercent) < $NumCurr * 100 || \ + $NumLast * 100 > $NumCurr * (100 + $CheckHealthVoltagePercent)) do={ + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification ("high-voltage-sign,chart-" . [ $IfThenElse ($NumLast < \ + $NumCurr) "in" "de" ] . "creasing") ] . "Health warning: " . $Name); \ + message=("The " . $Name . " on " . $Identity . " jumped more than " . $CheckHealthVoltagePercent . "%.\n\n" . \ + [ $FormatLine "old value" ($CheckHealthLast->$Name . " V") 12 ] . "\n" . \ + [ $FormatLine "new value" ($Value . " V") 12 ]) }); + } else={ + :if ($NumCurr <= $CheckHealthVoltageLow && $NumLast > $CheckHealthVoltageLow) do={ + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "high-voltage-sign,chart-decreasing" ] . "Health warning: Low " . $Name); \ + message=("The " . $Name . " on " . $Identity . " dropped to " . $Value . " V below hard limit.") }); + } + :if ($NumCurr > $CheckHealthVoltageLow && $NumLast <= $CheckHealthVoltageLow) do={ + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "high-voltage-sign,chart-increasing" ] . "Health recovery: Low " . $Name); \ + message=("The " . $Name . " on " . $Identity . " recovered to " . $Value . " V above hard limit.") }); + } } } + :set ($CheckHealthLast->$Name) $Value; + } + + :foreach PSU in=[ /system/health/find where name~"^psu.*-state\$" ] do={ + :local Name [ /system/health/get $PSU name ]; + :local Value [ /system/health/get $PSU value ]; + + :if ([ :typeof ($CheckHealthLast->$Name) ] != "nothing") do={ + :if ($CheckHealthLast->$Name = "ok" && \ + $Value != "ok") do={ + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "cross-mark" ] . "Health warning: " . $Name); \ + message=("The power supply unit '" . $Name . "' on " . $Identity . " failed!") }); + } + :if ($CheckHealthLast->$Name != "ok" && \ + $Value = "ok") do={ + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "white-heavy-check-mark" ] . "Health recovery: " . $Name); \ + message=("The power supply unit '" . $Name . "' on " . $Identity . " recovered!") }); + } + } + :set ($CheckHealthLast->$Name) $Value; + } + + :foreach Temperature in=[ /system/health/find where type="C" ] do={ + :local Name [ /system/health/get $Temperature name ]; + :local Value [ /system/health/get $Temperature value ]; + + :if ([ :typeof ($CheckHealthLast->$Name) ] != "nothing") do={ + :if ([ :typeof ($CheckHealthTemperature->$Name) ] != "num" ) do={ + $LogPrintExit2 info $ScriptName ("No threshold given for " . $Name . ", assuming 50C.") false; + :set ($CheckHealthTemperature->$Name) 50; + } + :local Validate [ /system/health/get [ find where name=$Name ] value ]; + :while ($Value != $Validate) do={ + :set Value $Validate; + :set Validate [ /system/health/get [ find where name=$Name ] value ]; + } + :if ($Value > $CheckHealthTemperature->$Name && \ + $CheckHealthTemperatureNotified->$Name != true) do={ + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "fire" ] . "Health warning: " . $Name); \ + message=("The " . $Name . " on " . $Identity . " is above threshold: " . \ + $Value . "\C2\B0" . "C") }); + :set ($CheckHealthTemperatureNotified->$Name) true; + } + :if ($Value <= ($CheckHealthTemperature->$Name - $CheckHealthTemperatureDeviation) && \ + $CheckHealthTemperatureNotified->$Name = true) do={ + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "white-heavy-check-mark" ] . "Health recovery: " . $Name); \ + message=("The " . $Name . " on " . $Identity . " dropped below threshold: " . \ + $Value . "\C2\B0" . "C") }); + :set ($CheckHealthTemperatureNotified->$Name) false; + } + } + :set ($CheckHealthLast->$Name) $Value; } - :set ($CheckHealthLast->$Name) $Value; } -:foreach PSU in=[ /system/health/find where name~"^psu.*-state\$" ] do={ - :local Name [ /system/health/get $PSU name ]; - :local Value [ /system/health/get $PSU value ]; - - :if ([ :typeof ($CheckHealthLast->$Name) ] != "nothing") do={ - :if ($CheckHealthLast->$Name = "ok" && \ - $Value != "ok") do={ - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "cross-mark" ] . "Health warning: " . $Name); \ - message=("The power supply unit '" . $Name . "' on " . $Identity . " failed!") }); - } - :if ($CheckHealthLast->$Name != "ok" && \ - $Value = "ok") do={ - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "white-heavy-check-mark" ] . "Health recovery: " . $Name); \ - message=("The power supply unit '" . $Name . "' on " . $Identity . " recovered!") }); - } - } - :set ($CheckHealthLast->$Name) $Value; -} - -:foreach Temperature in=[ /system/health/find where type="C" ] do={ - :local Name [ /system/health/get $Temperature name ]; - :local Value [ /system/health/get $Temperature value ]; - - :if ([ :typeof ($CheckHealthLast->$Name) ] != "nothing") do={ - :if ([ :typeof ($CheckHealthTemperature->$Name) ] != "num" ) do={ - $LogPrintExit2 info $0 ("No threshold given for " . $Name . ", assuming 50C.") false; - :set ($CheckHealthTemperature->$Name) 50; - } - :local Validate [ /system/health/get [ find where name=$Name ] value ]; - :while ($Value != $Validate) do={ - :set Value $Validate; - :set Validate [ /system/health/get [ find where name=$Name ] value ]; - } - :if ($Value > $CheckHealthTemperature->$Name && \ - $CheckHealthTemperatureNotified->$Name != true) do={ - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "fire" ] . "Health warning: " . $Name); \ - message=("The " . $Name . " on " . $Identity . " is above threshold: " . \ - $Value . "\C2\B0" . "C") }); - :set ($CheckHealthTemperatureNotified->$Name) true; - } - :if ($Value <= ($CheckHealthTemperature->$Name - $CheckHealthTemperatureDeviation) && \ - $CheckHealthTemperatureNotified->$Name = true) do={ - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "white-heavy-check-mark" ] . "Health recovery: " . $Name); \ - message=("The " . $Name . " on " . $Identity . " dropped below threshold: " . \ - $Value . "\C2\B0" . "C") }); - :set ($CheckHealthTemperatureNotified->$Name) false; - } - } - :set ($CheckHealthLast->$Name) $Value; -} +$Main [ :jobname ]; From 450ea2fa48583868ccaafe51afeaafbdd2c90df5 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:00 +0100 Subject: [PATCH 200/908] check-lte-firmware-upgrade: move code into function --- check-lte-firmware-upgrade.rsc | 143 +++++++++++++++++---------------- 1 file changed, 74 insertions(+), 69 deletions(-) diff --git a/check-lte-firmware-upgrade.rsc b/check-lte-firmware-upgrade.rsc index 40a8568..12d2dd4 100644 --- a/check-lte-firmware-upgrade.rsc +++ b/check-lte-firmware-upgrade.rsc @@ -8,91 +8,96 @@ # check for LTE firmware upgrade, send notification # https://git.eworm.de/cgit/routeros-scripts/about/doc/check-lte-firmware-upgrade.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global SentLteFirmwareUpgradeNotification; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global ScriptLock; - -$ScriptLock $0; - -:if ([ :typeof $SentLteFirmwareUpgradeNotification ] != "array") do={ - :global SentLteFirmwareUpgradeNotification ({}); -} - -:local CheckInterface do={ - :local ScriptName $1; - :local Interface $2; - - :global Identity; :global SentLteFirmwareUpgradeNotification; - :global FormatLine; - :global IfThenElse; - :global LogPrintExit2; - :global ScriptFromTerminal; - :global SendNotification2; - :global SymbolForNotification; + :global ScriptLock; - :local IntName [ /interface/lte/get $Interface name ]; - :local Firmware; - :local Info; - :do { - :set Firmware [ /interface/lte/firmware-upgrade $Interface once as-value ]; - :set Info [ /interface/lte/monitor $Interface once as-value ]; - } on-error={ - $LogPrintExit2 debug $0 ("Could not get latest LTE firmware version for interface " . \ - $IntName . ".") false; - :return false; + $ScriptLock $ScriptName; + + :if ([ :typeof $SentLteFirmwareUpgradeNotification ] != "array") do={ + :global SentLteFirmwareUpgradeNotification ({}); } - :if ([ :len ($Firmware->"latest") ] = 0) do={ - $LogPrintExit2 info $0 ("An empty string is not a valid version.") false; - :return false; - } + :local CheckInterface do={ + :local ScriptName $1; + :local Interface $2; - :if (($Firmware->"installed") = ($Firmware->"latest")) do={ - :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ - $LogPrintExit2 info $0 ("No firmware upgrade available for LTE interface " . $IntName . ".") false; + :global Identity; + :global SentLteFirmwareUpgradeNotification; + + :global FormatLine; + :global IfThenElse; + :global LogPrintExit2; + :global ScriptFromTerminal; + :global SendNotification2; + :global SymbolForNotification; + + :local IntName [ /interface/lte/get $Interface name ]; + :local Firmware; + :local Info; + :do { + :set Firmware [ /interface/lte/firmware-upgrade $Interface once as-value ]; + :set Info [ /interface/lte/monitor $Interface once as-value ]; + } on-error={ + $LogPrintExit2 debug $ScriptName ("Could not get latest LTE firmware version for interface " . \ + $IntName . ".") false; + :return false; } - :return true; - } - :if ([ $ScriptFromTerminal $ScriptName ] = true && \ - [ :len [ /system/script/find where name="unattended-lte-firmware-upgrade" ] ] > 0) do={ - :put ("Do you want to start unattended lte firmware upgrade for interface " . $IntName . "? [y/N]"); - :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ - /system/script/run unattended-lte-firmware-upgrade; - $LogPrintExit2 info $0 ("Scheduled lte firmware upgrade for interface " . $IntName . "...") false; + :if ([ :len ($Firmware->"latest") ] = 0) do={ + $LogPrintExit2 info $ScriptName ("An empty string is not a valid version.") false; + :return false; + } + + :if (($Firmware->"installed") = ($Firmware->"latest")) do={ + :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ + $LogPrintExit2 info $ScriptName ("No firmware upgrade available for LTE interface " . $IntName . ".") false; + } :return true; - } else={ - :put "Canceled..."; } + + :if ([ $ScriptFromTerminal $ScriptName ] = true && \ + [ :len [ /system/script/find where name="unattended-lte-firmware-upgrade" ] ] > 0) do={ + :put ("Do you want to start unattended lte firmware upgrade for interface " . $IntName . "? [y/N]"); + :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ + /system/script/run unattended-lte-firmware-upgrade; + $LogPrintExit2 info $ScriptName ("Scheduled lte firmware upgrade for interface " . $IntName . "...") false; + :return true; + } else={ + :put "Canceled..."; + } + } + + :if (($SentLteFirmwareUpgradeNotification->$IntName) = ($Firmware->"latest")) do={ + $LogPrintExit2 debug $ScriptName ("Already sent the LTE firmware upgrade notification for version " . \ + ($Firmware->"latest") . ".") false; + :return false; + } + + $LogPrintExit2 info $ScriptName ("A new firmware version " . ($Firmware->"latest") . " is available for " . \ + "LTE interface " . $IntName . ".") false; + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "sparkles" ] . "LTE firmware upgrade"); \ + message=("A new firmware version " . ($Firmware->"latest") . " is available for " . \ + "LTE interface " . $IntName . " on " . $Identity . ".\n\n" . \ + [ $IfThenElse ([ :len ($Info->"manufacturer") ] > 0) ([ $FormatLine "Manufacturer" ($Info->"manufacturer") ] . "\n") ] . \ + [ $IfThenElse ([ :len ($Info->"model") ] > 0) ([ $FormatLine "Model" ($Info->"model") ] . "\n") ] . \ + [ $IfThenElse ([ :len ($Info->"revision") ] > 0) ([ $FormatLine "Revision" ($Info->"revision") ] . "\n") ] . \ + "Firmware version:\n" . \ + [ $FormatLine " Installed" ($Firmware->"installed") ] . "\n" . \ + [ $FormatLine " Available" ($Firmware->"latest") ]); silent=true }); + :set ($SentLteFirmwareUpgradeNotification->$IntName) ($Firmware->"latest"); } - :if (($SentLteFirmwareUpgradeNotification->$IntName) = ($Firmware->"latest")) do={ - $LogPrintExit2 debug $0 ("Already sent the LTE firmware upgrade notification for version " . \ - ($Firmware->"latest") . ".") false; - :return false; + :foreach Interface in=[ /interface/lte/find ] do={ + $CheckInterface $ScriptName $Interface; } - - $LogPrintExit2 info $0 ("A new firmware version " . ($Firmware->"latest") . " is available for " . \ - "LTE interface " . $IntName . ".") false; - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "sparkles" ] . "LTE firmware upgrade"); \ - message=("A new firmware version " . ($Firmware->"latest") . " is available for " . \ - "LTE interface " . $IntName . " on " . $Identity . ".\n\n" . \ - [ $IfThenElse ([ :len ($Info->"manufacturer") ] > 0) ([ $FormatLine "Manufacturer" ($Info->"manufacturer") ] . "\n") ] . \ - [ $IfThenElse ([ :len ($Info->"model") ] > 0) ([ $FormatLine "Model" ($Info->"model") ] . "\n") ] . \ - [ $IfThenElse ([ :len ($Info->"revision") ] > 0) ([ $FormatLine "Revision" ($Info->"revision") ] . "\n") ] . \ - "Firmware version:\n" . \ - [ $FormatLine " Installed" ($Firmware->"installed") ] . "\n" . \ - [ $FormatLine " Available" ($Firmware->"latest") ]); silent=true }); - :set ($SentLteFirmwareUpgradeNotification->$IntName) ($Firmware->"latest"); } -:foreach Interface in=[ /interface/lte/find ] do={ - $CheckInterface $0 $Interface; -} +$Main [ :jobname ]; From 22eb74cb3a4238ab0eebda8ae013721f7da129dd Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:00 +0100 Subject: [PATCH 201/908] check-routeros-update: move code into function --- check-routeros-update.rsc | 246 +++++++++++++++++++------------------- 1 file changed, 125 insertions(+), 121 deletions(-) diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index 204a0d3..519c2d4 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -8,149 +8,153 @@ # check for RouterOS update, send notification and/or install # https://git.eworm.de/cgit/routeros-scripts/about/doc/check-routeros-update.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global Identity; -:global SafeUpdateAll; -:global SafeUpdateNeighbor; -:global SafeUpdateNeighborIdentity; -:global SafeUpdatePatch; -:global SafeUpdateUrl; -:global SentRouterosUpdateNotification; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global DeviceInfo; -:global EscapeForRegEx; -:global LogPrintExit2; -:global ScriptFromTerminal; -:global ScriptLock; -:global SendNotification2; -:global SymbolForNotification; -:global VersionToNum; -:global WaitFullyConnected; + :global Identity; + :global SafeUpdateAll; + :global SafeUpdateNeighbor; + :global SafeUpdateNeighborIdentity; + :global SafeUpdatePatch; + :global SafeUpdateUrl; + :global SentRouterosUpdateNotification; -:local DoUpdate do={ - :if ([ :len [ /system/script/find where name="packages-update" ] ] > 0) do={ - /system/script/run packages-update; - } else={ - /system/package/update/install without-paging; - } - :error "Waiting for system to reboot."; -} + :global DeviceInfo; + :global EscapeForRegEx; + :global LogPrintExit2; + :global ScriptFromTerminal; + :global ScriptLock; + :global SendNotification2; + :global SymbolForNotification; + :global VersionToNum; + :global WaitFullyConnected; -$ScriptLock $0; - -$WaitFullyConnected; - -:if ([ :len [ /system/scheduler/find where name="_RebootForUpdate" ] ] > 0) do={ - :error "A reboot for update is already scheduled."; -} - -$LogPrintExit2 debug $0 ("Checking for updates...") false; -/system/package/update/check-for-updates without-paging as-value; -:local Update [ /system/package/update/get ]; - -:if ([ $ScriptFromTerminal $0 ] = true && ($Update->"installed-version") = ($Update->"latest-version")) do={ - $LogPrintExit2 info $0 ("System is already up to date.") true; -} - -:local NumInstalled [ $VersionToNum ($Update->"installed-version") ]; -:local NumLatest [ $VersionToNum ($Update->"latest-version") ]; -:local Link ("https://mikrotik.com/download/changelogs/" . $Update->"channel" . "-release-tree"); - -:if ($NumLatest < 117505792) do={ - $LogPrintExit2 info $0 ("The version '" . ($Update->"latest-version") . "' is not a valid version.") true; -} - -:if ($NumInstalled < $NumLatest) do={ - :if ($SafeUpdateAll ~ "^YES,? ?PLEASE!?\$") do={ - $LogPrintExit2 info $0 ("Installing ALL versions automatically, including " . \ - $Update->"latest-version" . "...") false; - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "sparkles" ] . "RouterOS update: " . $Update->"latest-version"); \ - message=("Installing ALL versions automatically, including " . $Update->"latest-version" . \ - "... Updating on " . $Identity . "..."); link=$Link; silent=true }); - $DoUpdate; + :local DoUpdate do={ + :if ([ :len [ /system/script/find where name="packages-update" ] ] > 0) do={ + /system/script/run packages-update; + } else={ + /system/package/update/install without-paging; + } + :error "Waiting for system to reboot."; } - :if ($SafeUpdatePatch = true && ($NumInstalled & 0xffff0000) = ($NumLatest & 0xffff0000)) do={ - $LogPrintExit2 info $0 ("Version " . $Update->"latest-version" . " is a patch release, updating...") false; - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "sparkles" ] . "RouterOS update: " . $Update->"latest-version"); \ - message=("Version " . $Update->"latest-version" . " is a patch update for " . $Update->"channel" . \ - ", updating on " . $Identity . "..."); link=$Link; silent=true }); - $DoUpdate; + $ScriptLock $ScriptName; + $WaitFullyConnected; + + :if ([ :len [ /system/scheduler/find where name="_RebootForUpdate" ] ] > 0) do={ + :error "A reboot for update is already scheduled."; } - :if ($SafeUpdateNeighbor = true) do={ - :local Neighbors [ /ip/neighbor/find where platform="MikroTik" identity~$SafeUpdateNeighborIdentity \ - version~("^" . [ $EscapeForRegEx ($Update->"latest-version") ] . "\\b") ]; - :if ([ :len $Neighbors ] > 0) do={ - :local Neighbor [ /ip/neighbor/get ($Neighbors->0) identity ]; - $LogPrintExit2 info $0 ("Seen a neighbor (" . $Neighbor . ") running version " . \ - $Update->"latest-version" . " from " . $Update->"channel" . ", updating...") false; - $SendNotification2 ({ origin=$0; \ + $LogPrintExit2 debug $ScriptName ("Checking for updates...") false; + /system/package/update/check-for-updates without-paging as-value; + :local Update [ /system/package/update/get ]; + + :if ([ $ScriptFromTerminal $ScriptName ] = true && ($Update->"installed-version") = ($Update->"latest-version")) do={ + $LogPrintExit2 info $ScriptName ("System is already up to date.") true; + } + + :local NumInstalled [ $VersionToNum ($Update->"installed-version") ]; + :local NumLatest [ $VersionToNum ($Update->"latest-version") ]; + :local Link ("https://mikrotik.com/download/changelogs/" . $Update->"channel" . "-release-tree"); + + :if ($NumLatest < 117505792) do={ + $LogPrintExit2 info $ScriptName ("The version '" . ($Update->"latest-version") . "' is not a valid version.") true; + } + + :if ($NumInstalled < $NumLatest) do={ + :if ($SafeUpdateAll ~ "^YES,? ?PLEASE!?\$") do={ + $LogPrintExit2 info $ScriptName ("Installing ALL versions automatically, including " . \ + $Update->"latest-version" . "...") false; + $SendNotification2 ({ origin=$ScriptName; \ subject=([ $SymbolForNotification "sparkles" ] . "RouterOS update: " . $Update->"latest-version"); \ - message=("Seen a neighbor (" . $Neighbor . ") running version " . $Update->"latest-version" . \ - " from " . $Update->"channel" . ", updating on " . $Identity . "..."); link=$Link; silent=true }); + message=("Installing ALL versions automatically, including " . $Update->"latest-version" . \ + "... Updating on " . $Identity . "..."); link=$Link; silent=true }); $DoUpdate; } - } - :if ([ :len $SafeUpdateUrl ] > 0) do={ - :local Result; - :do { - :set Result [ /tool/fetch check-certificate=yes-without-crl \ - ($SafeUpdateUrl . $Update->"channel" . "?installed=" . $Update->"installed-version" . \ - "&latest=" . $Update->"latest-version") output=user as-value ]; - } on-error={ - $LogPrintExit2 warning $0 ("Failed receiving safe version for " . $Update->"channel" . ".") false; - } - :if ($Result->"status" = "finished" && $Result->"data" = $Update->"latest-version") do={ - $LogPrintExit2 info $0 ("Version " . $Update->"latest-version" . " is considered safe, updating...") false; - $SendNotification2 ({ origin=$0; \ + :if ($SafeUpdatePatch = true && ($NumInstalled & 0xffff0000) = ($NumLatest & 0xffff0000)) do={ + $LogPrintExit2 info $ScriptName ("Version " . $Update->"latest-version" . " is a patch release, updating...") false; + $SendNotification2 ({ origin=$ScriptName; \ subject=([ $SymbolForNotification "sparkles" ] . "RouterOS update: " . $Update->"latest-version"); \ - message=("Version " . $Update->"latest-version" . " is considered safe for " . $Update->"channel" . \ + message=("Version " . $Update->"latest-version" . " is a patch update for " . $Update->"channel" . \ ", updating on " . $Identity . "..."); link=$Link; silent=true }); $DoUpdate; } - } - :if ([ $ScriptFromTerminal $0 ] = true) do={ - :put ("Do you want to install RouterOS version " . $Update->"latest-version" . "? [y/N]"); - :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ - $DoUpdate; - } else={ - :put "Canceled..."; + :if ($SafeUpdateNeighbor = true) do={ + :local Neighbors [ /ip/neighbor/find where platform="MikroTik" identity~$SafeUpdateNeighborIdentity \ + version~("^" . [ $EscapeForRegEx ($Update->"latest-version") ] . "\\b") ]; + :if ([ :len $Neighbors ] > 0) do={ + :local Neighbor [ /ip/neighbor/get ($Neighbors->0) identity ]; + $LogPrintExit2 info $ScriptName ("Seen a neighbor (" . $Neighbor . ") running version " . \ + $Update->"latest-version" . " from " . $Update->"channel" . ", updating...") false; + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "sparkles" ] . "RouterOS update: " . $Update->"latest-version"); \ + message=("Seen a neighbor (" . $Neighbor . ") running version " . $Update->"latest-version" . \ + " from " . $Update->"channel" . ", updating on " . $Identity . "..."); link=$Link; silent=true }); + $DoUpdate; + } } + + :if ([ :len $SafeUpdateUrl ] > 0) do={ + :local Result; + :do { + :set Result [ /tool/fetch check-certificate=yes-without-crl \ + ($SafeUpdateUrl . $Update->"channel" . "?installed=" . $Update->"installed-version" . \ + "&latest=" . $Update->"latest-version") output=user as-value ]; + } on-error={ + $LogPrintExit2 warning $ScriptName ("Failed receiving safe version for " . $Update->"channel" . ".") false; + } + :if ($Result->"status" = "finished" && $Result->"data" = $Update->"latest-version") do={ + $LogPrintExit2 info $ScriptName ("Version " . $Update->"latest-version" . " is considered safe, updating...") false; + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "sparkles" ] . "RouterOS update: " . $Update->"latest-version"); \ + message=("Version " . $Update->"latest-version" . " is considered safe for " . $Update->"channel" . \ + ", updating on " . $Identity . "..."); link=$Link; silent=true }); + $DoUpdate; + } + } + + :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ + :put ("Do you want to install RouterOS version " . $Update->"latest-version" . "? [y/N]"); + :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ + $DoUpdate; + } else={ + :put "Canceled..."; + } + } + + :if ($SentRouterosUpdateNotification = $Update->"latest-version") do={ + $LogPrintExit2 info $ScriptName ("Already sent the RouterOS update notification for version " . \ + $Update->"latest-version" . ".") true; + } + + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "sparkles" ] . "RouterOS update: " . $Update->"latest-version"); \ + message=("A new RouterOS version " . ($Update->"latest-version") . \ + " is available for " . $Identity . ".\n\n" . \ + [ $DeviceInfo ]); link=$Link; silent=true }); + :set SentRouterosUpdateNotification ($Update->"latest-version"); } - :if ($SentRouterosUpdateNotification = $Update->"latest-version") do={ - $LogPrintExit2 info $0 ("Already sent the RouterOS update notification for version " . \ - $Update->"latest-version" . ".") true; - } + :if ($NumInstalled > $NumLatest) do={ + :if ($SentRouterosUpdateNotification = $Update->"latest-version") do={ + $LogPrintExit2 info $ScriptName ("Already sent the RouterOS downgrade notification for version " . \ + $Update->"latest-version" . ".") true; + } - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "sparkles" ] . "RouterOS update: " . $Update->"latest-version"); \ - message=("A new RouterOS version " . ($Update->"latest-version") . \ - " is available for " . $Identity . ".\n\n" . \ - [ $DeviceInfo ]); link=$Link; silent=true }); - :set SentRouterosUpdateNotification ($Update->"latest-version"); + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "warning-sign" ] . "RouterOS version: " . $Update->"latest-version"); \ + message=("A different RouterOS version " . ($Update->"latest-version") . \ + " is available for " . $Identity . ", but it is a downgrade.\n\n" . \ + [ $DeviceInfo ]); link=$Link; silent=true }); + $LogPrintExit2 info $ScriptName ("A different RouterOS version " . ($Update->"latest-version") . \ + " is available for downgrade.") false; + :set SentRouterosUpdateNotification ($Update->"latest-version"); + } } -:if ($NumInstalled > $NumLatest) do={ - :if ($SentRouterosUpdateNotification = $Update->"latest-version") do={ - $LogPrintExit2 info $0 ("Already sent the RouterOS downgrade notification for version " . \ - $Update->"latest-version" . ".") true; - } - - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "warning-sign" ] . "RouterOS version: " . $Update->"latest-version"); \ - message=("A different RouterOS version " . ($Update->"latest-version") . \ - " is available for " . $Identity . ", but it is a downgrade.\n\n" . \ - [ $DeviceInfo ]); link=$Link; silent=true }); - $LogPrintExit2 info $0 ("A different RouterOS version " . ($Update->"latest-version") . \ - " is available for downgrade.") false; - :set SentRouterosUpdateNotification ($Update->"latest-version"); -} +$Main [ :jobname ]; From e2b87c8634e12fe1fae22d15f2ca2e6ae365c789 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:00 +0100 Subject: [PATCH 202/908] collect-wireless-mac: move code into function --- collect-wireless-mac.capsman.rsc | 127 +++++++++++---------- collect-wireless-mac.local.rsc | 129 +++++++++++---------- collect-wireless-mac.template.rsc | 177 +++++++++++++++-------------- collect-wireless-mac.wifi.rsc | 127 +++++++++++---------- collect-wireless-mac.wifiwave2.rsc | 127 +++++++++++---------- 5 files changed, 356 insertions(+), 331 deletions(-) diff --git a/collect-wireless-mac.capsman.rsc b/collect-wireless-mac.capsman.rsc index 937d8ce..0ae15ee 100644 --- a/collect-wireless-mac.capsman.rsc +++ b/collect-wireless-mac.capsman.rsc @@ -11,81 +11,86 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global Identity; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global EitherOr; -:global FormatLine; -:global FormatMultiLines; -:global GetMacVendor; -:global LogPrintExit2; -:global ScriptLock; -:global SendNotification2; -:global SymbolForNotification; + :global Identity; -$ScriptLock $0 false 10; + :global EitherOr; + :global FormatLine; + :global FormatMultiLines; + :global GetMacVendor; + :global LogPrintExit2; + :global ScriptLock; + :global SendNotification2; + :global SymbolForNotification; -:if ([ :len [ /caps-man/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ - /caps-man/access-list/add comment="--- collected above ---" disabled=yes; - $LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- collected above ---'.") false; -} -:local PlaceBefore ([ /caps-man/access-list/find where comment="--- collected above ---" disabled ]->0); + $ScriptLock $ScriptName false 10; -:foreach Reg in=[ /caps-man/registration-table/find ] do={ - :local RegVal; - :do { - :set RegVal [ /caps-man/registration-table/get $Reg ]; - } on-error={ - $LogPrintExit2 debug $0 ("Device already gone... Ignoring.") false; + :if ([ :len [ /caps-man/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ + /caps-man/access-list/add comment="--- collected above ---" disabled=yes; + $LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- collected above ---'.") false; } + :local PlaceBefore ([ /caps-man/access-list/find where comment="--- collected above ---" disabled ]->0); - :if ([ :len ($RegVal->"mac-address") ] > 0) do={ - :local AccessList ([ /caps-man/access-list/find where mac-address=($RegVal->"mac-address") ]->0); - :if ([ :len $AccessList ] > 0) do={ - $LogPrintExit2 debug $0 ("MAC address " . $RegVal->"mac-address" . " already known: " . \ - [ /caps-man/access-list/get $AccessList comment ]) false; + :foreach Reg in=[ /caps-man/registration-table/find ] do={ + :local RegVal; + :do { + :set RegVal [ /caps-man/registration-table/get $Reg ]; + } on-error={ + $LogPrintExit2 debug $ScriptName ("Device already gone... Ignoring.") false; } - :if ([ :len $AccessList ] = 0) do={ - :local Address "no dhcp lease"; - :local DnsName "no dhcp lease"; - :local HostName "no dhcp lease"; - :local Lease ([ /ip/dhcp-server/lease/find where active-mac-address=($RegVal->"mac-address") dynamic=yes status=bound ]->0); - :if ([ :len $Lease ] > 0) do={ - :set Address [ /ip/dhcp-server/lease/get $Lease active-address ]; - :set HostName [ $EitherOr [ /ip/dhcp-server/lease/get $Lease host-name ] "no hostname" ]; - :set DnsName "no dns name"; - :local DnsRec ([ /ip/dns/static/find where address=$Address ]->0); - :if ([ :len $DnsRec ] > 0) do={ - :set DnsName ({ [ /ip/dns/static/get $DnsRec name ] }); - :foreach CName in=[ /ip/dns/static/find where type=CNAME cname=($DnsName->0) ] do={ - :set DnsName ($DnsName, [ /ip/dns/static/get $CName name ]); + :if ([ :len ($RegVal->"mac-address") ] > 0) do={ + :local AccessList ([ /caps-man/access-list/find where mac-address=($RegVal->"mac-address") ]->0); + :if ([ :len $AccessList ] > 0) do={ + $LogPrintExit2 debug $ScriptName ("MAC address " . $RegVal->"mac-address" . " already known: " . \ + [ /caps-man/access-list/get $AccessList comment ]) false; + } + + :if ([ :len $AccessList ] = 0) do={ + :local Address "no dhcp lease"; + :local DnsName "no dhcp lease"; + :local HostName "no dhcp lease"; + :local Lease ([ /ip/dhcp-server/lease/find where active-mac-address=($RegVal->"mac-address") dynamic=yes status=bound ]->0); + :if ([ :len $Lease ] > 0) do={ + :set Address [ /ip/dhcp-server/lease/get $Lease active-address ]; + :set HostName [ $EitherOr [ /ip/dhcp-server/lease/get $Lease host-name ] "no hostname" ]; + :set DnsName "no dns name"; + :local DnsRec ([ /ip/dns/static/find where address=$Address ]->0); + :if ([ :len $DnsRec ] > 0) do={ + :set DnsName ({ [ /ip/dns/static/get $DnsRec name ] }); + :foreach CName in=[ /ip/dns/static/find where type=CNAME cname=($DnsName->0) ] do={ + :set DnsName ($DnsName, [ /ip/dns/static/get $CName name ]); + } } } + :local DateTime ([ /system/clock/get date ] . " " . [ /system/clock/get time ]); + :local Vendor [ $GetMacVendor ($RegVal->"mac-address") ]; + :local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \ + "first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface"); + $LogPrintExit2 info $ScriptName $Message false; + /caps-man/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \ + message=("A device with unknown MAC address connected to " . $RegVal->"ssid" . " on " . $Identity . ".\n\n" . \ + [ $FormatLine "Controller" $Identity ] . "\n" . \ + [ $FormatLine "Interface" ($RegVal->"interface") ] . "\n" . \ + [ $FormatLine "SSID" ($RegVal->"ssid") ] . "\n" . \ + [ $FormatLine "MAC" ($RegVal->"mac-address") ] . "\n" . \ + [ $FormatLine "Vendor" $Vendor ] . "\n" . \ + [ $FormatLine "Hostname" $HostName ] . "\n" . \ + [ $FormatLine "Address" $Address ] . "\n" . \ + [ $FormatMultiLines "DNS name" $DnsName ] . "\n" . \ + [ $FormatLine "Date" $DateTime ]) }); } - :local DateTime ([ /system/clock/get date ] . " " . [ /system/clock/get time ]); - :local Vendor [ $GetMacVendor ($RegVal->"mac-address") ]; - :local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \ - "first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface"); - $LogPrintExit2 info $0 $Message false; - /caps-man/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \ - message=("A device with unknown MAC address connected to " . $RegVal->"ssid" . " on " . $Identity . ".\n\n" . \ - [ $FormatLine "Controller" $Identity ] . "\n" . \ - [ $FormatLine "Interface" ($RegVal->"interface") ] . "\n" . \ - [ $FormatLine "SSID" ($RegVal->"ssid") ] . "\n" . \ - [ $FormatLine "MAC" ($RegVal->"mac-address") ] . "\n" . \ - [ $FormatLine "Vendor" $Vendor ] . "\n" . \ - [ $FormatLine "Hostname" $HostName ] . "\n" . \ - [ $FormatLine "Address" $Address ] . "\n" . \ - [ $FormatMultiLines "DNS name" $DnsName ] . "\n" . \ - [ $FormatLine "Date" $DateTime ]) }); + } else={ + $LogPrintExit2 debug $ScriptName ("No mac address available... Ignoring.") false; } - } else={ - $LogPrintExit2 debug $0 ("No mac address available... Ignoring.") false; } } + +$Main [ :jobname ]; diff --git a/collect-wireless-mac.local.rsc b/collect-wireless-mac.local.rsc index 17f969b..0353ddb 100644 --- a/collect-wireless-mac.local.rsc +++ b/collect-wireless-mac.local.rsc @@ -11,82 +11,87 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global Identity; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global EitherOr; -:global FormatLine; -:global FormatMultiLines; -:global GetMacVendor; -:global LogPrintExit2; -:global ScriptLock; -:global SendNotification2; -:global SymbolForNotification; + :global Identity; -$ScriptLock $0 false 10; + :global EitherOr; + :global FormatLine; + :global FormatMultiLines; + :global GetMacVendor; + :global LogPrintExit2; + :global ScriptLock; + :global SendNotification2; + :global SymbolForNotification; -:if ([ :len [ /interface/wireless/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ - /interface/wireless/access-list/add comment="--- collected above ---" disabled=yes; - $LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- collected above ---'.") false; -} -:local PlaceBefore ([ /interface/wireless/access-list/find where comment="--- collected above ---" disabled ]->0); + $ScriptLock $ScriptName false 10; -:foreach Reg in=[ /interface/wireless/registration-table/find where ap=no ] do={ - :local RegVal; - :do { - :set RegVal [ /interface/wireless/registration-table/get $Reg ]; - } on-error={ - $LogPrintExit2 debug $0 ("Device already gone... Ignoring.") false; + :if ([ :len [ /interface/wireless/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ + /interface/wireless/access-list/add comment="--- collected above ---" disabled=yes; + $LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- collected above ---'.") false; } + :local PlaceBefore ([ /interface/wireless/access-list/find where comment="--- collected above ---" disabled ]->0); - :if ([ :len ($RegVal->"mac-address") ] > 0) do={ - :local AccessList ([ /interface/wireless/access-list/find where mac-address=($RegVal->"mac-address") ]->0); - :if ([ :len $AccessList ] > 0) do={ - $LogPrintExit2 debug $0 ("MAC address " . $RegVal->"mac-address" . " already known: " . \ - [ /interface/wireless/access-list/get $AccessList comment ]) false; + :foreach Reg in=[ /interface/wireless/registration-table/find where ap=no ] do={ + :local RegVal; + :do { + :set RegVal [ /interface/wireless/registration-table/get $Reg ]; + } on-error={ + $LogPrintExit2 debug $ScriptName ("Device already gone... Ignoring.") false; } - :if ([ :len $AccessList ] = 0) do={ - :local Address "no dhcp lease"; - :local DnsName "no dhcp lease"; - :local HostName "no dhcp lease"; - :local Lease ([ /ip/dhcp-server/lease/find where active-mac-address=($RegVal->"mac-address") dynamic=yes status=bound ]->0); - :if ([ :len $Lease ] > 0) do={ - :set Address [ /ip/dhcp-server/lease/get $Lease active-address ]; - :set HostName [ $EitherOr [ /ip/dhcp-server/lease/get $Lease host-name ] "no hostname" ]; - :set DnsName "no dns name"; - :local DnsRec ([ /ip/dns/static/find where address=$Address ]->0); - :if ([ :len $DnsRec ] > 0) do={ - :set DnsName ({ [ /ip/dns/static/get $DnsRec name ] }); - :foreach CName in=[ /ip/dns/static/find where type=CNAME cname=($DnsName->0) ] do={ - :set DnsName ($DnsName, [ /ip/dns/static/get $CName name ]); + :if ([ :len ($RegVal->"mac-address") ] > 0) do={ + :local AccessList ([ /interface/wireless/access-list/find where mac-address=($RegVal->"mac-address") ]->0); + :if ([ :len $AccessList ] > 0) do={ + $LogPrintExit2 debug $ScriptName ("MAC address " . $RegVal->"mac-address" . " already known: " . \ + [ /interface/wireless/access-list/get $AccessList comment ]) false; + } + + :if ([ :len $AccessList ] = 0) do={ + :local Address "no dhcp lease"; + :local DnsName "no dhcp lease"; + :local HostName "no dhcp lease"; + :local Lease ([ /ip/dhcp-server/lease/find where active-mac-address=($RegVal->"mac-address") dynamic=yes status=bound ]->0); + :if ([ :len $Lease ] > 0) do={ + :set Address [ /ip/dhcp-server/lease/get $Lease active-address ]; + :set HostName [ $EitherOr [ /ip/dhcp-server/lease/get $Lease host-name ] "no hostname" ]; + :set DnsName "no dns name"; + :local DnsRec ([ /ip/dns/static/find where address=$Address ]->0); + :if ([ :len $DnsRec ] > 0) do={ + :set DnsName ({ [ /ip/dns/static/get $DnsRec name ] }); + :foreach CName in=[ /ip/dns/static/find where type=CNAME cname=($DnsName->0) ] do={ + :set DnsName ($DnsName, [ /ip/dns/static/get $CName name ]); + } } } + :set ($RegVal->"ssid") [ /interface/wireless/get [ find where name=($RegVal->"interface") ] ssid ]; + :local DateTime ([ /system/clock/get date ] . " " . [ /system/clock/get time ]); + :local Vendor [ $GetMacVendor ($RegVal->"mac-address") ]; + :local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \ + "first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface"); + $LogPrintExit2 info $ScriptName $Message false; + /interface/wireless/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \ + message=("A device with unknown MAC address connected to " . $RegVal->"ssid" . " on " . $Identity . ".\n\n" . \ + [ $FormatLine "Controller" $Identity ] . "\n" . \ + [ $FormatLine "Interface" ($RegVal->"interface") ] . "\n" . \ + [ $FormatLine "SSID" ($RegVal->"ssid") ] . "\n" . \ + [ $FormatLine "MAC" ($RegVal->"mac-address") ] . "\n" . \ + [ $FormatLine "Vendor" $Vendor ] . "\n" . \ + [ $FormatLine "Hostname" $HostName ] . "\n" . \ + [ $FormatLine "Address" $Address ] . "\n" . \ + [ $FormatMultiLines "DNS name" $DnsName ] . "\n" . \ + [ $FormatLine "Date" $DateTime ]) }); } - :set ($RegVal->"ssid") [ /interface/wireless/get [ find where name=($RegVal->"interface") ] ssid ]; - :local DateTime ([ /system/clock/get date ] . " " . [ /system/clock/get time ]); - :local Vendor [ $GetMacVendor ($RegVal->"mac-address") ]; - :local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \ - "first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface"); - $LogPrintExit2 info $0 $Message false; - /interface/wireless/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \ - message=("A device with unknown MAC address connected to " . $RegVal->"ssid" . " on " . $Identity . ".\n\n" . \ - [ $FormatLine "Controller" $Identity ] . "\n" . \ - [ $FormatLine "Interface" ($RegVal->"interface") ] . "\n" . \ - [ $FormatLine "SSID" ($RegVal->"ssid") ] . "\n" . \ - [ $FormatLine "MAC" ($RegVal->"mac-address") ] . "\n" . \ - [ $FormatLine "Vendor" $Vendor ] . "\n" . \ - [ $FormatLine "Hostname" $HostName ] . "\n" . \ - [ $FormatLine "Address" $Address ] . "\n" . \ - [ $FormatMultiLines "DNS name" $DnsName ] . "\n" . \ - [ $FormatLine "Date" $DateTime ]) }); + } else={ + $LogPrintExit2 debug $ScriptName ("No mac address available... Ignoring.") false; } - } else={ - $LogPrintExit2 debug $0 ("No mac address available... Ignoring.") false; } } + +$Main [ :jobname ]; diff --git a/collect-wireless-mac.template.rsc b/collect-wireless-mac.template.rsc index c5420f1..71f5679 100644 --- a/collect-wireless-mac.template.rsc +++ b/collect-wireless-mac.template.rsc @@ -12,106 +12,111 @@ # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global Identity; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global EitherOr; -:global FormatLine; -:global FormatMultiLines; -:global GetMacVendor; -:global LogPrintExit2; -:global ScriptLock; -:global SendNotification2; -:global SymbolForNotification; + :global Identity; -$ScriptLock $0 false 10; + :global EitherOr; + :global FormatLine; + :global FormatMultiLines; + :global GetMacVendor; + :global LogPrintExit2; + :global ScriptLock; + :global SendNotification2; + :global SymbolForNotification; -:if ([ :len [ /caps-man/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ -:if ([ :len [ /interface/wifi/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ -:if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ -:if ([ :len [ /interface/wireless/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ - /caps-man/access-list/add comment="--- collected above ---" disabled=yes; - /interface/wifi/access-list/add comment="--- collected above ---" disabled=yes; - /interface/wifiwave2/access-list/add comment="--- collected above ---" disabled=yes; - /interface/wireless/access-list/add comment="--- collected above ---" disabled=yes; - $LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- collected above ---'.") false; -} -:local PlaceBefore ([ /caps-man/access-list/find where comment="--- collected above ---" disabled ]->0); -:local PlaceBefore ([ /interface/wifi/access-list/find where comment="--- collected above ---" disabled ]->0); -:local PlaceBefore ([ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ]->0); -:local PlaceBefore ([ /interface/wireless/access-list/find where comment="--- collected above ---" disabled ]->0); + $ScriptLock $ScriptName false 10; -:foreach Reg in=[ /caps-man/registration-table/find ] do={ -:foreach Reg in=[ /interface/wifi/registration-table/find ] do={ -:foreach Reg in=[ /interface/wifiwave2/registration-table/find ] do={ -:foreach Reg in=[ /interface/wireless/registration-table/find where ap=no ] do={ - :local RegVal; - :do { - :set RegVal [ /caps-man/registration-table/get $Reg ]; - :set RegVal [ /interface/wifi/registration-table/get $Reg ]; - :set RegVal [ /interface/wifiwave2/registration-table/get $Reg ]; - :set RegVal [ /interface/wireless/registration-table/get $Reg ]; - } on-error={ - $LogPrintExit2 debug $0 ("Device already gone... Ignoring.") false; + :if ([ :len [ /caps-man/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ + :if ([ :len [ /interface/wifi/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ + :if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ + :if ([ :len [ /interface/wireless/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ + /caps-man/access-list/add comment="--- collected above ---" disabled=yes; + /interface/wifi/access-list/add comment="--- collected above ---" disabled=yes; + /interface/wifiwave2/access-list/add comment="--- collected above ---" disabled=yes; + /interface/wireless/access-list/add comment="--- collected above ---" disabled=yes; + $LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- collected above ---'.") false; } + :local PlaceBefore ([ /caps-man/access-list/find where comment="--- collected above ---" disabled ]->0); + :local PlaceBefore ([ /interface/wifi/access-list/find where comment="--- collected above ---" disabled ]->0); + :local PlaceBefore ([ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ]->0); + :local PlaceBefore ([ /interface/wireless/access-list/find where comment="--- collected above ---" disabled ]->0); - :if ([ :len ($RegVal->"mac-address") ] > 0) do={ - :local AccessList ([ /caps-man/access-list/find where mac-address=($RegVal->"mac-address") ]->0); - :local AccessList ([ /interface/wifi/access-list/find where mac-address=($RegVal->"mac-address") ]->0); - :local AccessList ([ /interface/wifiwave2/access-list/find where mac-address=($RegVal->"mac-address") ]->0); - :local AccessList ([ /interface/wireless/access-list/find where mac-address=($RegVal->"mac-address") ]->0); - :if ([ :len $AccessList ] > 0) do={ - $LogPrintExit2 debug $0 ("MAC address " . $RegVal->"mac-address" . " already known: " . \ - [ /caps-man/access-list/get $AccessList comment ]) false; - [ /interface/wifi/access-list/get $AccessList comment ]) false; - [ /interface/wifiwave2/access-list/get $AccessList comment ]) false; - [ /interface/wireless/access-list/get $AccessList comment ]) false; + :foreach Reg in=[ /caps-man/registration-table/find ] do={ + :foreach Reg in=[ /interface/wifi/registration-table/find ] do={ + :foreach Reg in=[ /interface/wifiwave2/registration-table/find ] do={ + :foreach Reg in=[ /interface/wireless/registration-table/find where ap=no ] do={ + :local RegVal; + :do { + :set RegVal [ /caps-man/registration-table/get $Reg ]; + :set RegVal [ /interface/wifi/registration-table/get $Reg ]; + :set RegVal [ /interface/wifiwave2/registration-table/get $Reg ]; + :set RegVal [ /interface/wireless/registration-table/get $Reg ]; + } on-error={ + $LogPrintExit2 debug $ScriptName ("Device already gone... Ignoring.") false; } - :if ([ :len $AccessList ] = 0) do={ - :local Address "no dhcp lease"; - :local DnsName "no dhcp lease"; - :local HostName "no dhcp lease"; - :local Lease ([ /ip/dhcp-server/lease/find where active-mac-address=($RegVal->"mac-address") dynamic=yes status=bound ]->0); - :if ([ :len $Lease ] > 0) do={ - :set Address [ /ip/dhcp-server/lease/get $Lease active-address ]; - :set HostName [ $EitherOr [ /ip/dhcp-server/lease/get $Lease host-name ] "no hostname" ]; - :set DnsName "no dns name"; - :local DnsRec ([ /ip/dns/static/find where address=$Address ]->0); - :if ([ :len $DnsRec ] > 0) do={ - :set DnsName ({ [ /ip/dns/static/get $DnsRec name ] }); - :foreach CName in=[ /ip/dns/static/find where type=CNAME cname=($DnsName->0) ] do={ - :set DnsName ($DnsName, [ /ip/dns/static/get $CName name ]); + :if ([ :len ($RegVal->"mac-address") ] > 0) do={ + :local AccessList ([ /caps-man/access-list/find where mac-address=($RegVal->"mac-address") ]->0); + :local AccessList ([ /interface/wifi/access-list/find where mac-address=($RegVal->"mac-address") ]->0); + :local AccessList ([ /interface/wifiwave2/access-list/find where mac-address=($RegVal->"mac-address") ]->0); + :local AccessList ([ /interface/wireless/access-list/find where mac-address=($RegVal->"mac-address") ]->0); + :if ([ :len $AccessList ] > 0) do={ + $LogPrintExit2 debug $ScriptName ("MAC address " . $RegVal->"mac-address" . " already known: " . \ + [ /caps-man/access-list/get $AccessList comment ]) false; + [ /interface/wifi/access-list/get $AccessList comment ]) false; + [ /interface/wifiwave2/access-list/get $AccessList comment ]) false; + [ /interface/wireless/access-list/get $AccessList comment ]) false; + } + + :if ([ :len $AccessList ] = 0) do={ + :local Address "no dhcp lease"; + :local DnsName "no dhcp lease"; + :local HostName "no dhcp lease"; + :local Lease ([ /ip/dhcp-server/lease/find where active-mac-address=($RegVal->"mac-address") dynamic=yes status=bound ]->0); + :if ([ :len $Lease ] > 0) do={ + :set Address [ /ip/dhcp-server/lease/get $Lease active-address ]; + :set HostName [ $EitherOr [ /ip/dhcp-server/lease/get $Lease host-name ] "no hostname" ]; + :set DnsName "no dns name"; + :local DnsRec ([ /ip/dns/static/find where address=$Address ]->0); + :if ([ :len $DnsRec ] > 0) do={ + :set DnsName ({ [ /ip/dns/static/get $DnsRec name ] }); + :foreach CName in=[ /ip/dns/static/find where type=CNAME cname=($DnsName->0) ] do={ + :set DnsName ($DnsName, [ /ip/dns/static/get $CName name ]); + } } } + :set ($RegVal->"ssid") [ /interface/wireless/get [ find where name=($RegVal->"interface") ] ssid ]; + :local DateTime ([ /system/clock/get date ] . " " . [ /system/clock/get time ]); + :local Vendor [ $GetMacVendor ($RegVal->"mac-address") ]; + :local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \ + "first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface"); + $LogPrintExit2 info $ScriptName $Message false; + /caps-man/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; + /interface/wifi/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; + /interface/wifiwave2/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; + /interface/wireless/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \ + message=("A device with unknown MAC address connected to " . $RegVal->"ssid" . " on " . $Identity . ".\n\n" . \ + [ $FormatLine "Controller" $Identity ] . "\n" . \ + [ $FormatLine "Interface" ($RegVal->"interface") ] . "\n" . \ + [ $FormatLine "SSID" ($RegVal->"ssid") ] . "\n" . \ + [ $FormatLine "MAC" ($RegVal->"mac-address") ] . "\n" . \ + [ $FormatLine "Vendor" $Vendor ] . "\n" . \ + [ $FormatLine "Hostname" $HostName ] . "\n" . \ + [ $FormatLine "Address" $Address ] . "\n" . \ + [ $FormatMultiLines "DNS name" $DnsName ] . "\n" . \ + [ $FormatLine "Date" $DateTime ]) }); } - :set ($RegVal->"ssid") [ /interface/wireless/get [ find where name=($RegVal->"interface") ] ssid ]; - :local DateTime ([ /system/clock/get date ] . " " . [ /system/clock/get time ]); - :local Vendor [ $GetMacVendor ($RegVal->"mac-address") ]; - :local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \ - "first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface"); - $LogPrintExit2 info $0 $Message false; - /caps-man/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; - /interface/wifi/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; - /interface/wifiwave2/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; - /interface/wireless/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \ - message=("A device with unknown MAC address connected to " . $RegVal->"ssid" . " on " . $Identity . ".\n\n" . \ - [ $FormatLine "Controller" $Identity ] . "\n" . \ - [ $FormatLine "Interface" ($RegVal->"interface") ] . "\n" . \ - [ $FormatLine "SSID" ($RegVal->"ssid") ] . "\n" . \ - [ $FormatLine "MAC" ($RegVal->"mac-address") ] . "\n" . \ - [ $FormatLine "Vendor" $Vendor ] . "\n" . \ - [ $FormatLine "Hostname" $HostName ] . "\n" . \ - [ $FormatLine "Address" $Address ] . "\n" . \ - [ $FormatMultiLines "DNS name" $DnsName ] . "\n" . \ - [ $FormatLine "Date" $DateTime ]) }); + } else={ + $LogPrintExit2 debug $ScriptName ("No mac address available... Ignoring.") false; } - } else={ - $LogPrintExit2 debug $0 ("No mac address available... Ignoring.") false; } } + +$Main [ :jobname ]; diff --git a/collect-wireless-mac.wifi.rsc b/collect-wireless-mac.wifi.rsc index 7bc442a..f35cdad 100644 --- a/collect-wireless-mac.wifi.rsc +++ b/collect-wireless-mac.wifi.rsc @@ -11,81 +11,86 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global Identity; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global EitherOr; -:global FormatLine; -:global FormatMultiLines; -:global GetMacVendor; -:global LogPrintExit2; -:global ScriptLock; -:global SendNotification2; -:global SymbolForNotification; + :global Identity; -$ScriptLock $0 false 10; + :global EitherOr; + :global FormatLine; + :global FormatMultiLines; + :global GetMacVendor; + :global LogPrintExit2; + :global ScriptLock; + :global SendNotification2; + :global SymbolForNotification; -:if ([ :len [ /interface/wifi/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ - /interface/wifi/access-list/add comment="--- collected above ---" disabled=yes; - $LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- collected above ---'.") false; -} -:local PlaceBefore ([ /interface/wifi/access-list/find where comment="--- collected above ---" disabled ]->0); + $ScriptLock $ScriptName false 10; -:foreach Reg in=[ /interface/wifi/registration-table/find ] do={ - :local RegVal; - :do { - :set RegVal [ /interface/wifi/registration-table/get $Reg ]; - } on-error={ - $LogPrintExit2 debug $0 ("Device already gone... Ignoring.") false; + :if ([ :len [ /interface/wifi/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ + /interface/wifi/access-list/add comment="--- collected above ---" disabled=yes; + $LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- collected above ---'.") false; } + :local PlaceBefore ([ /interface/wifi/access-list/find where comment="--- collected above ---" disabled ]->0); - :if ([ :len ($RegVal->"mac-address") ] > 0) do={ - :local AccessList ([ /interface/wifi/access-list/find where mac-address=($RegVal->"mac-address") ]->0); - :if ([ :len $AccessList ] > 0) do={ - $LogPrintExit2 debug $0 ("MAC address " . $RegVal->"mac-address" . " already known: " . \ - [ /interface/wifi/access-list/get $AccessList comment ]) false; + :foreach Reg in=[ /interface/wifi/registration-table/find ] do={ + :local RegVal; + :do { + :set RegVal [ /interface/wifi/registration-table/get $Reg ]; + } on-error={ + $LogPrintExit2 debug $ScriptName ("Device already gone... Ignoring.") false; } - :if ([ :len $AccessList ] = 0) do={ - :local Address "no dhcp lease"; - :local DnsName "no dhcp lease"; - :local HostName "no dhcp lease"; - :local Lease ([ /ip/dhcp-server/lease/find where active-mac-address=($RegVal->"mac-address") dynamic=yes status=bound ]->0); - :if ([ :len $Lease ] > 0) do={ - :set Address [ /ip/dhcp-server/lease/get $Lease active-address ]; - :set HostName [ $EitherOr [ /ip/dhcp-server/lease/get $Lease host-name ] "no hostname" ]; - :set DnsName "no dns name"; - :local DnsRec ([ /ip/dns/static/find where address=$Address ]->0); - :if ([ :len $DnsRec ] > 0) do={ - :set DnsName ({ [ /ip/dns/static/get $DnsRec name ] }); - :foreach CName in=[ /ip/dns/static/find where type=CNAME cname=($DnsName->0) ] do={ - :set DnsName ($DnsName, [ /ip/dns/static/get $CName name ]); + :if ([ :len ($RegVal->"mac-address") ] > 0) do={ + :local AccessList ([ /interface/wifi/access-list/find where mac-address=($RegVal->"mac-address") ]->0); + :if ([ :len $AccessList ] > 0) do={ + $LogPrintExit2 debug $ScriptName ("MAC address " . $RegVal->"mac-address" . " already known: " . \ + [ /interface/wifi/access-list/get $AccessList comment ]) false; + } + + :if ([ :len $AccessList ] = 0) do={ + :local Address "no dhcp lease"; + :local DnsName "no dhcp lease"; + :local HostName "no dhcp lease"; + :local Lease ([ /ip/dhcp-server/lease/find where active-mac-address=($RegVal->"mac-address") dynamic=yes status=bound ]->0); + :if ([ :len $Lease ] > 0) do={ + :set Address [ /ip/dhcp-server/lease/get $Lease active-address ]; + :set HostName [ $EitherOr [ /ip/dhcp-server/lease/get $Lease host-name ] "no hostname" ]; + :set DnsName "no dns name"; + :local DnsRec ([ /ip/dns/static/find where address=$Address ]->0); + :if ([ :len $DnsRec ] > 0) do={ + :set DnsName ({ [ /ip/dns/static/get $DnsRec name ] }); + :foreach CName in=[ /ip/dns/static/find where type=CNAME cname=($DnsName->0) ] do={ + :set DnsName ($DnsName, [ /ip/dns/static/get $CName name ]); + } } } + :local DateTime ([ /system/clock/get date ] . " " . [ /system/clock/get time ]); + :local Vendor [ $GetMacVendor ($RegVal->"mac-address") ]; + :local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \ + "first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface"); + $LogPrintExit2 info $ScriptName $Message false; + /interface/wifi/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \ + message=("A device with unknown MAC address connected to " . $RegVal->"ssid" . " on " . $Identity . ".\n\n" . \ + [ $FormatLine "Controller" $Identity ] . "\n" . \ + [ $FormatLine "Interface" ($RegVal->"interface") ] . "\n" . \ + [ $FormatLine "SSID" ($RegVal->"ssid") ] . "\n" . \ + [ $FormatLine "MAC" ($RegVal->"mac-address") ] . "\n" . \ + [ $FormatLine "Vendor" $Vendor ] . "\n" . \ + [ $FormatLine "Hostname" $HostName ] . "\n" . \ + [ $FormatLine "Address" $Address ] . "\n" . \ + [ $FormatMultiLines "DNS name" $DnsName ] . "\n" . \ + [ $FormatLine "Date" $DateTime ]) }); } - :local DateTime ([ /system/clock/get date ] . " " . [ /system/clock/get time ]); - :local Vendor [ $GetMacVendor ($RegVal->"mac-address") ]; - :local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \ - "first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface"); - $LogPrintExit2 info $0 $Message false; - /interface/wifi/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \ - message=("A device with unknown MAC address connected to " . $RegVal->"ssid" . " on " . $Identity . ".\n\n" . \ - [ $FormatLine "Controller" $Identity ] . "\n" . \ - [ $FormatLine "Interface" ($RegVal->"interface") ] . "\n" . \ - [ $FormatLine "SSID" ($RegVal->"ssid") ] . "\n" . \ - [ $FormatLine "MAC" ($RegVal->"mac-address") ] . "\n" . \ - [ $FormatLine "Vendor" $Vendor ] . "\n" . \ - [ $FormatLine "Hostname" $HostName ] . "\n" . \ - [ $FormatLine "Address" $Address ] . "\n" . \ - [ $FormatMultiLines "DNS name" $DnsName ] . "\n" . \ - [ $FormatLine "Date" $DateTime ]) }); + } else={ + $LogPrintExit2 debug $ScriptName ("No mac address available... Ignoring.") false; } - } else={ - $LogPrintExit2 debug $0 ("No mac address available... Ignoring.") false; } } + +$Main [ :jobname ]; diff --git a/collect-wireless-mac.wifiwave2.rsc b/collect-wireless-mac.wifiwave2.rsc index d2b0e6b..86aef65 100644 --- a/collect-wireless-mac.wifiwave2.rsc +++ b/collect-wireless-mac.wifiwave2.rsc @@ -11,81 +11,86 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global Identity; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global EitherOr; -:global FormatLine; -:global FormatMultiLines; -:global GetMacVendor; -:global LogPrintExit2; -:global ScriptLock; -:global SendNotification2; -:global SymbolForNotification; + :global Identity; -$ScriptLock $0 false 10; + :global EitherOr; + :global FormatLine; + :global FormatMultiLines; + :global GetMacVendor; + :global LogPrintExit2; + :global ScriptLock; + :global SendNotification2; + :global SymbolForNotification; -:if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ - /interface/wifiwave2/access-list/add comment="--- collected above ---" disabled=yes; - $LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- collected above ---'.") false; -} -:local PlaceBefore ([ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ]->0); + $ScriptLock $ScriptName false 10; -:foreach Reg in=[ /interface/wifiwave2/registration-table/find ] do={ - :local RegVal; - :do { - :set RegVal [ /interface/wifiwave2/registration-table/get $Reg ]; - } on-error={ - $LogPrintExit2 debug $0 ("Device already gone... Ignoring.") false; + :if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ + /interface/wifiwave2/access-list/add comment="--- collected above ---" disabled=yes; + $LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- collected above ---'.") false; } + :local PlaceBefore ([ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ]->0); - :if ([ :len ($RegVal->"mac-address") ] > 0) do={ - :local AccessList ([ /interface/wifiwave2/access-list/find where mac-address=($RegVal->"mac-address") ]->0); - :if ([ :len $AccessList ] > 0) do={ - $LogPrintExit2 debug $0 ("MAC address " . $RegVal->"mac-address" . " already known: " . \ - [ /interface/wifiwave2/access-list/get $AccessList comment ]) false; + :foreach Reg in=[ /interface/wifiwave2/registration-table/find ] do={ + :local RegVal; + :do { + :set RegVal [ /interface/wifiwave2/registration-table/get $Reg ]; + } on-error={ + $LogPrintExit2 debug $ScriptName ("Device already gone... Ignoring.") false; } - :if ([ :len $AccessList ] = 0) do={ - :local Address "no dhcp lease"; - :local DnsName "no dhcp lease"; - :local HostName "no dhcp lease"; - :local Lease ([ /ip/dhcp-server/lease/find where active-mac-address=($RegVal->"mac-address") dynamic=yes status=bound ]->0); - :if ([ :len $Lease ] > 0) do={ - :set Address [ /ip/dhcp-server/lease/get $Lease active-address ]; - :set HostName [ $EitherOr [ /ip/dhcp-server/lease/get $Lease host-name ] "no hostname" ]; - :set DnsName "no dns name"; - :local DnsRec ([ /ip/dns/static/find where address=$Address ]->0); - :if ([ :len $DnsRec ] > 0) do={ - :set DnsName ({ [ /ip/dns/static/get $DnsRec name ] }); - :foreach CName in=[ /ip/dns/static/find where type=CNAME cname=($DnsName->0) ] do={ - :set DnsName ($DnsName, [ /ip/dns/static/get $CName name ]); + :if ([ :len ($RegVal->"mac-address") ] > 0) do={ + :local AccessList ([ /interface/wifiwave2/access-list/find where mac-address=($RegVal->"mac-address") ]->0); + :if ([ :len $AccessList ] > 0) do={ + $LogPrintExit2 debug $ScriptName ("MAC address " . $RegVal->"mac-address" . " already known: " . \ + [ /interface/wifiwave2/access-list/get $AccessList comment ]) false; + } + + :if ([ :len $AccessList ] = 0) do={ + :local Address "no dhcp lease"; + :local DnsName "no dhcp lease"; + :local HostName "no dhcp lease"; + :local Lease ([ /ip/dhcp-server/lease/find where active-mac-address=($RegVal->"mac-address") dynamic=yes status=bound ]->0); + :if ([ :len $Lease ] > 0) do={ + :set Address [ /ip/dhcp-server/lease/get $Lease active-address ]; + :set HostName [ $EitherOr [ /ip/dhcp-server/lease/get $Lease host-name ] "no hostname" ]; + :set DnsName "no dns name"; + :local DnsRec ([ /ip/dns/static/find where address=$Address ]->0); + :if ([ :len $DnsRec ] > 0) do={ + :set DnsName ({ [ /ip/dns/static/get $DnsRec name ] }); + :foreach CName in=[ /ip/dns/static/find where type=CNAME cname=($DnsName->0) ] do={ + :set DnsName ($DnsName, [ /ip/dns/static/get $CName name ]); + } } } + :local DateTime ([ /system/clock/get date ] . " " . [ /system/clock/get time ]); + :local Vendor [ $GetMacVendor ($RegVal->"mac-address") ]; + :local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \ + "first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface"); + $LogPrintExit2 info $ScriptName $Message false; + /interface/wifiwave2/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \ + message=("A device with unknown MAC address connected to " . $RegVal->"ssid" . " on " . $Identity . ".\n\n" . \ + [ $FormatLine "Controller" $Identity ] . "\n" . \ + [ $FormatLine "Interface" ($RegVal->"interface") ] . "\n" . \ + [ $FormatLine "SSID" ($RegVal->"ssid") ] . "\n" . \ + [ $FormatLine "MAC" ($RegVal->"mac-address") ] . "\n" . \ + [ $FormatLine "Vendor" $Vendor ] . "\n" . \ + [ $FormatLine "Hostname" $HostName ] . "\n" . \ + [ $FormatLine "Address" $Address ] . "\n" . \ + [ $FormatMultiLines "DNS name" $DnsName ] . "\n" . \ + [ $FormatLine "Date" $DateTime ]) }); } - :local DateTime ([ /system/clock/get date ] . " " . [ /system/clock/get time ]); - :local Vendor [ $GetMacVendor ($RegVal->"mac-address") ]; - :local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \ - "first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface"); - $LogPrintExit2 info $0 $Message false; - /interface/wifiwave2/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \ - message=("A device with unknown MAC address connected to " . $RegVal->"ssid" . " on " . $Identity . ".\n\n" . \ - [ $FormatLine "Controller" $Identity ] . "\n" . \ - [ $FormatLine "Interface" ($RegVal->"interface") ] . "\n" . \ - [ $FormatLine "SSID" ($RegVal->"ssid") ] . "\n" . \ - [ $FormatLine "MAC" ($RegVal->"mac-address") ] . "\n" . \ - [ $FormatLine "Vendor" $Vendor ] . "\n" . \ - [ $FormatLine "Hostname" $HostName ] . "\n" . \ - [ $FormatLine "Address" $Address ] . "\n" . \ - [ $FormatMultiLines "DNS name" $DnsName ] . "\n" . \ - [ $FormatLine "Date" $DateTime ]) }); + } else={ + $LogPrintExit2 debug $ScriptName ("No mac address available... Ignoring.") false; } - } else={ - $LogPrintExit2 debug $0 ("No mac address available... Ignoring.") false; } } + +$Main [ :jobname ]; From 31da6b8bd50e4e47713c4d603cb2ae6276ed1ff5 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:00 +0100 Subject: [PATCH 203/908] daily-psk: move code into function --- daily-psk.capsman.rsc | 115 +++++++++++++++-------------- daily-psk.local.rsc | 113 +++++++++++++++-------------- daily-psk.template.rsc | 157 +++++++++++++++++++++------------------- daily-psk.wifi.rsc | 115 +++++++++++++++-------------- daily-psk.wifiwave2.rsc | 115 +++++++++++++++-------------- 5 files changed, 320 insertions(+), 295 deletions(-) diff --git a/daily-psk.capsman.rsc b/daily-psk.capsman.rsc index f576d1d..b47ae14 100644 --- a/daily-psk.capsman.rsc +++ b/daily-psk.capsman.rsc @@ -11,77 +11,82 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global DailyPskMatchComment; -:global DailyPskQrCodeUrl; -:global Identity; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global FormatLine; -:global LogPrintExit2; -:global ScriptLock; -:global SendNotification2; -:global SymbolForNotification; -:global UrlEncode; -:global WaitForFile; -:global WaitFullyConnected; + :global DailyPskMatchComment; + :global DailyPskQrCodeUrl; + :global Identity; -$ScriptLock $0; -$WaitFullyConnected; + :global FormatLine; + :global LogPrintExit2; + :global ScriptLock; + :global SendNotification2; + :global SymbolForNotification; + :global UrlEncode; + :global WaitForFile; + :global WaitFullyConnected; -# return pseudo-random string for PSK -:local GeneratePSK do={ - :local Date [ :tostr $1 ]; + $ScriptLock $ScriptName; + $WaitFullyConnected; - :global DailyPskSecrets; + # return pseudo-random string for PSK + :local GeneratePSK do={ + :local Date [ :tostr $1 ]; - :global ParseDate; + :global DailyPskSecrets; - :set Date [ $ParseDate $Date ]; + :global ParseDate; - :local A ((14 - ($Date->"month")) / 12); - :local B (($Date->"year") - $A); - :local C (($Date->"month") + 12 * $A - 2); - :local WeekDay (7000 + ($Date->"day") + $B + ($B / 4) - ($B / 100) + ($B / 400) + ((31 * $C) / 12)); - :set WeekDay ($WeekDay - (($WeekDay / 7) * 7)); + :set Date [ $ParseDate $Date ]; - :return (($DailyPskSecrets->0->(($Date->"day") - 1)) . \ - ($DailyPskSecrets->1->(($Date->"month") - 1)) . \ - ($DailyPskSecrets->2->$WeekDay)); -} + :local A ((14 - ($Date->"month")) / 12); + :local B (($Date->"year") - $A); + :local C (($Date->"month") + 12 * $A - 2); + :local WeekDay (7000 + ($Date->"day") + $B + ($B / 4) - ($B / 100) + ($B / 400) + ((31 * $C) / 12)); + :set WeekDay ($WeekDay - (($WeekDay / 7) * 7)); -:local Seen ({}); -:local Date [ /system/clock/get date ]; -:local NewPsk [ $GeneratePSK $Date ]; + :return (($DailyPskSecrets->0->(($Date->"day") - 1)) . \ + ($DailyPskSecrets->1->(($Date->"month") - 1)) . \ + ($DailyPskSecrets->2->$WeekDay)); + } -:foreach AccList in=[ /caps-man/access-list/find where comment~$DailyPskMatchComment ] do={ - :local SsidRegExp [ /caps-man/access-list/get $AccList ssid-regexp ]; - :local Configuration ([ /caps-man/configuration/find where ssid~$SsidRegExp ]->0); - :local Ssid [ /caps-man/configuration/get $Configuration ssid ]; - :local OldPsk [ /caps-man/access-list/get $AccList private-passphrase ]; - :local Skip 0; + :local Seen ({}); + :local Date [ /system/clock/get date ]; + :local NewPsk [ $GeneratePSK $Date ]; - :if ($NewPsk != $OldPsk) do={ - $LogPrintExit2 info $0 ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false; - /caps-man/access-list/set $AccList private-passphrase=$NewPsk; + :foreach AccList in=[ /caps-man/access-list/find where comment~$DailyPskMatchComment ] do={ + :local SsidRegExp [ /caps-man/access-list/get $AccList ssid-regexp ]; + :local Configuration ([ /caps-man/configuration/find where ssid~$SsidRegExp ]->0); + :local Ssid [ /caps-man/configuration/get $Configuration ssid ]; + :local OldPsk [ /caps-man/access-list/get $AccList private-passphrase ]; + :local Skip 0; - :if ([ :len [ /caps-man/actual-interface-configuration/find where configuration.ssid=$Ssid !disabled ] ] > 0) do={ - :if ($Seen->$Ssid = 1) do={ - $LogPrintExit2 debug $0 ("Already sent a mail for SSID " . $Ssid . ", skipping.") false; - } else={ - :local Link ($DailyPskQrCodeUrl . \ - "?scale=8&level=1&ssid=" . [ $UrlEncode $Ssid ] . "&pass=" . [ $UrlEncode $NewPsk ]); - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "calendar" ] . "daily PSK " . $Ssid); \ - message=("This is the daily PSK on " . $Identity . ":\n\n" . \ - [ $FormatLine "SSID" $Ssid ] . "\n" . \ - [ $FormatLine "PSK" $NewPsk ] . "\n" . \ - [ $FormatLine "Date" $Date ] . "\n\n" . \ - "A client device specific rule must not exist!"); link=$Link }); - :set ($Seen->$Ssid) 1; + :if ($NewPsk != $OldPsk) do={ + $LogPrintExit2 info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false; + /caps-man/access-list/set $AccList private-passphrase=$NewPsk; + + :if ([ :len [ /caps-man/actual-interface-configuration/find where configuration.ssid=$Ssid !disabled ] ] > 0) do={ + :if ($Seen->$Ssid = 1) do={ + $LogPrintExit2 debug $ScriptName ("Already sent a mail for SSID " . $Ssid . ", skipping.") false; + } else={ + :local Link ($DailyPskQrCodeUrl . \ + "?scale=8&level=1&ssid=" . [ $UrlEncode $Ssid ] . "&pass=" . [ $UrlEncode $NewPsk ]); + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "calendar" ] . "daily PSK " . $Ssid); \ + message=("This is the daily PSK on " . $Identity . ":\n\n" . \ + [ $FormatLine "SSID" $Ssid ] . "\n" . \ + [ $FormatLine "PSK" $NewPsk ] . "\n" . \ + [ $FormatLine "Date" $Date ] . "\n\n" . \ + "A client device specific rule must not exist!"); link=$Link }); + :set ($Seen->$Ssid) 1; + } } } } } + +$Main [ :jobname ]; diff --git a/daily-psk.local.rsc b/daily-psk.local.rsc index da12038..72e20ef 100644 --- a/daily-psk.local.rsc +++ b/daily-psk.local.rsc @@ -11,76 +11,81 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global DailyPskMatchComment; -:global DailyPskQrCodeUrl; -:global Identity; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global FormatLine; -:global LogPrintExit2; -:global ScriptLock; -:global SendNotification2; -:global SymbolForNotification; -:global UrlEncode; -:global WaitForFile; -:global WaitFullyConnected; + :global DailyPskMatchComment; + :global DailyPskQrCodeUrl; + :global Identity; -$ScriptLock $0; -$WaitFullyConnected; + :global FormatLine; + :global LogPrintExit2; + :global ScriptLock; + :global SendNotification2; + :global SymbolForNotification; + :global UrlEncode; + :global WaitForFile; + :global WaitFullyConnected; -# return pseudo-random string for PSK -:local GeneratePSK do={ - :local Date [ :tostr $1 ]; + $ScriptLock $ScriptName; + $WaitFullyConnected; - :global DailyPskSecrets; + # return pseudo-random string for PSK + :local GeneratePSK do={ + :local Date [ :tostr $1 ]; - :global ParseDate; + :global DailyPskSecrets; - :set Date [ $ParseDate $Date ]; + :global ParseDate; - :local A ((14 - ($Date->"month")) / 12); - :local B (($Date->"year") - $A); - :local C (($Date->"month") + 12 * $A - 2); - :local WeekDay (7000 + ($Date->"day") + $B + ($B / 4) - ($B / 100) + ($B / 400) + ((31 * $C) / 12)); - :set WeekDay ($WeekDay - (($WeekDay / 7) * 7)); + :set Date [ $ParseDate $Date ]; - :return (($DailyPskSecrets->0->(($Date->"day") - 1)) . \ - ($DailyPskSecrets->1->(($Date->"month") - 1)) . \ - ($DailyPskSecrets->2->$WeekDay)); -} + :local A ((14 - ($Date->"month")) / 12); + :local B (($Date->"year") - $A); + :local C (($Date->"month") + 12 * $A - 2); + :local WeekDay (7000 + ($Date->"day") + $B + ($B / 4) - ($B / 100) + ($B / 400) + ((31 * $C) / 12)); + :set WeekDay ($WeekDay - (($WeekDay / 7) * 7)); -:local Seen ({}); -:local Date [ /system/clock/get date ]; -:local NewPsk [ $GeneratePSK $Date ]; + :return (($DailyPskSecrets->0->(($Date->"day") - 1)) . \ + ($DailyPskSecrets->1->(($Date->"month") - 1)) . \ + ($DailyPskSecrets->2->$WeekDay)); + } -:foreach AccList in=[ /interface/wireless/access-list/find where comment~$DailyPskMatchComment ] do={ - :local IntName [ /interface/wireless/access-list/get $AccList interface ]; - :local Ssid [ /interface/wireless/get $IntName ssid ]; - :local OldPsk [ /interface/wireless/access-list/get $AccList private-pre-shared-key ]; - :local Skip 0; + :local Seen ({}); + :local Date [ /system/clock/get date ]; + :local NewPsk [ $GeneratePSK $Date ]; - :if ($NewPsk != $OldPsk) do={ - $LogPrintExit2 info $0 ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false; - /interface/wireless/access-list/set $AccList private-pre-shared-key=$NewPsk; + :foreach AccList in=[ /interface/wireless/access-list/find where comment~$DailyPskMatchComment ] do={ + :local IntName [ /interface/wireless/access-list/get $AccList interface ]; + :local Ssid [ /interface/wireless/get $IntName ssid ]; + :local OldPsk [ /interface/wireless/access-list/get $AccList private-pre-shared-key ]; + :local Skip 0; - :if ([ :len [ /interface/wireless/find where name=$IntName !disabled ] ] = 1) do={ - :if ($Seen->$Ssid = 1) do={ - $LogPrintExit2 debug $0 ("Already sent a mail for SSID " . $Ssid . ", skipping.") false; - } else={ - :local Link ($DailyPskQrCodeUrl . \ - "?scale=8&level=1&ssid=" . [ $UrlEncode $Ssid ] . "&pass=" . [ $UrlEncode $NewPsk ]); - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "calendar" ] . "daily PSK " . $Ssid); \ - message=("This is the daily PSK on " . $Identity . ":\n\n" . \ - [ $FormatLine "SSID" $Ssid ] . "\n" . \ - [ $FormatLine "PSK" $NewPsk ] . "\n" . \ - [ $FormatLine "Date" $Date ] . "\n\n" . \ - "A client device specific rule must not exist!"); link=$Link }); - :set ($Seen->$Ssid) 1; + :if ($NewPsk != $OldPsk) do={ + $LogPrintExit2 info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false; + /interface/wireless/access-list/set $AccList private-pre-shared-key=$NewPsk; + + :if ([ :len [ /interface/wireless/find where name=$IntName !disabled ] ] = 1) do={ + :if ($Seen->$Ssid = 1) do={ + $LogPrintExit2 debug $ScriptName ("Already sent a mail for SSID " . $Ssid . ", skipping.") false; + } else={ + :local Link ($DailyPskQrCodeUrl . \ + "?scale=8&level=1&ssid=" . [ $UrlEncode $Ssid ] . "&pass=" . [ $UrlEncode $NewPsk ]); + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "calendar" ] . "daily PSK " . $Ssid); \ + message=("This is the daily PSK on " . $Identity . ":\n\n" . \ + [ $FormatLine "SSID" $Ssid ] . "\n" . \ + [ $FormatLine "PSK" $NewPsk ] . "\n" . \ + [ $FormatLine "Date" $Date ] . "\n\n" . \ + "A client device specific rule must not exist!"); link=$Link }); + :set ($Seen->$Ssid) 1; + } } } } } + +$Main [ :jobname ]; diff --git a/daily-psk.template.rsc b/daily-psk.template.rsc index d1abce2..2f2838e 100644 --- a/daily-psk.template.rsc +++ b/daily-psk.template.rsc @@ -12,98 +12,103 @@ # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global DailyPskMatchComment; -:global DailyPskQrCodeUrl; -:global Identity; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global FormatLine; -:global LogPrintExit2; -:global ScriptLock; -:global SendNotification2; -:global SymbolForNotification; -:global UrlEncode; -:global WaitForFile; -:global WaitFullyConnected; + :global DailyPskMatchComment; + :global DailyPskQrCodeUrl; + :global Identity; -$ScriptLock $0; -$WaitFullyConnected; + :global FormatLine; + :global LogPrintExit2; + :global ScriptLock; + :global SendNotification2; + :global SymbolForNotification; + :global UrlEncode; + :global WaitForFile; + :global WaitFullyConnected; -# return pseudo-random string for PSK -:local GeneratePSK do={ - :local Date [ :tostr $1 ]; + $ScriptLock $ScriptName; + $WaitFullyConnected; - :global DailyPskSecrets; + # return pseudo-random string for PSK + :local GeneratePSK do={ + :local Date [ :tostr $1 ]; - :global ParseDate; + :global DailyPskSecrets; - :set Date [ $ParseDate $Date ]; + :global ParseDate; - :local A ((14 - ($Date->"month")) / 12); - :local B (($Date->"year") - $A); - :local C (($Date->"month") + 12 * $A - 2); - :local WeekDay (7000 + ($Date->"day") + $B + ($B / 4) - ($B / 100) + ($B / 400) + ((31 * $C) / 12)); - :set WeekDay ($WeekDay - (($WeekDay / 7) * 7)); + :set Date [ $ParseDate $Date ]; - :return (($DailyPskSecrets->0->(($Date->"day") - 1)) . \ - ($DailyPskSecrets->1->(($Date->"month") - 1)) . \ - ($DailyPskSecrets->2->$WeekDay)); -} + :local A ((14 - ($Date->"month")) / 12); + :local B (($Date->"year") - $A); + :local C (($Date->"month") + 12 * $A - 2); + :local WeekDay (7000 + ($Date->"day") + $B + ($B / 4) - ($B / 100) + ($B / 400) + ((31 * $C) / 12)); + :set WeekDay ($WeekDay - (($WeekDay / 7) * 7)); -:local Seen ({}); -:local Date [ /system/clock/get date ]; -:local NewPsk [ $GeneratePSK $Date ]; + :return (($DailyPskSecrets->0->(($Date->"day") - 1)) . \ + ($DailyPskSecrets->1->(($Date->"month") - 1)) . \ + ($DailyPskSecrets->2->$WeekDay)); + } -:foreach AccList in=[ /caps-man/access-list/find where comment~$DailyPskMatchComment ] do={ -:foreach AccList in=[ /interface/wifi/access-list/find where comment~$DailyPskMatchComment ] do={ -:foreach AccList in=[ /interface/wifiwave2/access-list/find where comment~$DailyPskMatchComment ] do={ -:foreach AccList in=[ /interface/wireless/access-list/find where comment~$DailyPskMatchComment ] do={ - :local SsidRegExp [ /caps-man/access-list/get $AccList ssid-regexp ]; - :local SsidRegExp [ /interface/wifi/access-list/get $AccList ssid-regexp ]; - :local SsidRegExp [ /interface/wifiwave2/access-list/get $AccList ssid-regexp ]; - :local Configuration ([ /caps-man/configuration/find where ssid~$SsidRegExp ]->0); - :local Configuration ([ /interface/wifi/configuration/find where ssid~$SsidRegExp ]->0); - :local Configuration ([ /interface/wifiwave2/configuration/find where ssid~$SsidRegExp ]->0); - :local Ssid [ /caps-man/configuration/get $Configuration ssid ]; - :local Ssid [ /interface/wifi/configuration/get $Configuration ssid ]; - :local Ssid [ /interface/wifiwave2/configuration/get $Configuration ssid ]; - :local OldPsk [ /caps-man/access-list/get $AccList private-passphrase ]; - :local OldPsk [ /interface/wifi/access-list/get $AccList passphrase ]; - :local OldPsk [ /interface/wifiwave2/access-list/get $AccList passphrase ]; - # /caps-man/ /interface/wifi/ /interface/wifiwave2/ above - /interface/wireless/ below - :local IntName [ /interface/wireless/access-list/get $AccList interface ]; - :local Ssid [ /interface/wireless/get $IntName ssid ]; - :local OldPsk [ /interface/wireless/access-list/get $AccList private-pre-shared-key ]; - :local Skip 0; + :local Seen ({}); + :local Date [ /system/clock/get date ]; + :local NewPsk [ $GeneratePSK $Date ]; - :if ($NewPsk != $OldPsk) do={ - $LogPrintExit2 info $0 ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false; - /caps-man/access-list/set $AccList private-passphrase=$NewPsk; - /interface/wifi/access-list/set $AccList passphrase=$NewPsk; - /interface/wifiwave2/access-list/set $AccList passphrase=$NewPsk; - /interface/wireless/access-list/set $AccList private-pre-shared-key=$NewPsk; + :foreach AccList in=[ /caps-man/access-list/find where comment~$DailyPskMatchComment ] do={ + :foreach AccList in=[ /interface/wifi/access-list/find where comment~$DailyPskMatchComment ] do={ + :foreach AccList in=[ /interface/wifiwave2/access-list/find where comment~$DailyPskMatchComment ] do={ + :foreach AccList in=[ /interface/wireless/access-list/find where comment~$DailyPskMatchComment ] do={ + :local SsidRegExp [ /caps-man/access-list/get $AccList ssid-regexp ]; + :local SsidRegExp [ /interface/wifi/access-list/get $AccList ssid-regexp ]; + :local SsidRegExp [ /interface/wifiwave2/access-list/get $AccList ssid-regexp ]; + :local Configuration ([ /caps-man/configuration/find where ssid~$SsidRegExp ]->0); + :local Configuration ([ /interface/wifi/configuration/find where ssid~$SsidRegExp ]->0); + :local Configuration ([ /interface/wifiwave2/configuration/find where ssid~$SsidRegExp ]->0); + :local Ssid [ /caps-man/configuration/get $Configuration ssid ]; + :local Ssid [ /interface/wifi/configuration/get $Configuration ssid ]; + :local Ssid [ /interface/wifiwave2/configuration/get $Configuration ssid ]; + :local OldPsk [ /caps-man/access-list/get $AccList private-passphrase ]; + :local OldPsk [ /interface/wifi/access-list/get $AccList passphrase ]; + :local OldPsk [ /interface/wifiwave2/access-list/get $AccList passphrase ]; + # /caps-man/ /interface/wifi/ /interface/wifiwave2/ above - /interface/wireless/ below + :local IntName [ /interface/wireless/access-list/get $AccList interface ]; + :local Ssid [ /interface/wireless/get $IntName ssid ]; + :local OldPsk [ /interface/wireless/access-list/get $AccList private-pre-shared-key ]; + :local Skip 0; - :if ([ :len [ /caps-man/actual-interface-configuration/find where configuration.ssid=$Ssid !disabled ] ] > 0) do={ - :if ([ :len [ /interface/wifi/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={ - :if ([ :len [ /interface/wifiwave2/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={ - :if ([ :len [ /interface/wireless/find where name=$IntName !disabled ] ] = 1) do={ - :if ($Seen->$Ssid = 1) do={ - $LogPrintExit2 debug $0 ("Already sent a mail for SSID " . $Ssid . ", skipping.") false; - } else={ - :local Link ($DailyPskQrCodeUrl . \ - "?scale=8&level=1&ssid=" . [ $UrlEncode $Ssid ] . "&pass=" . [ $UrlEncode $NewPsk ]); - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "calendar" ] . "daily PSK " . $Ssid); \ - message=("This is the daily PSK on " . $Identity . ":\n\n" . \ - [ $FormatLine "SSID" $Ssid ] . "\n" . \ - [ $FormatLine "PSK" $NewPsk ] . "\n" . \ - [ $FormatLine "Date" $Date ] . "\n\n" . \ - "A client device specific rule must not exist!"); link=$Link }); - :set ($Seen->$Ssid) 1; + :if ($NewPsk != $OldPsk) do={ + $LogPrintExit2 info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false; + /caps-man/access-list/set $AccList private-passphrase=$NewPsk; + /interface/wifi/access-list/set $AccList passphrase=$NewPsk; + /interface/wifiwave2/access-list/set $AccList passphrase=$NewPsk; + /interface/wireless/access-list/set $AccList private-pre-shared-key=$NewPsk; + + :if ([ :len [ /caps-man/actual-interface-configuration/find where configuration.ssid=$Ssid !disabled ] ] > 0) do={ + :if ([ :len [ /interface/wifi/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={ + :if ([ :len [ /interface/wifiwave2/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={ + :if ([ :len [ /interface/wireless/find where name=$IntName !disabled ] ] = 1) do={ + :if ($Seen->$Ssid = 1) do={ + $LogPrintExit2 debug $ScriptName ("Already sent a mail for SSID " . $Ssid . ", skipping.") false; + } else={ + :local Link ($DailyPskQrCodeUrl . \ + "?scale=8&level=1&ssid=" . [ $UrlEncode $Ssid ] . "&pass=" . [ $UrlEncode $NewPsk ]); + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "calendar" ] . "daily PSK " . $Ssid); \ + message=("This is the daily PSK on " . $Identity . ":\n\n" . \ + [ $FormatLine "SSID" $Ssid ] . "\n" . \ + [ $FormatLine "PSK" $NewPsk ] . "\n" . \ + [ $FormatLine "Date" $Date ] . "\n\n" . \ + "A client device specific rule must not exist!"); link=$Link }); + :set ($Seen->$Ssid) 1; + } } } } } + +$Main [ :jobname ]; diff --git a/daily-psk.wifi.rsc b/daily-psk.wifi.rsc index 488d921..e013dd1 100644 --- a/daily-psk.wifi.rsc +++ b/daily-psk.wifi.rsc @@ -11,77 +11,82 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global DailyPskMatchComment; -:global DailyPskQrCodeUrl; -:global Identity; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global FormatLine; -:global LogPrintExit2; -:global ScriptLock; -:global SendNotification2; -:global SymbolForNotification; -:global UrlEncode; -:global WaitForFile; -:global WaitFullyConnected; + :global DailyPskMatchComment; + :global DailyPskQrCodeUrl; + :global Identity; -$ScriptLock $0; -$WaitFullyConnected; + :global FormatLine; + :global LogPrintExit2; + :global ScriptLock; + :global SendNotification2; + :global SymbolForNotification; + :global UrlEncode; + :global WaitForFile; + :global WaitFullyConnected; -# return pseudo-random string for PSK -:local GeneratePSK do={ - :local Date [ :tostr $1 ]; + $ScriptLock $ScriptName; + $WaitFullyConnected; - :global DailyPskSecrets; + # return pseudo-random string for PSK + :local GeneratePSK do={ + :local Date [ :tostr $1 ]; - :global ParseDate; + :global DailyPskSecrets; - :set Date [ $ParseDate $Date ]; + :global ParseDate; - :local A ((14 - ($Date->"month")) / 12); - :local B (($Date->"year") - $A); - :local C (($Date->"month") + 12 * $A - 2); - :local WeekDay (7000 + ($Date->"day") + $B + ($B / 4) - ($B / 100) + ($B / 400) + ((31 * $C) / 12)); - :set WeekDay ($WeekDay - (($WeekDay / 7) * 7)); + :set Date [ $ParseDate $Date ]; - :return (($DailyPskSecrets->0->(($Date->"day") - 1)) . \ - ($DailyPskSecrets->1->(($Date->"month") - 1)) . \ - ($DailyPskSecrets->2->$WeekDay)); -} + :local A ((14 - ($Date->"month")) / 12); + :local B (($Date->"year") - $A); + :local C (($Date->"month") + 12 * $A - 2); + :local WeekDay (7000 + ($Date->"day") + $B + ($B / 4) - ($B / 100) + ($B / 400) + ((31 * $C) / 12)); + :set WeekDay ($WeekDay - (($WeekDay / 7) * 7)); -:local Seen ({}); -:local Date [ /system/clock/get date ]; -:local NewPsk [ $GeneratePSK $Date ]; + :return (($DailyPskSecrets->0->(($Date->"day") - 1)) . \ + ($DailyPskSecrets->1->(($Date->"month") - 1)) . \ + ($DailyPskSecrets->2->$WeekDay)); + } -:foreach AccList in=[ /interface/wifi/access-list/find where comment~$DailyPskMatchComment ] do={ - :local SsidRegExp [ /interface/wifi/access-list/get $AccList ssid-regexp ]; - :local Configuration ([ /interface/wifi/configuration/find where ssid~$SsidRegExp ]->0); - :local Ssid [ /interface/wifi/configuration/get $Configuration ssid ]; - :local OldPsk [ /interface/wifi/access-list/get $AccList passphrase ]; - :local Skip 0; + :local Seen ({}); + :local Date [ /system/clock/get date ]; + :local NewPsk [ $GeneratePSK $Date ]; - :if ($NewPsk != $OldPsk) do={ - $LogPrintExit2 info $0 ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false; - /interface/wifi/access-list/set $AccList passphrase=$NewPsk; + :foreach AccList in=[ /interface/wifi/access-list/find where comment~$DailyPskMatchComment ] do={ + :local SsidRegExp [ /interface/wifi/access-list/get $AccList ssid-regexp ]; + :local Configuration ([ /interface/wifi/configuration/find where ssid~$SsidRegExp ]->0); + :local Ssid [ /interface/wifi/configuration/get $Configuration ssid ]; + :local OldPsk [ /interface/wifi/access-list/get $AccList passphrase ]; + :local Skip 0; - :if ([ :len [ /interface/wifi/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={ - :if ($Seen->$Ssid = 1) do={ - $LogPrintExit2 debug $0 ("Already sent a mail for SSID " . $Ssid . ", skipping.") false; - } else={ - :local Link ($DailyPskQrCodeUrl . \ - "?scale=8&level=1&ssid=" . [ $UrlEncode $Ssid ] . "&pass=" . [ $UrlEncode $NewPsk ]); - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "calendar" ] . "daily PSK " . $Ssid); \ - message=("This is the daily PSK on " . $Identity . ":\n\n" . \ - [ $FormatLine "SSID" $Ssid ] . "\n" . \ - [ $FormatLine "PSK" $NewPsk ] . "\n" . \ - [ $FormatLine "Date" $Date ] . "\n\n" . \ - "A client device specific rule must not exist!"); link=$Link }); - :set ($Seen->$Ssid) 1; + :if ($NewPsk != $OldPsk) do={ + $LogPrintExit2 info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false; + /interface/wifi/access-list/set $AccList passphrase=$NewPsk; + + :if ([ :len [ /interface/wifi/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={ + :if ($Seen->$Ssid = 1) do={ + $LogPrintExit2 debug $ScriptName ("Already sent a mail for SSID " . $Ssid . ", skipping.") false; + } else={ + :local Link ($DailyPskQrCodeUrl . \ + "?scale=8&level=1&ssid=" . [ $UrlEncode $Ssid ] . "&pass=" . [ $UrlEncode $NewPsk ]); + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "calendar" ] . "daily PSK " . $Ssid); \ + message=("This is the daily PSK on " . $Identity . ":\n\n" . \ + [ $FormatLine "SSID" $Ssid ] . "\n" . \ + [ $FormatLine "PSK" $NewPsk ] . "\n" . \ + [ $FormatLine "Date" $Date ] . "\n\n" . \ + "A client device specific rule must not exist!"); link=$Link }); + :set ($Seen->$Ssid) 1; + } } } } } + +$Main [ :jobname ]; diff --git a/daily-psk.wifiwave2.rsc b/daily-psk.wifiwave2.rsc index 89c5c25..75cfb7a 100644 --- a/daily-psk.wifiwave2.rsc +++ b/daily-psk.wifiwave2.rsc @@ -11,77 +11,82 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global DailyPskMatchComment; -:global DailyPskQrCodeUrl; -:global Identity; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global FormatLine; -:global LogPrintExit2; -:global ScriptLock; -:global SendNotification2; -:global SymbolForNotification; -:global UrlEncode; -:global WaitForFile; -:global WaitFullyConnected; + :global DailyPskMatchComment; + :global DailyPskQrCodeUrl; + :global Identity; -$ScriptLock $0; -$WaitFullyConnected; + :global FormatLine; + :global LogPrintExit2; + :global ScriptLock; + :global SendNotification2; + :global SymbolForNotification; + :global UrlEncode; + :global WaitForFile; + :global WaitFullyConnected; -# return pseudo-random string for PSK -:local GeneratePSK do={ - :local Date [ :tostr $1 ]; + $ScriptLock $ScriptName; + $WaitFullyConnected; - :global DailyPskSecrets; + # return pseudo-random string for PSK + :local GeneratePSK do={ + :local Date [ :tostr $1 ]; - :global ParseDate; + :global DailyPskSecrets; - :set Date [ $ParseDate $Date ]; + :global ParseDate; - :local A ((14 - ($Date->"month")) / 12); - :local B (($Date->"year") - $A); - :local C (($Date->"month") + 12 * $A - 2); - :local WeekDay (7000 + ($Date->"day") + $B + ($B / 4) - ($B / 100) + ($B / 400) + ((31 * $C) / 12)); - :set WeekDay ($WeekDay - (($WeekDay / 7) * 7)); + :set Date [ $ParseDate $Date ]; - :return (($DailyPskSecrets->0->(($Date->"day") - 1)) . \ - ($DailyPskSecrets->1->(($Date->"month") - 1)) . \ - ($DailyPskSecrets->2->$WeekDay)); -} + :local A ((14 - ($Date->"month")) / 12); + :local B (($Date->"year") - $A); + :local C (($Date->"month") + 12 * $A - 2); + :local WeekDay (7000 + ($Date->"day") + $B + ($B / 4) - ($B / 100) + ($B / 400) + ((31 * $C) / 12)); + :set WeekDay ($WeekDay - (($WeekDay / 7) * 7)); -:local Seen ({}); -:local Date [ /system/clock/get date ]; -:local NewPsk [ $GeneratePSK $Date ]; + :return (($DailyPskSecrets->0->(($Date->"day") - 1)) . \ + ($DailyPskSecrets->1->(($Date->"month") - 1)) . \ + ($DailyPskSecrets->2->$WeekDay)); + } -:foreach AccList in=[ /interface/wifiwave2/access-list/find where comment~$DailyPskMatchComment ] do={ - :local SsidRegExp [ /interface/wifiwave2/access-list/get $AccList ssid-regexp ]; - :local Configuration ([ /interface/wifiwave2/configuration/find where ssid~$SsidRegExp ]->0); - :local Ssid [ /interface/wifiwave2/configuration/get $Configuration ssid ]; - :local OldPsk [ /interface/wifiwave2/access-list/get $AccList passphrase ]; - :local Skip 0; + :local Seen ({}); + :local Date [ /system/clock/get date ]; + :local NewPsk [ $GeneratePSK $Date ]; - :if ($NewPsk != $OldPsk) do={ - $LogPrintExit2 info $0 ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false; - /interface/wifiwave2/access-list/set $AccList passphrase=$NewPsk; + :foreach AccList in=[ /interface/wifiwave2/access-list/find where comment~$DailyPskMatchComment ] do={ + :local SsidRegExp [ /interface/wifiwave2/access-list/get $AccList ssid-regexp ]; + :local Configuration ([ /interface/wifiwave2/configuration/find where ssid~$SsidRegExp ]->0); + :local Ssid [ /interface/wifiwave2/configuration/get $Configuration ssid ]; + :local OldPsk [ /interface/wifiwave2/access-list/get $AccList passphrase ]; + :local Skip 0; - :if ([ :len [ /interface/wifiwave2/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={ - :if ($Seen->$Ssid = 1) do={ - $LogPrintExit2 debug $0 ("Already sent a mail for SSID " . $Ssid . ", skipping.") false; - } else={ - :local Link ($DailyPskQrCodeUrl . \ - "?scale=8&level=1&ssid=" . [ $UrlEncode $Ssid ] . "&pass=" . [ $UrlEncode $NewPsk ]); - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "calendar" ] . "daily PSK " . $Ssid); \ - message=("This is the daily PSK on " . $Identity . ":\n\n" . \ - [ $FormatLine "SSID" $Ssid ] . "\n" . \ - [ $FormatLine "PSK" $NewPsk ] . "\n" . \ - [ $FormatLine "Date" $Date ] . "\n\n" . \ - "A client device specific rule must not exist!"); link=$Link }); - :set ($Seen->$Ssid) 1; + :if ($NewPsk != $OldPsk) do={ + $LogPrintExit2 info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false; + /interface/wifiwave2/access-list/set $AccList passphrase=$NewPsk; + + :if ([ :len [ /interface/wifiwave2/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={ + :if ($Seen->$Ssid = 1) do={ + $LogPrintExit2 debug $ScriptName ("Already sent a mail for SSID " . $Ssid . ", skipping.") false; + } else={ + :local Link ($DailyPskQrCodeUrl . \ + "?scale=8&level=1&ssid=" . [ $UrlEncode $Ssid ] . "&pass=" . [ $UrlEncode $NewPsk ]); + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "calendar" ] . "daily PSK " . $Ssid); \ + message=("This is the daily PSK on " . $Identity . ":\n\n" . \ + [ $FormatLine "SSID" $Ssid ] . "\n" . \ + [ $FormatLine "PSK" $NewPsk ] . "\n" . \ + [ $FormatLine "Date" $Date ] . "\n\n" . \ + "A client device specific rule must not exist!"); link=$Link }); + :set ($Seen->$Ssid) 1; + } } } } } + +$Main [ :jobname ]; From 82ec11f2fcc57b6842e0e1f6b92078dac15d6289 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:00 +0100 Subject: [PATCH 204/908] dhcp-lease-comment: move code into function --- dhcp-lease-comment.capsman.rsc | 33 +++++++++++++---------- dhcp-lease-comment.local.rsc | 33 +++++++++++++---------- dhcp-lease-comment.template.rsc | 45 ++++++++++++++++++-------------- dhcp-lease-comment.wifi.rsc | 33 +++++++++++++---------- dhcp-lease-comment.wifiwave2.rsc | 33 +++++++++++++---------- 5 files changed, 101 insertions(+), 76 deletions(-) diff --git a/dhcp-lease-comment.capsman.rsc b/dhcp-lease-comment.capsman.rsc index a3df2ef..825077a 100644 --- a/dhcp-lease-comment.capsman.rsc +++ b/dhcp-lease-comment.capsman.rsc @@ -11,24 +11,29 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global LogPrintExit2; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0; + :global LogPrintExit2; + :global ScriptLock; -:foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={ - :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; - :local NewComment; - :local AccessList ([ /caps-man/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); - :if ([ :len $AccessList ] > 0) do={ - :set NewComment [ /caps-man/access-list/get $AccessList comment ]; - } - :if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={ - $LogPrintExit2 info $0 ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment) false; - /ip/dhcp-server/lease/set comment=$NewComment $Lease; + $ScriptLock $ScriptName; + + :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={ + :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; + :local NewComment; + :local AccessList ([ /caps-man/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); + :if ([ :len $AccessList ] > 0) do={ + :set NewComment [ /caps-man/access-list/get $AccessList comment ]; + } + :if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={ + $LogPrintExit2 info $ScriptName ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment) false; + /ip/dhcp-server/lease/set comment=$NewComment $Lease; + } } } + +$Main [ :jobname ]; diff --git a/dhcp-lease-comment.local.rsc b/dhcp-lease-comment.local.rsc index 5ccb916..13c04a7 100644 --- a/dhcp-lease-comment.local.rsc +++ b/dhcp-lease-comment.local.rsc @@ -11,24 +11,29 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global LogPrintExit2; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0; + :global LogPrintExit2; + :global ScriptLock; -:foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={ - :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; - :local NewComment; - :local AccessList ([ /interface/wireless/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); - :if ([ :len $AccessList ] > 0) do={ - :set NewComment [ /interface/wireless/access-list/get $AccessList comment ]; - } - :if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={ - $LogPrintExit2 info $0 ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment) false; - /ip/dhcp-server/lease/set comment=$NewComment $Lease; + $ScriptLock $ScriptName; + + :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={ + :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; + :local NewComment; + :local AccessList ([ /interface/wireless/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); + :if ([ :len $AccessList ] > 0) do={ + :set NewComment [ /interface/wireless/access-list/get $AccessList comment ]; + } + :if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={ + $LogPrintExit2 info $ScriptName ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment) false; + /ip/dhcp-server/lease/set comment=$NewComment $Lease; + } } } + +$Main [ :jobname ]; diff --git a/dhcp-lease-comment.template.rsc b/dhcp-lease-comment.template.rsc index 02bc18c..9f79d06 100644 --- a/dhcp-lease-comment.template.rsc +++ b/dhcp-lease-comment.template.rsc @@ -12,30 +12,35 @@ # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global LogPrintExit2; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0; + :global LogPrintExit2; + :global ScriptLock; -:foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={ - :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; - :local NewComment; - :local AccessList ([ /caps-man/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); - :local AccessList ([ /interface/wifi/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); - :local AccessList ([ /interface/wifiwave2/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); - :local AccessList ([ /interface/wireless/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); - :if ([ :len $AccessList ] > 0) do={ - :set NewComment [ /caps-man/access-list/get $AccessList comment ]; - :set NewComment [ /interface/wifi/access-list/get $AccessList comment ]; - :set NewComment [ /interface/wifiwave2/access-list/get $AccessList comment ]; - :set NewComment [ /interface/wireless/access-list/get $AccessList comment ]; - } - :if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={ - $LogPrintExit2 info $0 ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment) false; - /ip/dhcp-server/lease/set comment=$NewComment $Lease; + $ScriptLock $ScriptName; + + :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={ + :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; + :local NewComment; + :local AccessList ([ /caps-man/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); + :local AccessList ([ /interface/wifi/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); + :local AccessList ([ /interface/wifiwave2/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); + :local AccessList ([ /interface/wireless/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); + :if ([ :len $AccessList ] > 0) do={ + :set NewComment [ /caps-man/access-list/get $AccessList comment ]; + :set NewComment [ /interface/wifi/access-list/get $AccessList comment ]; + :set NewComment [ /interface/wifiwave2/access-list/get $AccessList comment ]; + :set NewComment [ /interface/wireless/access-list/get $AccessList comment ]; + } + :if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={ + $LogPrintExit2 info $ScriptName ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment) false; + /ip/dhcp-server/lease/set comment=$NewComment $Lease; + } } } + +$Main [ :jobname ]; diff --git a/dhcp-lease-comment.wifi.rsc b/dhcp-lease-comment.wifi.rsc index 337f282..cba1d6c 100644 --- a/dhcp-lease-comment.wifi.rsc +++ b/dhcp-lease-comment.wifi.rsc @@ -11,24 +11,29 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global LogPrintExit2; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0; + :global LogPrintExit2; + :global ScriptLock; -:foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={ - :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; - :local NewComment; - :local AccessList ([ /interface/wifi/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); - :if ([ :len $AccessList ] > 0) do={ - :set NewComment [ /interface/wifi/access-list/get $AccessList comment ]; - } - :if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={ - $LogPrintExit2 info $0 ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment) false; - /ip/dhcp-server/lease/set comment=$NewComment $Lease; + $ScriptLock $ScriptName; + + :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={ + :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; + :local NewComment; + :local AccessList ([ /interface/wifi/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); + :if ([ :len $AccessList ] > 0) do={ + :set NewComment [ /interface/wifi/access-list/get $AccessList comment ]; + } + :if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={ + $LogPrintExit2 info $ScriptName ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment) false; + /ip/dhcp-server/lease/set comment=$NewComment $Lease; + } } } + +$Main [ :jobname ]; diff --git a/dhcp-lease-comment.wifiwave2.rsc b/dhcp-lease-comment.wifiwave2.rsc index 5c0c513..137ac6d 100644 --- a/dhcp-lease-comment.wifiwave2.rsc +++ b/dhcp-lease-comment.wifiwave2.rsc @@ -11,24 +11,29 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global LogPrintExit2; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0; + :global LogPrintExit2; + :global ScriptLock; -:foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={ - :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; - :local NewComment; - :local AccessList ([ /interface/wifiwave2/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); - :if ([ :len $AccessList ] > 0) do={ - :set NewComment [ /interface/wifiwave2/access-list/get $AccessList comment ]; - } - :if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={ - $LogPrintExit2 info $0 ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment) false; - /ip/dhcp-server/lease/set comment=$NewComment $Lease; + $ScriptLock $ScriptName; + + :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={ + :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; + :local NewComment; + :local AccessList ([ /interface/wifiwave2/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); + :if ([ :len $AccessList ] > 0) do={ + :set NewComment [ /interface/wifiwave2/access-list/get $AccessList comment ]; + } + :if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={ + $LogPrintExit2 info $ScriptName ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment) false; + /ip/dhcp-server/lease/set comment=$NewComment $Lease; + } } } + +$Main [ :jobname ]; From 29f544d18d00fcc5e79909c3451c718cf65b718e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:01 +0100 Subject: [PATCH 205/908] dhcp-to-dns: move code into function --- dhcp-to-dns.rsc | 181 +++++++++++++++++++++++++----------------------- 1 file changed, 93 insertions(+), 88 deletions(-) diff --git a/dhcp-to-dns.rsc b/dhcp-to-dns.rsc index a8ae466..1cdd86e 100644 --- a/dhcp-to-dns.rsc +++ b/dhcp-to-dns.rsc @@ -9,113 +9,118 @@ # check DHCP leases and add/remove/update DNS entries # https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-to-dns.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global Domain; -:global Identity; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global CleanName; -:global EitherOr; -:global IfThenElse; -:global LogPrintExit2; -:global LogPrintOnce; -:global ParseKeyValueStore; -:global ScriptLock; + :global Domain; + :global Identity; -$ScriptLock $0 false 10; + :global CleanName; + :global EitherOr; + :global IfThenElse; + :global LogPrintExit2; + :global LogPrintOnce; + :global ParseKeyValueStore; + :global ScriptLock; -:local Ttl 5m; -:local CommentPrefix ("managed by " . $0); -:local CommentString ("--- " . $0 . " above ---"); + $ScriptLock $ScriptName false 10; -:if ([ :len [ /ip/dns/static/find where (name=$CommentString or (comment=$CommentString and name=-)) type=NXDOMAIN disabled ] ] = 0) do={ - /ip/dns/static/add name=$CommentString type=NXDOMAIN disabled=yes; - $LogPrintExit2 warning $0 ("Added disabled static dns record with name '" . $CommentString . "'.") false; -} -:local PlaceBefore ([ /ip/dns/static/find where (name=$CommentString or (comment=$CommentString and name=-)) type=NXDOMAIN disabled ]->0); + :local Ttl 5m; + :local CommentPrefix ("managed by " . $ScriptName); + :local CommentString ("--- " . $ScriptName . " above ---"); -:foreach DnsRecord in=[ /ip/dns/static/find where comment~("^" . $CommentPrefix . "\\b") (!type or type=A) ] do={ - :local DnsRecordVal [ /ip/dns/static/get $DnsRecord ]; - :local DnsRecordInfo [ $ParseKeyValueStore ($DnsRecordVal->"comment") ]; - :local MacInServer ($DnsRecordInfo->"macaddress" . " in " . $DnsRecordInfo->"server"); - - :if ([ :len [ /ip/dhcp-server/lease/find where active-mac-address=($DnsRecordInfo->"macaddress") \ - active-address=($DnsRecordVal->"address") server=($DnsRecordInfo->"server") status=bound ] ] > 0) do={ - $LogPrintExit2 debug $0 ("Lease for " . $MacInServer . " (" . $DnsRecordVal->"name" . ") still exists. Not deleting record.") false; - } else={ - :local Found false; - $LogPrintExit2 info $0 ("Lease expired for " . $MacInServer . ", deleting record (" . $DnsRecordVal->"name" . ").") false; - /ip/dns/static/remove $DnsRecord; - /ip/dns/static/remove [ find where type=CNAME comment=($DnsRecordVal->"comment") ]; + :if ([ :len [ /ip/dns/static/find where (name=$CommentString or (comment=$CommentString and name=-)) type=NXDOMAIN disabled ] ] = 0) do={ + /ip/dns/static/add name=$CommentString type=NXDOMAIN disabled=yes; + $LogPrintExit2 warning $ScriptName ("Added disabled static dns record with name '" . $CommentString . "'.") false; } -} + :local PlaceBefore ([ /ip/dns/static/find where (name=$CommentString or (comment=$CommentString and name=-)) type=NXDOMAIN disabled ]->0); -:foreach Lease in=[ /ip/dhcp-server/lease/find where status=bound ] do={ - :local LeaseVal; - :do { - :set LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; - :if ([ :len [ /ip/dhcp-server/lease/find where active-mac-address=($LeaseVal->"active-mac-address") status=bound ] ] > 1) do={ - $LogPrintOnce info $0 ("Multiple bound leases found for mac-address " . ($LeaseVal->"active-mac-address") . "!") false; + :foreach DnsRecord in=[ /ip/dns/static/find where comment~("^" . $CommentPrefix . "\\b") (!type or type=A) ] do={ + :local DnsRecordVal [ /ip/dns/static/get $DnsRecord ]; + :local DnsRecordInfo [ $ParseKeyValueStore ($DnsRecordVal->"comment") ]; + :local MacInServer ($DnsRecordInfo->"macaddress" . " in " . $DnsRecordInfo->"server"); + + :if ([ :len [ /ip/dhcp-server/lease/find where active-mac-address=($DnsRecordInfo->"macaddress") \ + active-address=($DnsRecordVal->"address") server=($DnsRecordInfo->"server") status=bound ] ] > 0) do={ + $LogPrintExit2 debug $ScriptName ("Lease for " . $MacInServer . " (" . $DnsRecordVal->"name" . ") still exists. Not deleting record.") false; + } else={ + :local Found false; + $LogPrintExit2 info $ScriptName ("Lease expired for " . $MacInServer . ", deleting record (" . $DnsRecordVal->"name" . ").") false; + /ip/dns/static/remove $DnsRecord; + /ip/dns/static/remove [ find where type=CNAME comment=($DnsRecordVal->"comment") ]; } - } on-error={ - $LogPrintExit2 debug $0 ("A lease just vanished, ignoring.") false; } - :if ([ :len ($LeaseVal->"active-address") ] > 0) do={ - :local Comment ($CommentPrefix . ", macaddress=" . $LeaseVal->"active-mac-address" . ", server=" . $LeaseVal->"server"); - :local MacDash [ $CleanName ($LeaseVal->"active-mac-address") ]; - :local HostName [ $CleanName [ $EitherOr ([ $ParseKeyValueStore ($LeaseVal->"comment") ]->"hostname") ($LeaseVal->"host-name") ] ]; - :local Network [ /ip/dhcp-server/network/find where ($LeaseVal->"active-address") in address ]; - :local NetworkVal; - :if ([ :len $Network ] > 0) do={ - :set NetworkVal [ /ip/dhcp-server/network/get ($Network->0) ]; - } - :local NetworkInfo [ $ParseKeyValueStore ($NetworkVal->"comment") ]; - :local NetDomain ([ $IfThenElse ([ :len ($NetworkInfo->"name-extra") ] > 0) ($NetworkInfo->"name-extra" . ".") ] . \ - [ $EitherOr [ $EitherOr ($NetworkInfo->"domain") ($NetworkVal->"domain") ] $Domain ]); - :local FullA ($MacDash . "." . $NetDomain); - :local FullCN ($HostName . "." . $NetDomain); - :local MacInServer ($LeaseVal->"active-mac-address" . " in " . $LeaseVal->"server"); - - :local DnsRecord [ /ip/dns/static/find where comment=$Comment (!type or type=A) ]; - :if ([ :len $DnsRecord ] > 0) do={ - :local DnsRecordVal [ /ip/dns/static/get $DnsRecord ]; - - :if ($DnsRecordVal->"address" = $LeaseVal->"active-address" && $DnsRecordVal->"name" = $FullA) do={ - $LogPrintExit2 debug $0 ("The A record for " . $MacInServer . " (" . $FullA . ") does not need updating.") false; - } else={ - $LogPrintExit2 info $0 ("Updating A record for " . $MacInServer . " (" . $FullA . " -> " . $LeaseVal->"active-address" . ").") false; - /ip/dns/static/set address=($LeaseVal->"active-address") name=$FullA $DnsRecord; + :foreach Lease in=[ /ip/dhcp-server/lease/find where status=bound ] do={ + :local LeaseVal; + :do { + :set LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; + :if ([ :len [ /ip/dhcp-server/lease/find where active-mac-address=($LeaseVal->"active-mac-address") status=bound ] ] > 1) do={ + $LogPrintOnce info $ScriptName ("Multiple bound leases found for mac-address " . ($LeaseVal->"active-mac-address") . "!") false; } + } on-error={ + $LogPrintExit2 debug $ScriptName ("A lease just vanished, ignoring.") false; + } - :local CName [ /ip/dns/static/find where comment=$Comment type=CNAME ]; - :if ([ :len $CName ] > 0) do={ - :local CNameVal [ /ip/dns/static/get $CName ]; - :if ($CNameVal->"name" != $FullCN || $CNameVal->"cname" != $FullA) do={ - $LogPrintExit2 info $0 ("Deleting CNAME record with wrong data for " . $MacInServer . ".") false; - /ip/dns/static/remove $CName; + :if ([ :len ($LeaseVal->"active-address") ] > 0) do={ + :local Comment ($CommentPrefix . ", macaddress=" . $LeaseVal->"active-mac-address" . ", server=" . $LeaseVal->"server"); + :local MacDash [ $CleanName ($LeaseVal->"active-mac-address") ]; + :local HostName [ $CleanName [ $EitherOr ([ $ParseKeyValueStore ($LeaseVal->"comment") ]->"hostname") ($LeaseVal->"host-name") ] ]; + :local Network [ /ip/dhcp-server/network/find where ($LeaseVal->"active-address") in address ]; + :local NetworkVal; + :if ([ :len $Network ] > 0) do={ + :set NetworkVal [ /ip/dhcp-server/network/get ($Network->0) ]; + } + :local NetworkInfo [ $ParseKeyValueStore ($NetworkVal->"comment") ]; + :local NetDomain ([ $IfThenElse ([ :len ($NetworkInfo->"name-extra") ] > 0) ($NetworkInfo->"name-extra" . ".") ] . \ + [ $EitherOr [ $EitherOr ($NetworkInfo->"domain") ($NetworkVal->"domain") ] $Domain ]); + :local FullA ($MacDash . "." . $NetDomain); + :local FullCN ($HostName . "." . $NetDomain); + :local MacInServer ($LeaseVal->"active-mac-address" . " in " . $LeaseVal->"server"); + + :local DnsRecord [ /ip/dns/static/find where comment=$Comment (!type or type=A) ]; + :if ([ :len $DnsRecord ] > 0) do={ + :local DnsRecordVal [ /ip/dns/static/get $DnsRecord ]; + + :if ($DnsRecordVal->"address" = $LeaseVal->"active-address" && $DnsRecordVal->"name" = $FullA) do={ + $LogPrintExit2 debug $ScriptName ("The A record for " . $MacInServer . " (" . $FullA . ") does not need updating.") false; + } else={ + $LogPrintExit2 info $ScriptName ("Updating A record for " . $MacInServer . " (" . $FullA . " -> " . $LeaseVal->"active-address" . ").") false; + /ip/dns/static/set address=($LeaseVal->"active-address") name=$FullA $DnsRecord; + } + + :local CName [ /ip/dns/static/find where comment=$Comment type=CNAME ]; + :if ([ :len $CName ] > 0) do={ + :local CNameVal [ /ip/dns/static/get $CName ]; + :if ($CNameVal->"name" != $FullCN || $CNameVal->"cname" != $FullA) do={ + $LogPrintExit2 info $ScriptName ("Deleting CNAME record with wrong data for " . $MacInServer . ".") false; + /ip/dns/static/remove $CName; + } + } + :if ([ :len $HostName ] > 0 && [ :len [ /ip/dns/static/find where name=$FullCN type=CNAME ] ] = 0) do={ + $LogPrintExit2 info $ScriptName ("Adding CNAME record for " . $MacInServer . " (" . $FullCN . " -> " . $FullA . ").") false; + /ip/dns/static/add name=$FullCN type=CNAME cname=$FullA ttl=$Ttl comment=$Comment place-before=$PlaceBefore; + } + + } else={ + $LogPrintExit2 info $ScriptName ("Adding A record for " . $MacInServer . " (" . $FullA . " -> " . $LeaseVal->"active-address" . ").") false; + /ip/dns/static/add name=$FullA type=A address=($LeaseVal->"active-address") ttl=$Ttl comment=$Comment place-before=$PlaceBefore; + :if ([ :len $HostName ] > 0 && [ :len [ /ip/dns/static/find where name=$FullCN type=CNAME ] ] = 0) do={ + $LogPrintExit2 info $ScriptName ("Adding CNAME record for " . $MacInServer . " (" . $FullCN . " -> " . $FullA . ").") false; + /ip/dns/static/add name=$FullCN type=CNAME cname=$FullA ttl=$Ttl comment=$Comment place-before=$PlaceBefore; } } - :if ([ :len $HostName ] > 0 && [ :len [ /ip/dns/static/find where name=$FullCN type=CNAME ] ] = 0) do={ - $LogPrintExit2 info $0 ("Adding CNAME record for " . $MacInServer . " (" . $FullCN . " -> " . $FullA . ").") false; - /ip/dns/static/add name=$FullCN type=CNAME cname=$FullA ttl=$Ttl comment=$Comment place-before=$PlaceBefore; - } + :if ([ :len [ /ip/dns/static/find where name=$FullA (!type or type=A) ] ] > 1) do={ + $LogPrintOnce warning $ScriptName ("The name '" . $FullA . "' appeared in more than one A record!") false; + } } else={ - $LogPrintExit2 info $0 ("Adding A record for " . $MacInServer . " (" . $FullA . " -> " . $LeaseVal->"active-address" . ").") false; - /ip/dns/static/add name=$FullA type=A address=($LeaseVal->"active-address") ttl=$Ttl comment=$Comment place-before=$PlaceBefore; - :if ([ :len $HostName ] > 0 && [ :len [ /ip/dns/static/find where name=$FullCN type=CNAME ] ] = 0) do={ - $LogPrintExit2 info $0 ("Adding CNAME record for " . $MacInServer . " (" . $FullCN . " -> " . $FullA . ").") false; - /ip/dns/static/add name=$FullCN type=CNAME cname=$FullA ttl=$Ttl comment=$Comment place-before=$PlaceBefore; - } + $LogPrintExit2 debug $ScriptName ("No address available... Ignoring.") false; } - - :if ([ :len [ /ip/dns/static/find where name=$FullA (!type or type=A) ] ] > 1) do={ - $LogPrintOnce warning $0 ("The name '" . $FullA . "' appeared in more than one A record!") false; - } - } else={ - $LogPrintExit2 debug $0 ("No address available... Ignoring.") false; } } + +$Main [ :jobname ]; From cf986caf8d1b2eda83fad2b6c6daecbf0e93a8c7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:01 +0100 Subject: [PATCH 206/908] firmware-upgrade-reboot: move code into function --- firmware-upgrade-reboot.rsc | 65 ++++++++++++++++++++----------------- 1 file changed, 35 insertions(+), 30 deletions(-) diff --git a/firmware-upgrade-reboot.rsc b/firmware-upgrade-reboot.rsc index adcea73..efe22ae 100644 --- a/firmware-upgrade-reboot.rsc +++ b/firmware-upgrade-reboot.rsc @@ -8,40 +8,45 @@ # install firmware upgrade, and reboot # https://git.eworm.de/cgit/routeros-scripts/about/doc/firmware-upgrade-reboot.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global LogPrintExit2; -:global ScriptLock; -:global VersionToNum; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0; + :global LogPrintExit2; + :global ScriptLock; + :global VersionToNum; -:local RouterBoard [ /system/routerboard/get ]; -:if ($RouterBoard->"current-firmware" = $RouterBoard->"upgrade-firmware") do={ - $LogPrintExit2 info $0 ("Current and upgrade firmware match with version " . \ - $RouterBoard->"current-firmware" . ".") true; -} -:if ([ $VersionToNum ($RouterBoard->"current-firmware") ] > [ $VersionToNum ($RouterBoard->"upgrade-firmware") ]) do={ - $LogPrintExit2 info $0 ("Different firmware version is available, but it is a downgrade. Ignoring.") true; + $ScriptLock $ScriptName; + + :local RouterBoard [ /system/routerboard/get ]; + :if ($RouterBoard->"current-firmware" = $RouterBoard->"upgrade-firmware") do={ + $LogPrintExit2 info $ScriptName ("Current and upgrade firmware match with version " . \ + $RouterBoard->"current-firmware" . ".") true; + } + :if ([ $VersionToNum ($RouterBoard->"current-firmware") ] > [ $VersionToNum ($RouterBoard->"upgrade-firmware") ]) do={ + $LogPrintExit2 info $ScriptName ("Different firmware version is available, but it is a downgrade. Ignoring.") true; + } + + :if ([ /system/routerboard/settings/get auto-upgrade ] = false) do={ + $LogPrintExit2 info $ScriptName ("Firmware version " . $RouterBoard->"upgrade-firmware" . \ + " is available, upgrading.") false; + /system/routerboard/upgrade; + } + + :while ([ :len [ /log/find where topics=({"system";"info";"critical"}) \ + message="Firmware upgraded successfully, please reboot for changes to take effect!" ] ] = 0) do={ + :delay 1s; + } + + :local Uptime [ /system/resource/get uptime ]; + :if ($Uptime < 1m) do={ + :delay $Uptime; + } + + $LogPrintExit2 info $ScriptName ("Firmware upgrade successful, rebooting.") false; + /system/reboot; } -:if ([ /system/routerboard/settings/get auto-upgrade ] = false) do={ - $LogPrintExit2 info $0 ("Firmware version " . $RouterBoard->"upgrade-firmware" . \ - " is available, upgrading.") false; - /system/routerboard/upgrade; -} - -:while ([ :len [ /log/find where topics=({"system";"info";"critical"}) \ - message="Firmware upgraded successfully, please reboot for changes to take effect!" ] ] = 0) do={ - :delay 1s; -} - -:local Uptime [ /system/resource/get uptime ]; -:if ($Uptime < 1m) do={ - :delay $Uptime; -} - -$LogPrintExit2 info $0 ("Firmware upgrade successful, rebooting.") false; -/system/reboot; +$Main [ :jobname ]; From 480ad0c196f7edd0abbf376af2802446c23e78e1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:01 +0100 Subject: [PATCH 207/908] fw-addr-lists: move code into function --- fw-addr-lists.rsc | 235 +++++++++++++++++++++++----------------------- 1 file changed, 120 insertions(+), 115 deletions(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 14da2e2..d4ac519 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -8,147 +8,152 @@ # download, import and update firewall address-lists # https://git.eworm.de/cgit/routeros-scripts/about/doc/fw-addr-lists.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global FetchUserAgent; -:global FwAddrLists; -:global FwAddrListTimeOut; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global CertificateAvailable; -:global EitherOr; -:global LogPrintExit2; -:global LogPrintOnce; -:global ScriptLock; -:global WaitFullyConnected; + :global FetchUserAgent; + :global FwAddrLists; + :global FwAddrListTimeOut; -:local FindDelim do={ - :local ValidChars "0123456789.:/ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-"; - :for I from=0 to=[ :len $1 ] do={ - :if ([ :typeof [ :find $ValidChars [ :pick ($1 . " ") $I ] ] ] != "num") do={ - :return $I; + :global CertificateAvailable; + :global EitherOr; + :global LogPrintExit2; + :global LogPrintOnce; + :global ScriptLock; + :global WaitFullyConnected; + + :local FindDelim do={ + :local ValidChars "0123456789.:/ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-"; + :for I from=0 to=[ :len $1 ] do={ + :if ([ :typeof [ :find $ValidChars [ :pick ($1 . " ") $I ] ] ] != "num") do={ + :return $I; + } } } -} -$ScriptLock $0; -$WaitFullyConnected; + $ScriptLock $ScriptName; + $WaitFullyConnected; -:local ListComment ("managed by " . $0); + :local ListComment ("managed by " . $ScriptName); -:foreach FwListName,FwList in=$FwAddrLists do={ - :local CntAdd 0; - :local CntRenew 0; - :local CntRemove 0; - :local IPv4Addresses ({}); - :local IPv6Addresses ({}); - :local Failure false; + :foreach FwListName,FwList in=$FwAddrLists do={ + :local CntAdd 0; + :local CntRenew 0; + :local CntRemove 0; + :local IPv4Addresses ({}); + :local IPv6Addresses ({}); + :local Failure false; - :foreach List in=$FwList do={ - :local CheckCertificate "no"; - :local Data false; - :local TimeOut [ $EitherOr [ :totime ($List->"timeout") ] $FwAddrListTimeOut ]; + :foreach List in=$FwList do={ + :local CheckCertificate "no"; + :local Data false; + :local TimeOut [ $EitherOr [ :totime ($List->"timeout") ] $FwAddrListTimeOut ]; - :if ([ :len ($List->"cert") ] > 0) do={ - :set CheckCertificate "yes-without-crl"; - :if ([ $CertificateAvailable ($List->"cert") ] = false) do={ - $LogPrintExit2 warning $0 ("Downloading required certificate failed, trying anyway.") false; + :if ([ :len ($List->"cert") ] > 0) do={ + :set CheckCertificate "yes-without-crl"; + :if ([ $CertificateAvailable ($List->"cert") ] = false) do={ + $LogPrintExit2 warning $ScriptName ("Downloading required certificate failed, trying anyway.") false; + } + } + + :for I from=1 to=4 do={ + :if ($Data = false) do={ + :do { + :set Data ([ /tool/fetch check-certificate=$CheckCertificate output=user \ + http-header-field=({ $FetchUserAgent }) ($List->"url") as-value ]->"data"); + } on-error={ + :if ($I < 4) do={ + $LogPrintExit2 debug $ScriptName ("Failed downloading, " . $I . ". try: " . $List->"url") false; + :delay (($I * $I) . "s"); + } + } + } + } + + :if ($Data = false) do={ + :set Data ""; + :set Failure true; + $LogPrintExit2 warning $ScriptName ("Failed downloading list from: " . $List->"url") false; + } + + :if ([ :len $Data ] > 63000) do={ + $LogPrintOnce warning $ScriptName ("The list is huge and may be truncated: " . $List->"url") false; + } + + :while ([ :len $Data ] != 0) do={ + :local Line [ :pick $Data 0 [ :find $Data "\n" ] ]; + :local Address ([ :pick $Line 0 [ $FindDelim $Line ] ] . ($List->"cidr")); + :if ($Address ~ "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}(/[0-9]{1,2})?\$" || \ + $Address ~ "^[\\.a-zA-Z0-9-]+\\.[a-zA-Z]{2,}\$") do={ + :set ($IPv4Addresses->$Address) $TimeOut; + } + :if ($Address ~ "^[0-9a-zA-Z]*:[0-9a-zA-Z:\\.]+(/[0-9]{1,3})?\$" || \ + $Address ~ "^[\\.a-zA-Z0-9-]+\\.[a-zA-Z]{2,}\$") do={ + :set ($IPv6Addresses->$Address) $TimeOut; + } + :set Data [ :pick $Data ([ :len $Line ] + 1) [ :len $Data ] ]; } } - :for I from=1 to=4 do={ - :if ($Data = false) do={ - :do { - :set Data ([ /tool/fetch check-certificate=$CheckCertificate output=user \ - http-header-field=({ $FetchUserAgent }) ($List->"url") as-value ]->"data"); - } on-error={ - :if ($I < 4) do={ - $LogPrintExit2 debug $0 ("Failed downloading, " . $I . ". try: " . $List->"url") false; - :delay (($I * $I) . "s"); - } + :foreach Entry in=[ /ip/firewall/address-list/find where list=$FwListName comment=$ListComment ] do={ + :local Address [ /ip/firewall/address-list/get $Entry address ]; + :if ([ :typeof ($IPv4Addresses->$Address) ] = "time") do={ + $LogPrintExit2 debug $ScriptName ("Renewing IPv4 address for " . ($IPv4Addresses->$Address) . ": " . $Address) false; + /ip/firewall/address-list/set $Entry timeout=($IPv4Addresses->$Address); + :set ($IPv4Addresses->$Address); + :set CntRenew ($CntRenew + 1); + } else={ + :if ($Failure = false) do={ + $LogPrintExit2 debug $ScriptName ("Removing IPv4 address: " . $Address) false; + /ip/firewall/address-list/remove $Entry; + :set CntRemove ($CntRemove + 1); } } } - :if ($Data = false) do={ - :set Data ""; - :set Failure true; - $LogPrintExit2 warning $0 ("Failed downloading list from: " . $List->"url") false; - } - - :if ([ :len $Data ] > 63000) do={ - $LogPrintOnce warning $0 ("The list is huge and may be truncated: " . $List->"url") false; - } - - :while ([ :len $Data ] != 0) do={ - :local Line [ :pick $Data 0 [ :find $Data "\n" ] ]; - :local Address ([ :pick $Line 0 [ $FindDelim $Line ] ] . ($List->"cidr")); - :if ($Address ~ "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}(/[0-9]{1,2})?\$" || \ - $Address ~ "^[\\.a-zA-Z0-9-]+\\.[a-zA-Z]{2,}\$") do={ - :set ($IPv4Addresses->$Address) $TimeOut; - } - :if ($Address ~ "^[0-9a-zA-Z]*:[0-9a-zA-Z:\\.]+(/[0-9]{1,3})?\$" || \ - $Address ~ "^[\\.a-zA-Z0-9-]+\\.[a-zA-Z]{2,}\$") do={ - :set ($IPv6Addresses->$Address) $TimeOut; - } - :set Data [ :pick $Data ([ :len $Line ] + 1) [ :len $Data ] ]; - } - } - - :foreach Entry in=[ /ip/firewall/address-list/find where list=$FwListName comment=$ListComment ] do={ - :local Address [ /ip/firewall/address-list/get $Entry address ]; - :if ([ :typeof ($IPv4Addresses->$Address) ] = "time") do={ - $LogPrintExit2 debug $0 ("Renewing IPv4 address for " . ($IPv4Addresses->$Address) . ": " . $Address) false; - /ip/firewall/address-list/set $Entry timeout=($IPv4Addresses->$Address); - :set ($IPv4Addresses->$Address); - :set CntRenew ($CntRenew + 1); - } else={ - :if ($Failure = false) do={ - $LogPrintExit2 debug $0 ("Removing IPv4 address: " . $Address) false; - /ip/firewall/address-list/remove $Entry; - :set CntRemove ($CntRemove + 1); + :foreach Entry in=[ /ipv6/firewall/address-list/find where list=$FwListName comment=$ListComment ] do={ + :local Address [ /ipv6/firewall/address-list/get $Entry address ]; + :if ([ :typeof ($IPv6Addresses->$Address) ] = "time") do={ + $LogPrintExit2 debug $ScriptName ("Renewing IPv6 address for " . ($IPv6Addresses->$Address) . ": " . $Address) false; + /ipv6/firewall/address-list/set $Entry timeout=($IPv6Addresses->$Address); + :set ($IPv6Addresses->$Address); + :set CntRenew ($CntRenew + 1); + } else={ + :if ($Failure = false) do={ + $LogPrintExit2 debug $ScriptName ("Removing: " . $Address) false; + /ipv6/firewall/address-list/remove $Entry; + :set CntRemove ($CntRemove + 1); + } } } - } - :foreach Entry in=[ /ipv6/firewall/address-list/find where list=$FwListName comment=$ListComment ] do={ - :local Address [ /ipv6/firewall/address-list/get $Entry address ]; - :if ([ :typeof ($IPv6Addresses->$Address) ] = "time") do={ - $LogPrintExit2 debug $0 ("Renewing IPv6 address for " . ($IPv6Addresses->$Address) . ": " . $Address) false; - /ipv6/firewall/address-list/set $Entry timeout=($IPv6Addresses->$Address); - :set ($IPv6Addresses->$Address); - :set CntRenew ($CntRenew + 1); - } else={ - :if ($Failure = false) do={ - $LogPrintExit2 debug $0 ("Removing: " . $Address) false; - /ipv6/firewall/address-list/remove $Entry; - :set CntRemove ($CntRemove + 1); + :foreach Address,Timeout in=$IPv4Addresses do={ + $LogPrintExit2 debug $ScriptName ("Adding IPv4 address for " . $Timeout . ": " . $Address) false; + :do { + /ip/firewall/address-list/add list=$FwListName comment=$ListComment address=$Address timeout=$Timeout; + :set ($IPv4Addresses->$Address); + :set CntAdd ($CntAdd + 1); + } on-error={ + $LogPrintExit2 warning $ScriptName ("Failed to add IPv4 address " . $Address . " to list '" . $FwListName . "'.") false; } } - } - :foreach Address,Timeout in=$IPv4Addresses do={ - $LogPrintExit2 debug $0 ("Adding IPv4 address for " . $Timeout . ": " . $Address) false; - :do { - /ip/firewall/address-list/add list=$FwListName comment=$ListComment address=$Address timeout=$Timeout; - :set ($IPv4Addresses->$Address); - :set CntAdd ($CntAdd + 1); - } on-error={ - $LogPrintExit2 warning $0 ("Failed to add IPv4 address " . $Address . " to list '" . $FwListName . "'.") false; + :foreach Address,Timeout in=$IPv6Addresses do={ + $LogPrintExit2 debug $ScriptName ("Adding IPv6 address for " . $Timeout . ": " . $Address) false; + :do { + /ipv6/firewall/address-list/add list=$FwListName comment=$ListComment address=$Address timeout=$Timeout; + :set ($IPv6Addresses->$Address); + :set CntAdd ($CntAdd + 1); + } on-error={ + $LogPrintExit2 warning $ScriptName ("Failed to add IPv6 address " . $Address . " to list '" . $FwListName . "'.") false; + } } - } - :foreach Address,Timeout in=$IPv6Addresses do={ - $LogPrintExit2 debug $0 ("Adding IPv6 address for " . $Timeout . ": " . $Address) false; - :do { - /ipv6/firewall/address-list/add list=$FwListName comment=$ListComment address=$Address timeout=$Timeout; - :set ($IPv6Addresses->$Address); - :set CntAdd ($CntAdd + 1); - } on-error={ - $LogPrintExit2 warning $0 ("Failed to add IPv6 address " . $Address . " to list '" . $FwListName . "'.") false; - } + $LogPrintExit2 info $ScriptName ("list: " . $FwListName . " -- added: " . $CntAdd . " - renewed: " . $CntRenew . " - removed: " . $CntRemove) false; } - - $LogPrintExit2 info $0 ("list: " . $FwListName . " -- added: " . $CntAdd . " - renewed: " . $CntRenew . " - removed: " . $CntRemove) false; } + +$Main [ :jobname ]; From a0fc6c30ef2d47d0538cadf9c2598190e2fccb59 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:01 +0100 Subject: [PATCH 208/908] gps-track: move code into function --- gps-track.rsc | 57 ++++++++++++++++++++++++++++----------------------- 1 file changed, 31 insertions(+), 26 deletions(-) diff --git a/gps-track.rsc b/gps-track.rsc index 2e6d50f..8517778 100644 --- a/gps-track.rsc +++ b/gps-track.rsc @@ -8,38 +8,43 @@ # track gps data by sending json data to http server # https://git.eworm.de/cgit/routeros-scripts/about/doc/gps-track.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global GpsTrackUrl; -:global Identity; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global LogPrintExit2; -:global ScriptLock; -:global WaitFullyConnected; + :global GpsTrackUrl; + :global Identity; -$ScriptLock $0; -$WaitFullyConnected; + :global LogPrintExit2; + :global ScriptLock; + :global WaitFullyConnected; -:local CoordinateFormat [ /system/gps/get coordinate-format ]; -:local Gps [ /system/gps/monitor once as-value ]; + $ScriptLock $ScriptName; + $WaitFullyConnected; -:if ($Gps->"valid" = true) do={ - :do { - /tool/fetch check-certificate=yes-without-crl $GpsTrackUrl output=none \ - http-method=post http-header-field=({ "Content-Type: application/json" }) \ - http-data=("{" . \ - "\"lat\":\"" . ($Gps->"latitude") . "\"," . \ - "\"lon\":\"" . ($Gps->"longitude") . "\"," . \ - "\"identity\":\"" . $Identity . "\"" . \ - "}") as-value; - $LogPrintExit2 debug $0 ("Sending GPS data in " . $CoordinateFormat . " format: " . \ - "lat: " . ($Gps->"latitude") . " " . \ - "lon: " . ($Gps->"longitude")) false; - } on-error={ - $LogPrintExit2 warning $0 ("Failed sending GPS data!") false; + :local CoordinateFormat [ /system/gps/get coordinate-format ]; + :local Gps [ /system/gps/monitor once as-value ]; + + :if ($Gps->"valid" = true) do={ + :do { + /tool/fetch check-certificate=yes-without-crl $GpsTrackUrl output=none \ + http-method=post http-header-field=({ "Content-Type: application/json" }) \ + http-data=("{" . \ + "\"lat\":\"" . ($Gps->"latitude") . "\"," . \ + "\"lon\":\"" . ($Gps->"longitude") . "\"," . \ + "\"identity\":\"" . $Identity . "\"" . \ + "}") as-value; + $LogPrintExit2 debug $ScriptName ("Sending GPS data in " . $CoordinateFormat . " format: " . \ + "lat: " . ($Gps->"latitude") . " " . \ + "lon: " . ($Gps->"longitude")) false; + } on-error={ + $LogPrintExit2 warning $ScriptName ("Failed sending GPS data!") false; + } + } else={ + $LogPrintExit2 debug $ScriptName ("GPS data not valid.") false; } -} else={ - $LogPrintExit2 debug $0 ("GPS data not valid.") false; } + +$Main [ :jobname ]; From 2bf02cf0852d086a3f236d6423022ba1131e2267 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:01 +0100 Subject: [PATCH 209/908] hotspot-to-wpa-cleanup: move code into function --- hotspot-to-wpa-cleanup.capsman.rsc | 95 +++++++++++---------- hotspot-to-wpa-cleanup.template.rsc | 119 ++++++++++++++------------- hotspot-to-wpa-cleanup.wifi.rsc | 95 +++++++++++---------- hotspot-to-wpa-cleanup.wifiwave2.rsc | 95 +++++++++++---------- 4 files changed, 212 insertions(+), 192 deletions(-) diff --git a/hotspot-to-wpa-cleanup.capsman.rsc b/hotspot-to-wpa-cleanup.capsman.rsc index 7e8749d..498e853 100644 --- a/hotspot-to-wpa-cleanup.capsman.rsc +++ b/hotspot-to-wpa-cleanup.capsman.rsc @@ -11,59 +11,64 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global EitherOr; -:global LogPrintExit2; -:global ParseKeyValueStore; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0 false 10; + :global EitherOr; + :global LogPrintExit2; + :global ParseKeyValueStore; + :global ScriptLock; -:local DHCPServers ({}); -:foreach Server in=[ /ip/dhcp-server/find where comment~"hotspot-to-wpa" ] do={ - :local ServerVal [ /ip/dhcp-server/get $Server ] - :local ServerInfo [ $ParseKeyValueStore ($ServerVal->"comment") ]; - :if (($ServerInfo->"hotspot-to-wpa") = "wpa") do={ - :set ($DHCPServers->($ServerVal->"name")) \ - [ :totime [ $EitherOr ($ServerInfo->"timeout") 4w ] ]; + $ScriptLock $ScriptName false 10; + + :local DHCPServers ({}); + :foreach Server in=[ /ip/dhcp-server/find where comment~"hotspot-to-wpa" ] do={ + :local ServerVal [ /ip/dhcp-server/get $Server ] + :local ServerInfo [ $ParseKeyValueStore ($ServerVal->"comment") ]; + :if (($ServerInfo->"hotspot-to-wpa") = "wpa") do={ + :set ($DHCPServers->($ServerVal->"name")) \ + [ :totime [ $EitherOr ($ServerInfo->"timeout") 4w ] ]; + } } -} -:foreach Client in=[ /caps-man/registration-table/find where comment~"^hotspot-to-wpa:" ] do={ - :local ClientVal [ /caps-man/registration-table/get $Client ]; - :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \ - mac-address=($ClientVal->"mac-address") ] do={ - :if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) > 0s) do={ - $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \ - " connected to WPA, making lease static.") false; - /ip/dhcp-server/lease/make-static $Lease; - /ip/dhcp-server/lease/set comment=($ClientVal->"comment") $Lease; + :foreach Client in=[ /caps-man/registration-table/find where comment~"^hotspot-to-wpa:" ] do={ + :local ClientVal [ /caps-man/registration-table/get $Client ]; + :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \ + mac-address=($ClientVal->"mac-address") ] do={ + :if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) > 0s) do={ + $LogPrintExit2 info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ + " connected to WPA, making lease static.") false; + /ip/dhcp-server/lease/make-static $Lease; + /ip/dhcp-server/lease/set comment=($ClientVal->"comment") $Lease; + } + } + } + + :foreach Client in=[ /caps-man/access-list/find where comment~"^hotspot-to-wpa:" \ + !(comment~[ /system/clock/get date ]) ] do={ + :local ClientVal [ /caps-man/access-list/get $Client ]; + :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \ + mac-address=($ClientVal->"mac-address") ] ] = 0) do={ + $LogPrintExit2 info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ + " did not connect to WPA, removing from access list.") false; + /caps-man/access-list/remove $Client; + } + } + + :foreach Server,Timeout in=$DHCPServers do={ + :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \ + server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={ + :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; + $LogPrintExit2 info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ + " was not seen for " . ($LeaseVal->"last-seen") . ", removing.") false; + /caps-man/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ + mac-address=($LeaseVal->"mac-address") ]; + /ip/dhcp-server/lease/remove $Lease; } } } -:foreach Client in=[ /caps-man/access-list/find where comment~"^hotspot-to-wpa:" \ - !(comment~[ /system/clock/get date ]) ] do={ - :local ClientVal [ /caps-man/access-list/get $Client ]; - :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \ - mac-address=($ClientVal->"mac-address") ] ] = 0) do={ - $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \ - " did not connect to WPA, removing from access list.") false; - /caps-man/access-list/remove $Client; - } -} - -:foreach Server,Timeout in=$DHCPServers do={ - :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \ - server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={ - :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; - $LogPrintExit2 info $0 ("Client with mac address " . ($LeaseVal->"mac-address") . \ - " was not seen for " . ($LeaseVal->"last-seen") . ", removing.") false; - /caps-man/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ - mac-address=($LeaseVal->"mac-address") ]; - /ip/dhcp-server/lease/remove $Lease; - } -} +$Main [ :jobname ]; diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc index b7b4d9c..9ffc6ea 100644 --- a/hotspot-to-wpa-cleanup.template.rsc +++ b/hotspot-to-wpa-cleanup.template.rsc @@ -12,71 +12,76 @@ # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global EitherOr; -:global LogPrintExit2; -:global ParseKeyValueStore; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0 false 10; + :global EitherOr; + :global LogPrintExit2; + :global ParseKeyValueStore; + :global ScriptLock; -:local DHCPServers ({}); -:foreach Server in=[ /ip/dhcp-server/find where comment~"hotspot-to-wpa" ] do={ - :local ServerVal [ /ip/dhcp-server/get $Server ] - :local ServerInfo [ $ParseKeyValueStore ($ServerVal->"comment") ]; - :if (($ServerInfo->"hotspot-to-wpa") = "wpa") do={ - :set ($DHCPServers->($ServerVal->"name")) \ - [ :totime [ $EitherOr ($ServerInfo->"timeout") 4w ] ]; + $ScriptLock $ScriptName false 10; + + :local DHCPServers ({}); + :foreach Server in=[ /ip/dhcp-server/find where comment~"hotspot-to-wpa" ] do={ + :local ServerVal [ /ip/dhcp-server/get $Server ] + :local ServerInfo [ $ParseKeyValueStore ($ServerVal->"comment") ]; + :if (($ServerInfo->"hotspot-to-wpa") = "wpa") do={ + :set ($DHCPServers->($ServerVal->"name")) \ + [ :totime [ $EitherOr ($ServerInfo->"timeout") 4w ] ]; + } } -} -:foreach Client in=[ /caps-man/registration-table/find where comment~"^hotspot-to-wpa:" ] do={ -:foreach Client in=[ /interface/wifi/registration-table/find where comment~"^hotspot-to-wpa:" ] do={ -:foreach Client in=[ /interface/wifiwave2/registration-table/find where comment~"^hotspot-to-wpa:" ] do={ - :local ClientVal [ /caps-man/registration-table/get $Client ]; - :local ClientVal [ /interface/wifi/registration-table/get $Client ]; - :local ClientVal [ /interface/wifiwave2/registration-table/get $Client ]; - :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \ - mac-address=($ClientVal->"mac-address") ] do={ - :if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) > 0s) do={ - $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \ - " connected to WPA, making lease static.") false; - /ip/dhcp-server/lease/make-static $Lease; - /ip/dhcp-server/lease/set comment=($ClientVal->"comment") $Lease; + :foreach Client in=[ /caps-man/registration-table/find where comment~"^hotspot-to-wpa:" ] do={ + :foreach Client in=[ /interface/wifi/registration-table/find where comment~"^hotspot-to-wpa:" ] do={ + :foreach Client in=[ /interface/wifiwave2/registration-table/find where comment~"^hotspot-to-wpa:" ] do={ + :local ClientVal [ /caps-man/registration-table/get $Client ]; + :local ClientVal [ /interface/wifi/registration-table/get $Client ]; + :local ClientVal [ /interface/wifiwave2/registration-table/get $Client ]; + :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \ + mac-address=($ClientVal->"mac-address") ] do={ + :if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) > 0s) do={ + $LogPrintExit2 info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ + " connected to WPA, making lease static.") false; + /ip/dhcp-server/lease/make-static $Lease; + /ip/dhcp-server/lease/set comment=($ClientVal->"comment") $Lease; + } + } + } + + :foreach Client in=[ /caps-man/access-list/find where comment~"^hotspot-to-wpa:" \ + :foreach Client in=[ /interface/wifi/access-list/find where comment~"^hotspot-to-wpa:" \ + :foreach Client in=[ /interface/wifiwave2/access-list/find where comment~"^hotspot-to-wpa:" \ + !(comment~[ /system/clock/get date ]) ] do={ + :local ClientVal [ /caps-man/access-list/get $Client ]; + :local ClientVal [ /interface/wifi/access-list/get $Client ]; + :local ClientVal [ /interface/wifiwave2/access-list/get $Client ]; + :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \ + mac-address=($ClientVal->"mac-address") ] ] = 0) do={ + $LogPrintExit2 info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ + " did not connect to WPA, removing from access list.") false; + /caps-man/access-list/remove $Client; + /interface/wifi/access-list/remove $Client; + /interface/wifiwave2/access-list/remove $Client; + } + } + + :foreach Server,Timeout in=$DHCPServers do={ + :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \ + server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={ + :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; + $LogPrintExit2 info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ + " was not seen for " . ($LeaseVal->"last-seen") . ", removing.") false; + /caps-man/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ + /interface/wifi/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ + /interface/wifiwave2/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ + mac-address=($LeaseVal->"mac-address") ]; + /ip/dhcp-server/lease/remove $Lease; } } } -:foreach Client in=[ /caps-man/access-list/find where comment~"^hotspot-to-wpa:" \ -:foreach Client in=[ /interface/wifi/access-list/find where comment~"^hotspot-to-wpa:" \ -:foreach Client in=[ /interface/wifiwave2/access-list/find where comment~"^hotspot-to-wpa:" \ - !(comment~[ /system/clock/get date ]) ] do={ - :local ClientVal [ /caps-man/access-list/get $Client ]; - :local ClientVal [ /interface/wifi/access-list/get $Client ]; - :local ClientVal [ /interface/wifiwave2/access-list/get $Client ]; - :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \ - mac-address=($ClientVal->"mac-address") ] ] = 0) do={ - $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \ - " did not connect to WPA, removing from access list.") false; - /caps-man/access-list/remove $Client; - /interface/wifi/access-list/remove $Client; - /interface/wifiwave2/access-list/remove $Client; - } -} - -:foreach Server,Timeout in=$DHCPServers do={ - :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \ - server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={ - :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; - $LogPrintExit2 info $0 ("Client with mac address " . ($LeaseVal->"mac-address") . \ - " was not seen for " . ($LeaseVal->"last-seen") . ", removing.") false; - /caps-man/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ - /interface/wifi/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ - /interface/wifiwave2/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ - mac-address=($LeaseVal->"mac-address") ]; - /ip/dhcp-server/lease/remove $Lease; - } -} +$Main [ :jobname ]; diff --git a/hotspot-to-wpa-cleanup.wifi.rsc b/hotspot-to-wpa-cleanup.wifi.rsc index 4e9eda2..cf7eaad 100644 --- a/hotspot-to-wpa-cleanup.wifi.rsc +++ b/hotspot-to-wpa-cleanup.wifi.rsc @@ -11,59 +11,64 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global EitherOr; -:global LogPrintExit2; -:global ParseKeyValueStore; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0 false 10; + :global EitherOr; + :global LogPrintExit2; + :global ParseKeyValueStore; + :global ScriptLock; -:local DHCPServers ({}); -:foreach Server in=[ /ip/dhcp-server/find where comment~"hotspot-to-wpa" ] do={ - :local ServerVal [ /ip/dhcp-server/get $Server ] - :local ServerInfo [ $ParseKeyValueStore ($ServerVal->"comment") ]; - :if (($ServerInfo->"hotspot-to-wpa") = "wpa") do={ - :set ($DHCPServers->($ServerVal->"name")) \ - [ :totime [ $EitherOr ($ServerInfo->"timeout") 4w ] ]; + $ScriptLock $ScriptName false 10; + + :local DHCPServers ({}); + :foreach Server in=[ /ip/dhcp-server/find where comment~"hotspot-to-wpa" ] do={ + :local ServerVal [ /ip/dhcp-server/get $Server ] + :local ServerInfo [ $ParseKeyValueStore ($ServerVal->"comment") ]; + :if (($ServerInfo->"hotspot-to-wpa") = "wpa") do={ + :set ($DHCPServers->($ServerVal->"name")) \ + [ :totime [ $EitherOr ($ServerInfo->"timeout") 4w ] ]; + } } -} -:foreach Client in=[ /interface/wifi/registration-table/find where comment~"^hotspot-to-wpa:" ] do={ - :local ClientVal [ /interface/wifi/registration-table/get $Client ]; - :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \ - mac-address=($ClientVal->"mac-address") ] do={ - :if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) > 0s) do={ - $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \ - " connected to WPA, making lease static.") false; - /ip/dhcp-server/lease/make-static $Lease; - /ip/dhcp-server/lease/set comment=($ClientVal->"comment") $Lease; + :foreach Client in=[ /interface/wifi/registration-table/find where comment~"^hotspot-to-wpa:" ] do={ + :local ClientVal [ /interface/wifi/registration-table/get $Client ]; + :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \ + mac-address=($ClientVal->"mac-address") ] do={ + :if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) > 0s) do={ + $LogPrintExit2 info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ + " connected to WPA, making lease static.") false; + /ip/dhcp-server/lease/make-static $Lease; + /ip/dhcp-server/lease/set comment=($ClientVal->"comment") $Lease; + } + } + } + + :foreach Client in=[ /interface/wifi/access-list/find where comment~"^hotspot-to-wpa:" \ + !(comment~[ /system/clock/get date ]) ] do={ + :local ClientVal [ /interface/wifi/access-list/get $Client ]; + :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \ + mac-address=($ClientVal->"mac-address") ] ] = 0) do={ + $LogPrintExit2 info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ + " did not connect to WPA, removing from access list.") false; + /interface/wifi/access-list/remove $Client; + } + } + + :foreach Server,Timeout in=$DHCPServers do={ + :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \ + server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={ + :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; + $LogPrintExit2 info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ + " was not seen for " . ($LeaseVal->"last-seen") . ", removing.") false; + /interface/wifi/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ + mac-address=($LeaseVal->"mac-address") ]; + /ip/dhcp-server/lease/remove $Lease; } } } -:foreach Client in=[ /interface/wifi/access-list/find where comment~"^hotspot-to-wpa:" \ - !(comment~[ /system/clock/get date ]) ] do={ - :local ClientVal [ /interface/wifi/access-list/get $Client ]; - :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \ - mac-address=($ClientVal->"mac-address") ] ] = 0) do={ - $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \ - " did not connect to WPA, removing from access list.") false; - /interface/wifi/access-list/remove $Client; - } -} - -:foreach Server,Timeout in=$DHCPServers do={ - :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \ - server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={ - :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; - $LogPrintExit2 info $0 ("Client with mac address " . ($LeaseVal->"mac-address") . \ - " was not seen for " . ($LeaseVal->"last-seen") . ", removing.") false; - /interface/wifi/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ - mac-address=($LeaseVal->"mac-address") ]; - /ip/dhcp-server/lease/remove $Lease; - } -} +$Main [ :jobname ]; diff --git a/hotspot-to-wpa-cleanup.wifiwave2.rsc b/hotspot-to-wpa-cleanup.wifiwave2.rsc index afa0c2d..bbb64c5 100644 --- a/hotspot-to-wpa-cleanup.wifiwave2.rsc +++ b/hotspot-to-wpa-cleanup.wifiwave2.rsc @@ -11,59 +11,64 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global EitherOr; -:global LogPrintExit2; -:global ParseKeyValueStore; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0 false 10; + :global EitherOr; + :global LogPrintExit2; + :global ParseKeyValueStore; + :global ScriptLock; -:local DHCPServers ({}); -:foreach Server in=[ /ip/dhcp-server/find where comment~"hotspot-to-wpa" ] do={ - :local ServerVal [ /ip/dhcp-server/get $Server ] - :local ServerInfo [ $ParseKeyValueStore ($ServerVal->"comment") ]; - :if (($ServerInfo->"hotspot-to-wpa") = "wpa") do={ - :set ($DHCPServers->($ServerVal->"name")) \ - [ :totime [ $EitherOr ($ServerInfo->"timeout") 4w ] ]; + $ScriptLock $ScriptName false 10; + + :local DHCPServers ({}); + :foreach Server in=[ /ip/dhcp-server/find where comment~"hotspot-to-wpa" ] do={ + :local ServerVal [ /ip/dhcp-server/get $Server ] + :local ServerInfo [ $ParseKeyValueStore ($ServerVal->"comment") ]; + :if (($ServerInfo->"hotspot-to-wpa") = "wpa") do={ + :set ($DHCPServers->($ServerVal->"name")) \ + [ :totime [ $EitherOr ($ServerInfo->"timeout") 4w ] ]; + } } -} -:foreach Client in=[ /interface/wifiwave2/registration-table/find where comment~"^hotspot-to-wpa:" ] do={ - :local ClientVal [ /interface/wifiwave2/registration-table/get $Client ]; - :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \ - mac-address=($ClientVal->"mac-address") ] do={ - :if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) > 0s) do={ - $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \ - " connected to WPA, making lease static.") false; - /ip/dhcp-server/lease/make-static $Lease; - /ip/dhcp-server/lease/set comment=($ClientVal->"comment") $Lease; + :foreach Client in=[ /interface/wifiwave2/registration-table/find where comment~"^hotspot-to-wpa:" ] do={ + :local ClientVal [ /interface/wifiwave2/registration-table/get $Client ]; + :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \ + mac-address=($ClientVal->"mac-address") ] do={ + :if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) > 0s) do={ + $LogPrintExit2 info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ + " connected to WPA, making lease static.") false; + /ip/dhcp-server/lease/make-static $Lease; + /ip/dhcp-server/lease/set comment=($ClientVal->"comment") $Lease; + } + } + } + + :foreach Client in=[ /interface/wifiwave2/access-list/find where comment~"^hotspot-to-wpa:" \ + !(comment~[ /system/clock/get date ]) ] do={ + :local ClientVal [ /interface/wifiwave2/access-list/get $Client ]; + :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \ + mac-address=($ClientVal->"mac-address") ] ] = 0) do={ + $LogPrintExit2 info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ + " did not connect to WPA, removing from access list.") false; + /interface/wifiwave2/access-list/remove $Client; + } + } + + :foreach Server,Timeout in=$DHCPServers do={ + :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \ + server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={ + :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; + $LogPrintExit2 info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ + " was not seen for " . ($LeaseVal->"last-seen") . ", removing.") false; + /interface/wifiwave2/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ + mac-address=($LeaseVal->"mac-address") ]; + /ip/dhcp-server/lease/remove $Lease; } } } -:foreach Client in=[ /interface/wifiwave2/access-list/find where comment~"^hotspot-to-wpa:" \ - !(comment~[ /system/clock/get date ]) ] do={ - :local ClientVal [ /interface/wifiwave2/access-list/get $Client ]; - :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \ - mac-address=($ClientVal->"mac-address") ] ] = 0) do={ - $LogPrintExit2 info $0 ("Client with mac address " . ($ClientVal->"mac-address") . \ - " did not connect to WPA, removing from access list.") false; - /interface/wifiwave2/access-list/remove $Client; - } -} - -:foreach Server,Timeout in=$DHCPServers do={ - :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \ - server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={ - :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; - $LogPrintExit2 info $0 ("Client with mac address " . ($LeaseVal->"mac-address") . \ - " was not seen for " . ($LeaseVal->"last-seen") . ", removing.") false; - /interface/wifiwave2/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ - mac-address=($LeaseVal->"mac-address") ]; - /ip/dhcp-server/lease/remove $Lease; - } -} +$Main [ :jobname ]; From a36ec397d6fc6e5a31c25cb58f41db62c8ba0bbe Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:01 +0100 Subject: [PATCH 210/908] hotspot-to-wpa: move code into function --- hotspot-to-wpa.capsman.rsc | 144 ++++++++++++------------ hotspot-to-wpa.template.rsc | 208 ++++++++++++++++++----------------- hotspot-to-wpa.wifi.rsc | 138 ++++++++++++----------- hotspot-to-wpa.wifiwave2.rsc | 138 ++++++++++++----------- 4 files changed, 322 insertions(+), 306 deletions(-) diff --git a/hotspot-to-wpa.capsman.rsc b/hotspot-to-wpa.capsman.rsc index db3f430..d903fe9 100644 --- a/hotspot-to-wpa.capsman.rsc +++ b/hotspot-to-wpa.capsman.rsc @@ -10,82 +10,86 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global EitherOr; -:global LogPrintExit2; -:global ParseKeyValueStore; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; + :local MacAddress [ :tostr $2 ]; + :local UserName [ :tostr $3 ]; -$ScriptLock $0; + :global EitherOr; + :global LogPrintExit2; + :global ParseKeyValueStore; + :global ScriptLock; -:local MacAddress $"mac-address"; -:local UserName $username; + $ScriptLock $ScriptName; -:if ([ :typeof $MacAddress ] = "nothing" || [ :typeof $UserName ] = "nothing") do={ - $LogPrintExit2 error $0 ("This script is supposed to run from hotspot on login.") true; -} - -:local Date [ /system/clock/get date ]; -:local UserVal ({}); -:if ([ :len [ /ip/hotspot/user/find where name=$UserName ] ] > 0) do={ - :set UserVal [ /ip/hotspot/user/get [ find where name=$UserName ] ]; -} -:local UserInfo [ $ParseKeyValueStore ($UserVal->"comment") ]; -:local Hotspot [ /ip/hotspot/host/get [ find where mac-address=$MacAddress authorized ] server ]; - -:if ([ :len [ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ - /caps-man/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; - $LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'.") false; -} -:local PlaceBefore ([ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); - -:if ([ :len [ /caps-man/access-list/find where \ - comment=("hotspot-to-wpa template " . $Hotspot) disabled ] ] = 0) do={ - /caps-man/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; - $LogPrintExit2 warning $0 ("Added template in access-list for hotspot '" . $Hotspot . "'.") false; -} -:local Template [ /caps-man/access-list/get ([ find where \ - comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ]; - -:if ($Template->"action" = "reject") do={ - $LogPrintExit2 info $0 ("Ignoring login for hotspot '" . $Hotspot . "'.") true; -} - -# allow login page to load -:delay 1s; - -$LogPrintExit2 info $0 ("Adding/updating access-list entry for mac address " . $MacAddress . \ - " (user " . $UserName . ").") false; -/caps-man/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; -/caps-man/access-list/add private-passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ - mac-address=$MacAddress comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \ - action=reject place-before=$PlaceBefore; - -:local Entry [ /caps-man/access-list/find where mac-address=$MacAddress \ - comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) ]; -:local PrivatePassphrase [ $EitherOr ($UserInfo->"private-passphrase") ($Template->"private-passphrase") ]; -:if ([ :len $PrivatePassphrase ] > 0) do={ - :if ($PrivatePassphrase = "ignore") do={ - /caps-man/access-list/set $Entry !private-passphrase; - } else={ - /caps-man/access-list/set $Entry private-passphrase=$PrivatePassphrase; + :if ([ :len $MacAddress ] = 0 || [ :len $UserName ] = 0) do={ + $LogPrintExit2 error $ScriptName ("This script is supposed to run from hotspot on login.") true; } -} -:local SsidRegexp [ $EitherOr ($UserInfo->"ssid-regexp") ($Template->"ssid-regexp") ]; -:if ([ :len $SsidRegexp ] > 0) do={ - /caps-man/access-list/set $Entry ssid-regexp=$SsidRegexp; -} -:local VlanId [ $EitherOr ($UserInfo->"vlan-id") ($Template->"vlan-id") ]; -:if ([ :len $VlanId ] > 0) do={ - /caps-man/access-list/set $Entry vlan-id=$VlanId; -} -:local VlanMode [ $EitherOr ($UserInfo->"vlan-mode") ($Template->"vlan-mode") ]; -:if ([ :len $VlanMode] > 0) do={ - /caps-man/access-list/set $Entry vlan-mode=$VlanMode; + + :local Date [ /system/clock/get date ]; + :local UserVal ({}); + :if ([ :len [ /ip/hotspot/user/find where name=$UserName ] ] > 0) do={ + :set UserVal [ /ip/hotspot/user/get [ find where name=$UserName ] ]; + } + :local UserInfo [ $ParseKeyValueStore ($UserVal->"comment") ]; + :local Hotspot [ /ip/hotspot/host/get [ find where mac-address=$MacAddress authorized ] server ]; + + :if ([ :len [ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ + /caps-man/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; + $LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'.") false; + } + :local PlaceBefore ([ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); + + :if ([ :len [ /caps-man/access-list/find where \ + comment=("hotspot-to-wpa template " . $Hotspot) disabled ] ] = 0) do={ + /caps-man/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; + $LogPrintExit2 warning $ScriptName ("Added template in access-list for hotspot '" . $Hotspot . "'.") false; + } + :local Template [ /caps-man/access-list/get ([ find where \ + comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ]; + + :if ($Template->"action" = "reject") do={ + $LogPrintExit2 info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'.") true; + } + + # allow login page to load + :delay 1s; + + $LogPrintExit2 info $ScriptName ("Adding/updating access-list entry for mac address " . $MacAddress . \ + " (user " . $UserName . ").") false; + /caps-man/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; + /caps-man/access-list/add private-passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ + mac-address=$MacAddress comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \ + action=reject place-before=$PlaceBefore; + + :local Entry [ /caps-man/access-list/find where mac-address=$MacAddress \ + comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) ]; + :local PrivatePassphrase [ $EitherOr ($UserInfo->"private-passphrase") ($Template->"private-passphrase") ]; + :if ([ :len $PrivatePassphrase ] > 0) do={ + :if ($PrivatePassphrase = "ignore") do={ + /caps-man/access-list/set $Entry !private-passphrase; + } else={ + /caps-man/access-list/set $Entry private-passphrase=$PrivatePassphrase; + } + } + :local SsidRegexp [ $EitherOr ($UserInfo->"ssid-regexp") ($Template->"ssid-regexp") ]; + :if ([ :len $SsidRegexp ] > 0) do={ + /caps-man/access-list/set $Entry ssid-regexp=$SsidRegexp; + } + :local VlanId [ $EitherOr ($UserInfo->"vlan-id") ($Template->"vlan-id") ]; + :if ([ :len $VlanId ] > 0) do={ + /caps-man/access-list/set $Entry vlan-id=$VlanId; + } + :local VlanMode [ $EitherOr ($UserInfo->"vlan-mode") ($Template->"vlan-mode") ]; + :if ([ :len $VlanMode] > 0) do={ + /caps-man/access-list/set $Entry vlan-mode=$VlanMode; + } + + :delay 2s; + /caps-man/access-list/set $Entry action=accept; } -:delay 2s; -/caps-man/access-list/set $Entry action=accept; +$Main [ :jobname ] $"mac-address" $username; diff --git a/hotspot-to-wpa.template.rsc b/hotspot-to-wpa.template.rsc index 98369a7..1f82c28 100644 --- a/hotspot-to-wpa.template.rsc +++ b/hotspot-to-wpa.template.rsc @@ -11,117 +11,121 @@ # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global EitherOr; -:global LogPrintExit2; -:global ParseKeyValueStore; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; + :local MacAddress [ :tostr $2 ]; + :local UserName [ :tostr $3 ]; -$ScriptLock $0; + :global EitherOr; + :global LogPrintExit2; + :global ParseKeyValueStore; + :global ScriptLock; -:local MacAddress $"mac-address"; -:local UserName $username; + $ScriptLock $ScriptName; -:if ([ :typeof $MacAddress ] = "nothing" || [ :typeof $UserName ] = "nothing") do={ - $LogPrintExit2 error $0 ("This script is supposed to run from hotspot on login.") true; -} - -:local Date [ /system/clock/get date ]; -:local UserVal ({}); -:if ([ :len [ /ip/hotspot/user/find where name=$UserName ] ] > 0) do={ - :set UserVal [ /ip/hotspot/user/get [ find where name=$UserName ] ]; -} -:local UserInfo [ $ParseKeyValueStore ($UserVal->"comment") ]; -:local Hotspot [ /ip/hotspot/host/get [ find where mac-address=$MacAddress authorized ] server ]; - -:if ([ :len [ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ -:if ([ :len [ /interface/wifi/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ -:if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ - /caps-man/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; - /interface/wifi/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; - /interface/wifiwave2/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; - $LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'.") false; -} -:local PlaceBefore ([ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); -:local PlaceBefore ([ /interface/wifi/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); -:local PlaceBefore ([ /interface/wifiwave2/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); - -:if ([ :len [ /caps-man/access-list/find where \ -:if ([ :len [ /interface/wifi/access-list/find where \ -:if ([ :len [ /interface/wifiwave2/access-list/find where \ - comment=("hotspot-to-wpa template " . $Hotspot) disabled ] ] = 0) do={ - /caps-man/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; - /interface/wifi/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; - /interface/wifiwave2/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; - $LogPrintExit2 warning $0 ("Added template in access-list for hotspot '" . $Hotspot . "'.") false; -} -:local Template [ /caps-man/access-list/get ([ find where \ -:local Template [ /interface/wifi/access-list/get ([ find where \ -:local Template [ /interface/wifiwave2/access-list/get ([ find where \ - comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ]; - -:if ($Template->"action" = "reject") do={ - $LogPrintExit2 info $0 ("Ignoring login for hotspot '" . $Hotspot . "'.") true; -} - -# allow login page to load -:delay 1s; - -$LogPrintExit2 info $0 ("Adding/updating access-list entry for mac address " . $MacAddress . \ - " (user " . $UserName . ").") false; -/caps-man/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; -/interface/wifi/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; -/interface/wifiwave2/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; -/caps-man/access-list/add private-passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ -/interface/wifi/access-list/add passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ -/interface/wifiwave2/access-list/add passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ - mac-address=$MacAddress comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \ - action=reject place-before=$PlaceBefore; - -:local Entry [ /caps-man/access-list/find where mac-address=$MacAddress \ -:local Entry [ /interface/wifi/access-list/find where mac-address=$MacAddress \ -:local Entry [ /interface/wifiwave2/access-list/find where mac-address=$MacAddress \ - comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) ]; -# NOT /caps-man/ # -:set ($Template->"private-passphrase") ($Template->"passphrase"); -# NOT /caps-man/ # -:local PrivatePassphrase [ $EitherOr ($UserInfo->"private-passphrase") ($Template->"private-passphrase") ]; -:if ([ :len $PrivatePassphrase ] > 0) do={ - :if ($PrivatePassphrase = "ignore") do={ - /caps-man/access-list/set $Entry !private-passphrase; - /interface/wifi/access-list/set $Entry !passphrase; - /interface/wifiwave2/access-list/set $Entry !passphrase; - } else={ - /caps-man/access-list/set $Entry private-passphrase=$PrivatePassphrase; - /interface/wifi/access-list/set $Entry passphrase=$PrivatePassphrase; - /interface/wifiwave2/access-list/set $Entry passphrase=$PrivatePassphrase; + :if ([ :len $MacAddress ] = 0 || [ :len $UserName ] = 0) do={ + $LogPrintExit2 error $ScriptName ("This script is supposed to run from hotspot on login.") true; + } + + :local Date [ /system/clock/get date ]; + :local UserVal ({}); + :if ([ :len [ /ip/hotspot/user/find where name=$UserName ] ] > 0) do={ + :set UserVal [ /ip/hotspot/user/get [ find where name=$UserName ] ]; + } + :local UserInfo [ $ParseKeyValueStore ($UserVal->"comment") ]; + :local Hotspot [ /ip/hotspot/host/get [ find where mac-address=$MacAddress authorized ] server ]; + + :if ([ :len [ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ + :if ([ :len [ /interface/wifi/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ + :if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ + /caps-man/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; + /interface/wifi/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; + /interface/wifiwave2/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; + $LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'.") false; + } + :local PlaceBefore ([ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); + :local PlaceBefore ([ /interface/wifi/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); + :local PlaceBefore ([ /interface/wifiwave2/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); + + :if ([ :len [ /caps-man/access-list/find where \ + :if ([ :len [ /interface/wifi/access-list/find where \ + :if ([ :len [ /interface/wifiwave2/access-list/find where \ + comment=("hotspot-to-wpa template " . $Hotspot) disabled ] ] = 0) do={ + /caps-man/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; + /interface/wifi/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; + /interface/wifiwave2/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; + $LogPrintExit2 warning $ScriptName ("Added template in access-list for hotspot '" . $Hotspot . "'.") false; + } + :local Template [ /caps-man/access-list/get ([ find where \ + :local Template [ /interface/wifi/access-list/get ([ find where \ + :local Template [ /interface/wifiwave2/access-list/get ([ find where \ + comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ]; + + :if ($Template->"action" = "reject") do={ + $LogPrintExit2 info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'.") true; + } + + # allow login page to load + :delay 1s; + + $LogPrintExit2 info $ScriptName ("Adding/updating access-list entry for mac address " . $MacAddress . \ + " (user " . $UserName . ").") false; + /caps-man/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; + /interface/wifi/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; + /interface/wifiwave2/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; + /caps-man/access-list/add private-passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ + /interface/wifi/access-list/add passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ + /interface/wifiwave2/access-list/add passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ + mac-address=$MacAddress comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \ + action=reject place-before=$PlaceBefore; + + :local Entry [ /caps-man/access-list/find where mac-address=$MacAddress \ + :local Entry [ /interface/wifi/access-list/find where mac-address=$MacAddress \ + :local Entry [ /interface/wifiwave2/access-list/find where mac-address=$MacAddress \ + comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) ]; +# NOT /caps-man/ # + :set ($Template->"private-passphrase") ($Template->"passphrase"); +# NOT /caps-man/ # + :local PrivatePassphrase [ $EitherOr ($UserInfo->"private-passphrase") ($Template->"private-passphrase") ]; + :if ([ :len $PrivatePassphrase ] > 0) do={ + :if ($PrivatePassphrase = "ignore") do={ + /caps-man/access-list/set $Entry !private-passphrase; + /interface/wifi/access-list/set $Entry !passphrase; + /interface/wifiwave2/access-list/set $Entry !passphrase; + } else={ + /caps-man/access-list/set $Entry private-passphrase=$PrivatePassphrase; + /interface/wifi/access-list/set $Entry passphrase=$PrivatePassphrase; + /interface/wifiwave2/access-list/set $Entry passphrase=$PrivatePassphrase; + } + } + :local SsidRegexp [ $EitherOr ($UserInfo->"ssid-regexp") ($Template->"ssid-regexp") ]; + :if ([ :len $SsidRegexp ] > 0) do={ + /caps-man/access-list/set $Entry ssid-regexp=$SsidRegexp; + /interface/wifi/access-list/set $Entry ssid-regexp=$SsidRegexp; + /interface/wifiwave2/access-list/set $Entry ssid-regexp=$SsidRegexp; + } + :local VlanId [ $EitherOr ($UserInfo->"vlan-id") ($Template->"vlan-id") ]; + :if ([ :len $VlanId ] > 0) do={ + /caps-man/access-list/set $Entry vlan-id=$VlanId; + /interface/wifi/access-list/set $Entry vlan-id=$VlanId; + /interface/wifiwave2/access-list/set $Entry vlan-id=$VlanId; } -} -:local SsidRegexp [ $EitherOr ($UserInfo->"ssid-regexp") ($Template->"ssid-regexp") ]; -:if ([ :len $SsidRegexp ] > 0) do={ - /caps-man/access-list/set $Entry ssid-regexp=$SsidRegexp; - /interface/wifi/access-list/set $Entry ssid-regexp=$SsidRegexp; - /interface/wifiwave2/access-list/set $Entry ssid-regexp=$SsidRegexp; -} -:local VlanId [ $EitherOr ($UserInfo->"vlan-id") ($Template->"vlan-id") ]; -:if ([ :len $VlanId ] > 0) do={ - /caps-man/access-list/set $Entry vlan-id=$VlanId; - /interface/wifi/access-list/set $Entry vlan-id=$VlanId; - /interface/wifiwave2/access-list/set $Entry vlan-id=$VlanId; -} # NOT /interface/wifi/ # # NOT /interface/wifiwave2/ # -:local VlanMode [ $EitherOr ($UserInfo->"vlan-mode") ($Template->"vlan-mode") ]; -:if ([ :len $VlanMode] > 0) do={ - /caps-man/access-list/set $Entry vlan-mode=$VlanMode; -} + :local VlanMode [ $EitherOr ($UserInfo->"vlan-mode") ($Template->"vlan-mode") ]; + :if ([ :len $VlanMode] > 0) do={ + /caps-man/access-list/set $Entry vlan-mode=$VlanMode; + } # NOT /interface/wifiwave2/ # # NOT /interface/wifi/ # -:delay 2s; -/caps-man/access-list/set $Entry action=accept; -/interface/wifi/access-list/set $Entry action=accept; -/interface/wifiwave2/access-list/set $Entry action=accept; + :delay 2s; + /caps-man/access-list/set $Entry action=accept; + /interface/wifi/access-list/set $Entry action=accept; + /interface/wifiwave2/access-list/set $Entry action=accept; +} + +$Main [ :jobname ] $"mac-address" $username; diff --git a/hotspot-to-wpa.wifi.rsc b/hotspot-to-wpa.wifi.rsc index 5e07eac..cd6aa80 100644 --- a/hotspot-to-wpa.wifi.rsc +++ b/hotspot-to-wpa.wifi.rsc @@ -10,79 +10,83 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global EitherOr; -:global LogPrintExit2; -:global ParseKeyValueStore; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; + :local MacAddress [ :tostr $2 ]; + :local UserName [ :tostr $3 ]; -$ScriptLock $0; + :global EitherOr; + :global LogPrintExit2; + :global ParseKeyValueStore; + :global ScriptLock; -:local MacAddress $"mac-address"; -:local UserName $username; + $ScriptLock $ScriptName; -:if ([ :typeof $MacAddress ] = "nothing" || [ :typeof $UserName ] = "nothing") do={ - $LogPrintExit2 error $0 ("This script is supposed to run from hotspot on login.") true; -} - -:local Date [ /system/clock/get date ]; -:local UserVal ({}); -:if ([ :len [ /ip/hotspot/user/find where name=$UserName ] ] > 0) do={ - :set UserVal [ /ip/hotspot/user/get [ find where name=$UserName ] ]; -} -:local UserInfo [ $ParseKeyValueStore ($UserVal->"comment") ]; -:local Hotspot [ /ip/hotspot/host/get [ find where mac-address=$MacAddress authorized ] server ]; - -:if ([ :len [ /interface/wifi/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ - /interface/wifi/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; - $LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'.") false; -} -:local PlaceBefore ([ /interface/wifi/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); - -:if ([ :len [ /interface/wifi/access-list/find where \ - comment=("hotspot-to-wpa template " . $Hotspot) disabled ] ] = 0) do={ - /interface/wifi/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; - $LogPrintExit2 warning $0 ("Added template in access-list for hotspot '" . $Hotspot . "'.") false; -} -:local Template [ /interface/wifi/access-list/get ([ find where \ - comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ]; - -:if ($Template->"action" = "reject") do={ - $LogPrintExit2 info $0 ("Ignoring login for hotspot '" . $Hotspot . "'.") true; -} - -# allow login page to load -:delay 1s; - -$LogPrintExit2 info $0 ("Adding/updating access-list entry for mac address " . $MacAddress . \ - " (user " . $UserName . ").") false; -/interface/wifi/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; -/interface/wifi/access-list/add passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ - mac-address=$MacAddress comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \ - action=reject place-before=$PlaceBefore; - -:local Entry [ /interface/wifi/access-list/find where mac-address=$MacAddress \ - comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) ]; -:set ($Template->"private-passphrase") ($Template->"passphrase"); -:local PrivatePassphrase [ $EitherOr ($UserInfo->"private-passphrase") ($Template->"private-passphrase") ]; -:if ([ :len $PrivatePassphrase ] > 0) do={ - :if ($PrivatePassphrase = "ignore") do={ - /interface/wifi/access-list/set $Entry !passphrase; - } else={ - /interface/wifi/access-list/set $Entry passphrase=$PrivatePassphrase; + :if ([ :len $MacAddress ] = 0 || [ :len $UserName ] = 0) do={ + $LogPrintExit2 error $ScriptName ("This script is supposed to run from hotspot on login.") true; } -} -:local SsidRegexp [ $EitherOr ($UserInfo->"ssid-regexp") ($Template->"ssid-regexp") ]; -:if ([ :len $SsidRegexp ] > 0) do={ - /interface/wifi/access-list/set $Entry ssid-regexp=$SsidRegexp; -} -:local VlanId [ $EitherOr ($UserInfo->"vlan-id") ($Template->"vlan-id") ]; -:if ([ :len $VlanId ] > 0) do={ - /interface/wifi/access-list/set $Entry vlan-id=$VlanId; + + :local Date [ /system/clock/get date ]; + :local UserVal ({}); + :if ([ :len [ /ip/hotspot/user/find where name=$UserName ] ] > 0) do={ + :set UserVal [ /ip/hotspot/user/get [ find where name=$UserName ] ]; + } + :local UserInfo [ $ParseKeyValueStore ($UserVal->"comment") ]; + :local Hotspot [ /ip/hotspot/host/get [ find where mac-address=$MacAddress authorized ] server ]; + + :if ([ :len [ /interface/wifi/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ + /interface/wifi/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; + $LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'.") false; + } + :local PlaceBefore ([ /interface/wifi/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); + + :if ([ :len [ /interface/wifi/access-list/find where \ + comment=("hotspot-to-wpa template " . $Hotspot) disabled ] ] = 0) do={ + /interface/wifi/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; + $LogPrintExit2 warning $ScriptName ("Added template in access-list for hotspot '" . $Hotspot . "'.") false; + } + :local Template [ /interface/wifi/access-list/get ([ find where \ + comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ]; + + :if ($Template->"action" = "reject") do={ + $LogPrintExit2 info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'.") true; + } + + # allow login page to load + :delay 1s; + + $LogPrintExit2 info $ScriptName ("Adding/updating access-list entry for mac address " . $MacAddress . \ + " (user " . $UserName . ").") false; + /interface/wifi/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; + /interface/wifi/access-list/add passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ + mac-address=$MacAddress comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \ + action=reject place-before=$PlaceBefore; + + :local Entry [ /interface/wifi/access-list/find where mac-address=$MacAddress \ + comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) ]; + :set ($Template->"private-passphrase") ($Template->"passphrase"); + :local PrivatePassphrase [ $EitherOr ($UserInfo->"private-passphrase") ($Template->"private-passphrase") ]; + :if ([ :len $PrivatePassphrase ] > 0) do={ + :if ($PrivatePassphrase = "ignore") do={ + /interface/wifi/access-list/set $Entry !passphrase; + } else={ + /interface/wifi/access-list/set $Entry passphrase=$PrivatePassphrase; + } + } + :local SsidRegexp [ $EitherOr ($UserInfo->"ssid-regexp") ($Template->"ssid-regexp") ]; + :if ([ :len $SsidRegexp ] > 0) do={ + /interface/wifi/access-list/set $Entry ssid-regexp=$SsidRegexp; + } + :local VlanId [ $EitherOr ($UserInfo->"vlan-id") ($Template->"vlan-id") ]; + :if ([ :len $VlanId ] > 0) do={ + /interface/wifi/access-list/set $Entry vlan-id=$VlanId; + } + + :delay 2s; + /interface/wifi/access-list/set $Entry action=accept; } -:delay 2s; -/interface/wifi/access-list/set $Entry action=accept; +$Main [ :jobname ] $"mac-address" $username; diff --git a/hotspot-to-wpa.wifiwave2.rsc b/hotspot-to-wpa.wifiwave2.rsc index 751c1bf..ef068b6 100644 --- a/hotspot-to-wpa.wifiwave2.rsc +++ b/hotspot-to-wpa.wifiwave2.rsc @@ -10,79 +10,83 @@ # # !! Do not edit this file, it is generated from template! -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global EitherOr; -:global LogPrintExit2; -:global ParseKeyValueStore; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; + :local MacAddress [ :tostr $2 ]; + :local UserName [ :tostr $3 ]; -$ScriptLock $0; + :global EitherOr; + :global LogPrintExit2; + :global ParseKeyValueStore; + :global ScriptLock; -:local MacAddress $"mac-address"; -:local UserName $username; + $ScriptLock $ScriptName; -:if ([ :typeof $MacAddress ] = "nothing" || [ :typeof $UserName ] = "nothing") do={ - $LogPrintExit2 error $0 ("This script is supposed to run from hotspot on login.") true; -} - -:local Date [ /system/clock/get date ]; -:local UserVal ({}); -:if ([ :len [ /ip/hotspot/user/find where name=$UserName ] ] > 0) do={ - :set UserVal [ /ip/hotspot/user/get [ find where name=$UserName ] ]; -} -:local UserInfo [ $ParseKeyValueStore ($UserVal->"comment") ]; -:local Hotspot [ /ip/hotspot/host/get [ find where mac-address=$MacAddress authorized ] server ]; - -:if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ - /interface/wifiwave2/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; - $LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'.") false; -} -:local PlaceBefore ([ /interface/wifiwave2/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); - -:if ([ :len [ /interface/wifiwave2/access-list/find where \ - comment=("hotspot-to-wpa template " . $Hotspot) disabled ] ] = 0) do={ - /interface/wifiwave2/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; - $LogPrintExit2 warning $0 ("Added template in access-list for hotspot '" . $Hotspot . "'.") false; -} -:local Template [ /interface/wifiwave2/access-list/get ([ find where \ - comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ]; - -:if ($Template->"action" = "reject") do={ - $LogPrintExit2 info $0 ("Ignoring login for hotspot '" . $Hotspot . "'.") true; -} - -# allow login page to load -:delay 1s; - -$LogPrintExit2 info $0 ("Adding/updating access-list entry for mac address " . $MacAddress . \ - " (user " . $UserName . ").") false; -/interface/wifiwave2/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; -/interface/wifiwave2/access-list/add passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ - mac-address=$MacAddress comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \ - action=reject place-before=$PlaceBefore; - -:local Entry [ /interface/wifiwave2/access-list/find where mac-address=$MacAddress \ - comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) ]; -:set ($Template->"private-passphrase") ($Template->"passphrase"); -:local PrivatePassphrase [ $EitherOr ($UserInfo->"private-passphrase") ($Template->"private-passphrase") ]; -:if ([ :len $PrivatePassphrase ] > 0) do={ - :if ($PrivatePassphrase = "ignore") do={ - /interface/wifiwave2/access-list/set $Entry !passphrase; - } else={ - /interface/wifiwave2/access-list/set $Entry passphrase=$PrivatePassphrase; + :if ([ :len $MacAddress ] = 0 || [ :len $UserName ] = 0) do={ + $LogPrintExit2 error $ScriptName ("This script is supposed to run from hotspot on login.") true; } -} -:local SsidRegexp [ $EitherOr ($UserInfo->"ssid-regexp") ($Template->"ssid-regexp") ]; -:if ([ :len $SsidRegexp ] > 0) do={ - /interface/wifiwave2/access-list/set $Entry ssid-regexp=$SsidRegexp; -} -:local VlanId [ $EitherOr ($UserInfo->"vlan-id") ($Template->"vlan-id") ]; -:if ([ :len $VlanId ] > 0) do={ - /interface/wifiwave2/access-list/set $Entry vlan-id=$VlanId; + + :local Date [ /system/clock/get date ]; + :local UserVal ({}); + :if ([ :len [ /ip/hotspot/user/find where name=$UserName ] ] > 0) do={ + :set UserVal [ /ip/hotspot/user/get [ find where name=$UserName ] ]; + } + :local UserInfo [ $ParseKeyValueStore ($UserVal->"comment") ]; + :local Hotspot [ /ip/hotspot/host/get [ find where mac-address=$MacAddress authorized ] server ]; + + :if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ + /interface/wifiwave2/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; + $LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'.") false; + } + :local PlaceBefore ([ /interface/wifiwave2/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); + + :if ([ :len [ /interface/wifiwave2/access-list/find where \ + comment=("hotspot-to-wpa template " . $Hotspot) disabled ] ] = 0) do={ + /interface/wifiwave2/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; + $LogPrintExit2 warning $ScriptName ("Added template in access-list for hotspot '" . $Hotspot . "'.") false; + } + :local Template [ /interface/wifiwave2/access-list/get ([ find where \ + comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ]; + + :if ($Template->"action" = "reject") do={ + $LogPrintExit2 info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'.") true; + } + + # allow login page to load + :delay 1s; + + $LogPrintExit2 info $ScriptName ("Adding/updating access-list entry for mac address " . $MacAddress . \ + " (user " . $UserName . ").") false; + /interface/wifiwave2/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; + /interface/wifiwave2/access-list/add passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ + mac-address=$MacAddress comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \ + action=reject place-before=$PlaceBefore; + + :local Entry [ /interface/wifiwave2/access-list/find where mac-address=$MacAddress \ + comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) ]; + :set ($Template->"private-passphrase") ($Template->"passphrase"); + :local PrivatePassphrase [ $EitherOr ($UserInfo->"private-passphrase") ($Template->"private-passphrase") ]; + :if ([ :len $PrivatePassphrase ] > 0) do={ + :if ($PrivatePassphrase = "ignore") do={ + /interface/wifiwave2/access-list/set $Entry !passphrase; + } else={ + /interface/wifiwave2/access-list/set $Entry passphrase=$PrivatePassphrase; + } + } + :local SsidRegexp [ $EitherOr ($UserInfo->"ssid-regexp") ($Template->"ssid-regexp") ]; + :if ([ :len $SsidRegexp ] > 0) do={ + /interface/wifiwave2/access-list/set $Entry ssid-regexp=$SsidRegexp; + } + :local VlanId [ $EitherOr ($UserInfo->"vlan-id") ($Template->"vlan-id") ]; + :if ([ :len $VlanId ] > 0) do={ + /interface/wifiwave2/access-list/set $Entry vlan-id=$VlanId; + } + + :delay 2s; + /interface/wifiwave2/access-list/set $Entry action=accept; } -:delay 2s; -/interface/wifiwave2/access-list/set $Entry action=accept; +$Main [ :jobname ] $"mac-address" $username; From 85dbe3a868e4522311d78ba57595356ef756e421 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:01 +0100 Subject: [PATCH 211/908] ipsec-to-dns: move code into function --- ipsec-to-dns.rsc | 105 +++++++++++++++++++++++++---------------------- 1 file changed, 55 insertions(+), 50 deletions(-) diff --git a/ipsec-to-dns.rsc b/ipsec-to-dns.rsc index 512ef68..ff445e6 100644 --- a/ipsec-to-dns.rsc +++ b/ipsec-to-dns.rsc @@ -8,67 +8,72 @@ # and add/remove/update DNS entries from IPSec mode-config # https://git.eworm.de/cgit/routeros-scripts/about/doc/ipsec-to-dns.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global Domain; -:global HostNameInZone; -:global Identity; -:global PrefixInZone; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global CharacterReplace; -:global EscapeForRegEx; -:global IfThenElse; -:global LogPrintExit2; -:global ScriptLock; + :global Domain; + :global HostNameInZone; + :global Identity; + :global PrefixInZone; -$ScriptLock $0; + :global CharacterReplace; + :global EscapeForRegEx; + :global IfThenElse; + :global LogPrintExit2; + :global ScriptLock; -:local Zone \ - ([ $IfThenElse ($PrefixInZone = true) "ipsec." ] . \ - [ $IfThenElse ($HostNameInZone = true) ($Identity . ".") ] . $Domain); -:local Ttl 5m; -:local CommentPrefix ("managed by " . $0 . " for "); -:local CommentString ("--- " . $0 . " above ---"); + $ScriptLock $ScriptName; -:if ([ :len [ /ip/dns/static/find where (name=$CommentString or (comment=$CommentString and name=-)) type=NXDOMAIN disabled ] ] = 0) do={ - /ip/dns/static/add name=$CommentString type=NXDOMAIN disabled=yes; - $LogPrintExit2 warning $0 ("Added disabled static dns record with name '" . $CommentString . "'.") false; -} -:local PlaceBefore ([ /ip/dns/static/find where (name=$CommentString or (comment=$CommentString and name=-)) type=NXDOMAIN disabled ]->0); + :local Zone \ + ([ $IfThenElse ($PrefixInZone = true) "ipsec." ] . \ + [ $IfThenElse ($HostNameInZone = true) ($Identity . ".") ] . $Domain); + :local Ttl 5m; + :local CommentPrefix ("managed by " . $ScriptName . " for "); + :local CommentString ("--- " . $ScriptName . " above ---"); -:foreach DnsRecord in=[ /ip/dns/static/find where comment~("^" . $CommentPrefix) ] do={ - :local DnsRecordVal [ /ip/dns/static/get $DnsRecord ]; - :local PeerId [ $CharacterReplace ($DnsRecordVal->"comment") $CommentPrefix "" ]; - :if ([ :len [ /ip/ipsec/active-peers/find where id~("^(CN=)?" . [ $EscapeForRegEx $PeerId ] . "\$") \ - dynamic-address=($DnsRecordVal->"address") ] ] > 0) do={ - $LogPrintExit2 debug $0 ("Peer " . $PeerId . " (" . $DnsRecordVal->"name" . ") still exists. Not deleting DNS entry.") false; - } else={ - :local Found false; - $LogPrintExit2 info $0 ("Peer " . $PeerId . " (" . $DnsRecordVal->"name" . ") has gone, deleting DNS entry.") false; - /ip/dns/static/remove $DnsRecord; + :if ([ :len [ /ip/dns/static/find where (name=$CommentString or (comment=$CommentString and name=-)) type=NXDOMAIN disabled ] ] = 0) do={ + /ip/dns/static/add name=$CommentString type=NXDOMAIN disabled=yes; + $LogPrintExit2 warning $ScriptName ("Added disabled static dns record with name '" . $CommentString . "'.") false; } -} + :local PlaceBefore ([ /ip/dns/static/find where (name=$CommentString or (comment=$CommentString and name=-)) type=NXDOMAIN disabled ]->0); -:foreach Peer in=[ /ip/ipsec/active-peers/find where !(dynamic-address=[]) ] do={ - :local PeerVal [ /ip/ipsec/active-peers/get $Peer ]; - :local PeerId [ $CharacterReplace ($PeerVal->"id") "CN=" "" ]; - :local Comment ($CommentPrefix . $PeerId); - :local HostName [ :pick $PeerId 0 [ :find ($PeerId . ".") "." ] ]; - - :local Fqdn ($HostName . "." . $Zone); - :local DnsRecord [ /ip/dns/static/find where name=$Fqdn ]; - :if ([ :len $DnsRecord ] > 0) do={ - :local DnsIp [ /ip/dns/static/get $DnsRecord address ]; - :if ($DnsIp = $PeerVal->"dynamic-address") do={ - $LogPrintExit2 debug $0 ("DNS entry for " . $Fqdn . " does not need updating.") false; + :foreach DnsRecord in=[ /ip/dns/static/find where comment~("^" . $CommentPrefix) ] do={ + :local DnsRecordVal [ /ip/dns/static/get $DnsRecord ]; + :local PeerId [ $CharacterReplace ($DnsRecordVal->"comment") $CommentPrefix "" ]; + :if ([ :len [ /ip/ipsec/active-peers/find where id~("^(CN=)?" . [ $EscapeForRegEx $PeerId ] . "\$") \ + dynamic-address=($DnsRecordVal->"address") ] ] > 0) do={ + $LogPrintExit2 debug $ScriptName ("Peer " . $PeerId . " (" . $DnsRecordVal->"name" . ") still exists. Not deleting DNS entry.") false; } else={ - $LogPrintExit2 info $0 ("Replacing DNS entry for " . $Fqdn . ", new address is " . $PeerVal->"dynamic-address" . ".") false; - /ip/dns/static/set name=$Fqdn address=($PeerVal->"dynamic-address") ttl=$Ttl comment=$Comment $DnsRecord; + :local Found false; + $LogPrintExit2 info $ScriptName ("Peer " . $PeerId . " (" . $DnsRecordVal->"name" . ") has gone, deleting DNS entry.") false; + /ip/dns/static/remove $DnsRecord; + } + } + + :foreach Peer in=[ /ip/ipsec/active-peers/find where !(dynamic-address=[]) ] do={ + :local PeerVal [ /ip/ipsec/active-peers/get $Peer ]; + :local PeerId [ $CharacterReplace ($PeerVal->"id") "CN=" "" ]; + :local Comment ($CommentPrefix . $PeerId); + :local HostName [ :pick $PeerId 0 [ :find ($PeerId . ".") "." ] ]; + + :local Fqdn ($HostName . "." . $Zone); + :local DnsRecord [ /ip/dns/static/find where name=$Fqdn ]; + :if ([ :len $DnsRecord ] > 0) do={ + :local DnsIp [ /ip/dns/static/get $DnsRecord address ]; + :if ($DnsIp = $PeerVal->"dynamic-address") do={ + $LogPrintExit2 debug $ScriptName ("DNS entry for " . $Fqdn . " does not need updating.") false; + } else={ + $LogPrintExit2 info $ScriptName ("Replacing DNS entry for " . $Fqdn . ", new address is " . $PeerVal->"dynamic-address" . ".") false; + /ip/dns/static/set name=$Fqdn address=($PeerVal->"dynamic-address") ttl=$Ttl comment=$Comment $DnsRecord; + } + } else={ + $LogPrintExit2 info $ScriptName ("Adding new DNS entry for " . $Fqdn . ", address is " . $PeerVal->"dynamic-address" . ".") false; + /ip/dns/static/add name=$Fqdn address=($PeerVal->"dynamic-address") ttl=$Ttl comment=$Comment place-before=$PlaceBefore; } - } else={ - $LogPrintExit2 info $0 ("Adding new DNS entry for " . $Fqdn . ", address is " . $PeerVal->"dynamic-address" . ".") false; - /ip/dns/static/add name=$Fqdn address=($PeerVal->"dynamic-address") ttl=$Ttl comment=$Comment place-before=$PlaceBefore; } } + +$Main [ :jobname ]; From d6ea66ccd3e2d943808cf001574b3cf979f6231c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:01 +0100 Subject: [PATCH 212/908] ipv6-update: move code into function --- ipv6-update.rsc | 110 +++++++++++++++++++++++++----------------------- 1 file changed, 57 insertions(+), 53 deletions(-) diff --git a/ipv6-update.rsc b/ipv6-update.rsc index 1d7207b..350fc4b 100644 --- a/ipv6-update.rsc +++ b/ipv6-update.rsc @@ -8,74 +8,78 @@ # update firewall and dns settings on IPv6 prefix change # https://git.eworm.de/cgit/routeros-scripts/about/doc/ipv6-update.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local PdPrefix $"pd-prefix"; +:local Main do={ + :local ScriptName [ :tostr $1 ]; + :local PdPrefix $2; -:global LogPrintExit2; -:global ParseKeyValueStore; -:global ScriptLock; + :global LogPrintExit2; + :global ParseKeyValueStore; + :global ScriptLock; -$ScriptLock $0; + $ScriptLock $ScriptName; -:if ([ :typeof $PdPrefix ] = "nothing") do={ - $LogPrintExit2 error $0 ("This script is supposed to run from ipv6 dhcp-client.") true; -} + :if ([ :typeof $PdPrefix ] = "nothing") do={ + $LogPrintExit2 error $ScriptName ("This script is supposed to run from ipv6 dhcp-client.") true; + } -:local Pool [ /ipv6/pool/get [ find where prefix=$PdPrefix ] name ]; -:if ([ :len [ /ipv6/firewall/address-list/find where comment=("ipv6-pool-" . $Pool) ] ] = 0) do={ - /ipv6/firewall/address-list/add list=("ipv6-pool-" . $Pool) address=:: comment=("ipv6-pool-" . $Pool); - $LogPrintExit2 warning $0 ("Added ipv6 address list entry for ipv6-pool-" . $Pool) false; -} -:local AddrList [ /ipv6/firewall/address-list/find where comment=("ipv6-pool-" . $Pool) ]; -:local OldPrefix [ /ipv6/firewall/address-list/get ($AddrList->0) address ]; + :local Pool [ /ipv6/pool/get [ find where prefix=$PdPrefix ] name ]; + :if ([ :len [ /ipv6/firewall/address-list/find where comment=("ipv6-pool-" . $Pool) ] ] = 0) do={ + /ipv6/firewall/address-list/add list=("ipv6-pool-" . $Pool) address=:: comment=("ipv6-pool-" . $Pool); + $LogPrintExit2 warning $ScriptName ("Added ipv6 address list entry for ipv6-pool-" . $Pool) false; + } + :local AddrList [ /ipv6/firewall/address-list/find where comment=("ipv6-pool-" . $Pool) ]; + :local OldPrefix [ /ipv6/firewall/address-list/get ($AddrList->0) address ]; -:if ($OldPrefix != $PdPrefix) do={ - $LogPrintExit2 info $0 ("Updating IPv6 address list with new IPv6 prefix " . $PdPrefix) false; - /ipv6/firewall/address-list/set address=$PdPrefix $AddrList; + :if ($OldPrefix != $PdPrefix) do={ + $LogPrintExit2 info $ScriptName ("Updating IPv6 address list with new IPv6 prefix " . $PdPrefix) false; + /ipv6/firewall/address-list/set address=$PdPrefix $AddrList; - # give the interfaces a moment to receive their addresses - :delay 2s; + # give the interfaces a moment to receive their addresses + :delay 2s; - :foreach ListEntry in=[ /ipv6/firewall/address-list/find where comment~("^ipv6-pool-" . $Pool . ",") ] do={ - :local ListEntryVal [ /ipv6/firewall/address-list/get $ListEntry ]; - :local Comment [ $ParseKeyValueStore ($ListEntryVal->"comment") ]; + :foreach ListEntry in=[ /ipv6/firewall/address-list/find where comment~("^ipv6-pool-" . $Pool . ",") ] do={ + :local ListEntryVal [ /ipv6/firewall/address-list/get $ListEntry ]; + :local Comment [ $ParseKeyValueStore ($ListEntryVal->"comment") ]; - :local Prefix [ /ipv6/address/find where from-pool=$Pool interface=($Comment->"interface") global ]; - :if ([ :len $Prefix ] = 1) do={ - :set Prefix [ /ipv6/address/get $Prefix address ]; + :local Prefix [ /ipv6/address/find where from-pool=$Pool interface=($Comment->"interface") global ]; + :if ([ :len $Prefix ] = 1) do={ + :set Prefix [ /ipv6/address/get $Prefix address ]; - :if ([ :typeof [ :find ($ListEntryVal->"address") "/128" ] ] = "num" ) do={ + :if ([ :typeof [ :find ($ListEntryVal->"address") "/128" ] ] = "num" ) do={ + :set Prefix ([ :toip6 [ :pick $Prefix 0 [ :find $Prefix "/64" ] ] ] & ffff:ffff:ffff:ffff::); + :local Address ($ListEntryVal->"address"); + :local Address ($Prefix | ([ :toip6 [ :pick $Address 0 [ :find $Address "/128" ] ] ] & ::ffff:ffff:ffff:ffff)); + + $LogPrintExit2 info $ScriptName ("Updating IPv6 address list with new IPv6 host address " . $Address . \ + " from interface " . ($Comment->"interface")) false; + /ipv6/firewall/address-list/set address=$Address $ListEntry; + } else={ + $LogPrintExit2 info $ScriptName ("Updating IPv6 address list with new IPv6 prefix " . $Prefix . \ + " from interface " . ($Comment->"interface")) false; + /ipv6/firewall/address-list/set address=$Prefix $ListEntry; + } + } + } + + :foreach Record in=[ /ip/dns/static/find where comment~("^ipv6-pool-" . $Pool . ",") ] do={ + :local RecordVal [ /ip/dns/static/get $Record ]; + :local Comment [ $ParseKeyValueStore ($RecordVal->"comment") ]; + + :local Prefix [ /ipv6/address/find where from-pool=$Pool interface=($Comment->"interface") global ]; + :if ([ :len $Prefix ] = 1) do={ + :set Prefix [ /ipv6/address/get $Prefix address ]; :set Prefix ([ :toip6 [ :pick $Prefix 0 [ :find $Prefix "/64" ] ] ] & ffff:ffff:ffff:ffff::); - :local Address ($ListEntryVal->"address"); - :local Address ($Prefix | ([ :toip6 [ :pick $Address 0 [ :find $Address "/128" ] ] ] & ::ffff:ffff:ffff:ffff)); + :local Address ($Prefix | ([ :toip6 ($RecordVal->"address") ] & ::ffff:ffff:ffff:ffff)); - $LogPrintExit2 info $0 ("Updating IPv6 address list with new IPv6 host address " . $Address . \ - " from interface " . ($Comment->"interface")) false; - /ipv6/firewall/address-list/set address=$Address $ListEntry; - } else={ - $LogPrintExit2 info $0 ("Updating IPv6 address list with new IPv6 prefix " . $Prefix . \ - " from interface " . ($Comment->"interface")) false; - /ipv6/firewall/address-list/set address=$Prefix $ListEntry; + $LogPrintExit2 info $ScriptName ("Updating DNS record for " . ($RecordVal->"name") . \ + ($RecordVal->"regexp") . " to " . $Address) false; + /ip/dns/static/set address=$Address $Record; } } } - - :foreach Record in=[ /ip/dns/static/find where comment~("^ipv6-pool-" . $Pool . ",") ] do={ - :local RecordVal [ /ip/dns/static/get $Record ]; - :local Comment [ $ParseKeyValueStore ($RecordVal->"comment") ]; - - :local Prefix [ /ipv6/address/find where from-pool=$Pool interface=($Comment->"interface") global ]; - :if ([ :len $Prefix ] = 1) do={ - :set Prefix [ /ipv6/address/get $Prefix address ]; - :set Prefix ([ :toip6 [ :pick $Prefix 0 [ :find $Prefix "/64" ] ] ] & ffff:ffff:ffff:ffff::); - :local Address ($Prefix | ([ :toip6 ($RecordVal->"address") ] & ::ffff:ffff:ffff:ffff)); - - $LogPrintExit2 info $0 ("Updating DNS record for " . ($RecordVal->"name") . \ - ($RecordVal->"regexp") . " to " . $Address) false; - /ip/dns/static/set address=$Address $Record; - } - } } + +$Main [ :jobname ] $"pd-prefix"; From 49650d8b14541f96784948e88504629fd24d53ce Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:01 +0100 Subject: [PATCH 213/908] lease-script: move code into function --- lease-script.rsc | 69 +++++++++++++++++++++++++++--------------------- 1 file changed, 39 insertions(+), 30 deletions(-) diff --git a/lease-script.rsc b/lease-script.rsc index aae74f8..d9c7177 100644 --- a/lease-script.rsc +++ b/lease-script.rsc @@ -8,45 +8,54 @@ # run scripts on DHCP lease # https://git.eworm.de/cgit/routeros-scripts/about/doc/lease-script.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global Grep; -:global IfThenElse; -:global LogPrintExit2; -:global ParseKeyValueStore; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; + :local leaseActIP [ :tostr $2 ]; + :local leaseActMAC [ :tostr $2 ]; + :local leaseServerName [ :tostr $2 ]; + :local leaseBound [ :tostr $2 ]; -:if ([ :typeof $leaseActIP ] = "nothing" || \ - [ :typeof $leaseActMAC ] = "nothing" || \ - [ :typeof $leaseServerName ] = "nothing" || \ - [ :typeof $leaseBound ] = "nothing") do={ - $LogPrintExit2 error $0 ("This script is supposed to run from ip dhcp-server.") true; -} + :global Grep; + :global IfThenElse; + :global LogPrintExit2; + :global ParseKeyValueStore; + :global ScriptLock; -$LogPrintExit2 debug $0 ("DHCP Server " . $leaseServerName . " " . [ $IfThenElse ($leaseBound = 0) \ - "de" "" ] . "assigned lease " . $leaseActIP . " to " . $leaseActMAC) false; + :if ([ :typeof $leaseActIP ] = "nothing" || \ + [ :typeof $leaseActMAC ] = "nothing" || \ + [ :typeof $leaseServerName ] = "nothing" || \ + [ :typeof $leaseBound ] = "nothing") do={ + $LogPrintExit2 error $ScriptName ("This script is supposed to run from ip dhcp-server.") true; + } -$ScriptLock $0 false 10; + $LogPrintExit2 debug $ScriptName ("DHCP Server " . $leaseServerName . " " . [ $IfThenElse ($leaseBound = 0) \ + "de" "" ] . "assigned lease " . $leaseActIP . " to " . $leaseActMAC) false; -:if ([ :len [ /system/script/job/find where script=$0 ] ] > 1) do={ - $LogPrintExit2 debug $0 ("More invocations are waiting, exiting early.") true; -} + $ScriptLock $ScriptName false 10; -:local RunOrder ({}); -:foreach Script in=[ /system/script/find where source~("\n# provides: lease-script\\b") ] do={ - :local ScriptVal [ /system/script/get $Script ]; - :local Store [ $ParseKeyValueStore [ $Grep ($ScriptVal->"source") ("\23 provides: lease-script, ") ] ]; + :if ([ :len [ /system/script/job/find where script=$ScriptName ] ] > 1) do={ + $LogPrintExit2 debug $ScriptName ("More invocations are waiting, exiting early.") true; + } - :set ($RunOrder->($Store->"order" . "-" . $ScriptVal->"name")) ($ScriptVal->"name"); -} + :local RunOrder ({}); + :foreach Script in=[ /system/script/find where source~("\n# provides: lease-script\\b") ] do={ + :local ScriptVal [ /system/script/get $Script ]; + :local Store [ $ParseKeyValueStore [ $Grep ($ScriptVal->"source") ("\23 provides: lease-script, ") ] ]; -:foreach Order,Script in=$RunOrder do={ - :do { - $LogPrintExit2 debug $0 ("Running script with order " . $Order . ": " . $Script) false; - /system/script/run $Script; - } on-error={ - $LogPrintExit2 warning $0 ("Running script '" . $Script . "' failed!") false; + :set ($RunOrder->($Store->"order" . "-" . $ScriptVal->"name")) ($ScriptVal->"name"); + } + + :foreach Order,Script in=$RunOrder do={ + :do { + $LogPrintExit2 debug $ScriptName ("Running script with order " . $Order . ": " . $Script) false; + /system/script/run $Script; + } on-error={ + $LogPrintExit2 warning $ScriptName ("Running script '" . $Script . "' failed!") false; + } } } + +$Main [ :jobname ] $leaseActIP $leaseActMAC $leaseServerName $leaseBound; From 50e1c45880d94ce1d746cc9ad8ede4db826731f6 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:01 +0100 Subject: [PATCH 214/908] log-forward: move code into function --- log-forward.rsc | 149 +++++++++++++++++++++++++----------------------- 1 file changed, 77 insertions(+), 72 deletions(-) diff --git a/log-forward.rsc b/log-forward.rsc index 69fa1f1..13b490e 100644 --- a/log-forward.rsc +++ b/log-forward.rsc @@ -8,89 +8,94 @@ # forward log messages via notification # https://git.eworm.de/cgit/routeros-scripts/about/doc/log-forward.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global Identity; -:global LogForwardFilter; -:global LogForwardFilterMessage; -:global LogForwardInclude; -:global LogForwardIncludeMessage; -:global LogForwardLast; -:global LogForwardRateLimit; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global EitherOr; -:global HexToNum; -:global IfThenElse; -:global LogForwardFilterLogForwarding; -:global LogPrintExit2; -:global MAX; -:global ScriptLock; -:global SendNotification2; -:global SymbolForNotification; + :global Identity; + :global LogForwardFilter; + :global LogForwardFilterMessage; + :global LogForwardInclude; + :global LogForwardIncludeMessage; + :global LogForwardLast; + :global LogForwardRateLimit; -$ScriptLock $0; + :global EitherOr; + :global HexToNum; + :global IfThenElse; + :global LogForwardFilterLogForwarding; + :global LogPrintExit2; + :global MAX; + :global ScriptLock; + :global SendNotification2; + :global SymbolForNotification; -:if ([ :typeof $LogForwardRateLimit ] = "nothing") do={ - :set LogForwardRateLimit 0; -} + $ScriptLock $ScriptName; -:if ($LogForwardRateLimit > 30) do={ - :set LogForwardRateLimit ($LogForwardRateLimit - 1); - $LogPrintExit2 info $0 ("Rate limit in action, not forwarding logs, if any!") true; -} + :if ([ :typeof $LogForwardRateLimit ] = "nothing") do={ + :set LogForwardRateLimit 0; + } -:local Count 0; -:local Duplicates false; -:local Last [ $IfThenElse ([ :len $LogForwardLast ] > 0) [ $HexToNum $LogForwardLast ] -1 ]; -:local Messages ""; -:local Warning false; -:local MessageVal; -:local MessageDups ({}); + :if ($LogForwardRateLimit > 30) do={ + :set LogForwardRateLimit ($LogForwardRateLimit - 1); + $LogPrintExit2 info $ScriptName ("Rate limit in action, not forwarding logs, if any!") true; + } -:local LogForwardFilterLogForwardingCached [ $EitherOr [ $LogForwardFilterLogForwarding ] ("\$^") ]; -:foreach Message in=[ /log/find where (!(message="") and \ - !(message~$LogForwardFilterLogForwardingCached) and \ - !(topics~$LogForwardFilter) and !(message~$LogForwardFilterMessage)) or \ - topics~$LogForwardInclude or message~$LogForwardIncludeMessage ] do={ - :set MessageVal [ /log/get $Message ]; - :local Bullet "information"; + :local Count 0; + :local Duplicates false; + :local Last [ $IfThenElse ([ :len $LogForwardLast ] > 0) [ $HexToNum $LogForwardLast ] -1 ]; + :local Messages ""; + :local Warning false; + :local MessageVal; + :local MessageDups ({}); - :if ($Last < [ $HexToNum ($MessageVal->".id") ]) do={ - :local DupCount ($MessageDups->($MessageVal->"message")); - :if ($MessageVal->"topics" ~ "(warning)") do={ - :set Warning true; - :set Bullet "large-orange-circle"; + :local LogForwardFilterLogForwardingCached [ $EitherOr [ $LogForwardFilterLogForwarding ] ("\$^") ]; + :foreach Message in=[ /log/find where (!(message="") and \ + !(message~$LogForwardFilterLogForwardingCached) and \ + !(topics~$LogForwardFilter) and !(message~$LogForwardFilterMessage)) or \ + topics~$LogForwardInclude or message~$LogForwardIncludeMessage ] do={ + :set MessageVal [ /log/get $Message ]; + :local Bullet "information"; + + :if ($Last < [ $HexToNum ($MessageVal->".id") ]) do={ + :local DupCount ($MessageDups->($MessageVal->"message")); + :if ($MessageVal->"topics" ~ "(warning)") do={ + :set Warning true; + :set Bullet "large-orange-circle"; + } + :if ($MessageVal->"topics" ~ "(emergency|alert|critical|error)") do={ + :set Warning true; + :set Bullet "large-red-circle"; + } + :if ($DupCount < 3) do={ + :set Messages ($Messages . "\n" . [ $SymbolForNotification $Bullet ] . \ + $MessageVal->"time" . " " . [ :tostr ($MessageVal->"topics") ] . " " . $MessageVal->"message"); + } else={ + :set Duplicates true; + } + :set ($MessageDups->($MessageVal->"message")) ($DupCount + 1); + :set Count ($Count + 1); } - :if ($MessageVal->"topics" ~ "(emergency|alert|critical|error)") do={ - :set Warning true; - :set Bullet "large-red-circle"; - } - :if ($DupCount < 3) do={ - :set Messages ($Messages . "\n" . [ $SymbolForNotification $Bullet ] . \ - $MessageVal->"time" . " " . [ :tostr ($MessageVal->"topics") ] . " " . $MessageVal->"message"); - } else={ - :set Duplicates true; - } - :set ($MessageDups->($MessageVal->"message")) ($DupCount + 1); - :set Count ($Count + 1); + } + + :if ($Count > 0) do={ + :set LogForwardRateLimit ($LogForwardRateLimit + 10); + + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification [ $IfThenElse ($Warning = true) "warning-sign" "memo" ] ] . \ + "Log Forwarding"); \ + message=("The log on " . $Identity . " contains " . [ $IfThenElse ($Count = 1) "this message" \ + ("these " . $Count . " messages") ] . " after " . [ /system/resource/get uptime ] . " uptime." . \ + [ $IfThenElse ($Duplicates = true) (" Multi-repeated messages have been skipped.") ] . \ + [ $IfThenElse ($LogForwardRateLimit > 30) ("\nRate limit in action, delaying forwarding.") ] . \ + "\n" . $Messages) }); + + :set LogForwardLast ($MessageVal->".id"); + } else={ + :set LogForwardRateLimit [ $MAX 0 ($LogForwardRateLimit - 1) ]; } } -:if ($Count > 0) do={ - :set LogForwardRateLimit ($LogForwardRateLimit + 10); - - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification [ $IfThenElse ($Warning = true) "warning-sign" "memo" ] ] . \ - "Log Forwarding"); \ - message=("The log on " . $Identity . " contains " . [ $IfThenElse ($Count = 1) "this message" \ - ("these " . $Count . " messages") ] . " after " . [ /system/resource/get uptime ] . " uptime." . \ - [ $IfThenElse ($Duplicates = true) (" Multi-repeated messages have been skipped.") ] . \ - [ $IfThenElse ($LogForwardRateLimit > 30) ("\nRate limit in action, delaying forwarding.") ] . \ - "\n" . $Messages) }); - - :set LogForwardLast ($MessageVal->".id"); -} else={ - :set LogForwardRateLimit [ $MAX 0 ($LogForwardRateLimit - 1) ]; -} +$Main [ :jobname ]; From 400516295ed5187278b0e6791fc4dc98914cf840 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:01 +0100 Subject: [PATCH 215/908] mode-button: move code into function --- mode-button.rsc | 107 +++++++++++++++++++++++++----------------------- 1 file changed, 56 insertions(+), 51 deletions(-) diff --git a/mode-button.rsc b/mode-button.rsc index 372b2de..0cd9167 100644 --- a/mode-button.rsc +++ b/mode-button.rsc @@ -8,71 +8,76 @@ # act on multiple mode and reset button presses # https://git.eworm.de/cgit/routeros-scripts/about/doc/mode-button.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global ModeButton; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global LogPrintExit2; + :global ModeButton; -:set ($ModeButton->"count") ($ModeButton->"count" + 1); + :global LogPrintExit2; -:local Scheduler [ /system/scheduler/find where name="_ModeButtonScheduler" ]; + :set ($ModeButton->"count") ($ModeButton->"count" + 1); -:if ([ :len $Scheduler ] = 0) do={ - $LogPrintExit2 info $0 ("Creating scheduler _ModeButtonScheduler, counting presses...") false; - :global ModeButtonScheduler do={ - :global ModeButton; + :local Scheduler [ /system/scheduler/find where name="_ModeButtonScheduler" ]; - :global LogPrintExit2; - :global ModeButtonScheduler; - :global ValidateSyntax; + :if ([ :len $Scheduler ] = 0) do={ + $LogPrintExit2 info $ScriptName ("Creating scheduler _ModeButtonScheduler, counting presses...") false; + :global ModeButtonScheduler do={ + :global ModeButton; - :local LEDInvert do={ - :global ModeButtonLED; + :global LogPrintExit2; + :global ModeButtonScheduler; + :global ValidateSyntax; - :global IfThenElse; + :local LEDInvert do={ + :global ModeButtonLED; - :local LED [ /system/leds/find where leds=$ModeButtonLED type~"^(on|off)\$" interface=[] ]; - :if ([ :len $LED ] = 0) do={ - :return false; - } - /system/leds/set type=[ $IfThenElse ([ get $LED type ] = "on") "off" "on" ] $LED; - } + :global IfThenElse; - :local Count ($ModeButton->"count"); - :local Code ($ModeButton->[ :tostr $Count ]); - - :set ($ModeButton->"count") 0; - :set ModeButtonScheduler; - /system/scheduler/remove [ find where name="_ModeButtonScheduler" ]; - - :if ([ :len $Code ] > 0) do={ - :if ([ $ValidateSyntax $Code ] = true) do={ - $LogPrintExit2 info $0 ("Acting on " . $Count . " mode-button presses: " . $Code) false; - - :for I from=1 to=$Count do={ - $LEDInvert; - :if ([ /system/routerboard/settings/get silent-boot ] = false) do={ - :beep length=200ms; - } - :delay 200ms; - $LEDInvert; - :delay 200ms; + :local LED [ /system/leds/find where leds=$ModeButtonLED type~"^(on|off)\$" interface=[] ]; + :if ([ :len $LED ] = 0) do={ + :return false; } - - [ :parse $Code ]; - } else={ - $LogPrintExit2 warning $0 ("The code for " . $Count . " mode-button presses failed syntax validation!") false; + /system/leds/set type=[ $IfThenElse ([ get $LED type ] = "on") "off" "on" ] $LED; + } + + :local Count ($ModeButton->"count"); + :local Code ($ModeButton->[ :tostr $Count ]); + + :set ($ModeButton->"count") 0; + :set ModeButtonScheduler; + /system/scheduler/remove [ find where name="_ModeButtonScheduler" ]; + + :if ([ :len $Code ] > 0) do={ + :if ([ $ValidateSyntax $Code ] = true) do={ + $LogPrintExit2 info $ScriptName ("Acting on " . $Count . " mode-button presses: " . $Code) false; + + :for I from=1 to=$Count do={ + $LEDInvert; + :if ([ /system/routerboard/settings/get silent-boot ] = false) do={ + :beep length=200ms; + } + :delay 200ms; + $LEDInvert; + :delay 200ms; + } + + [ :parse $Code ]; + } else={ + $LogPrintExit2 warning $ScriptName ("The code for " . $Count . " mode-button presses failed syntax validation!") false; + } + } else={ + $LogPrintExit2 info $ScriptName ("No action defined for " . $Count . " mode-button presses.") false; } - } else={ - $LogPrintExit2 info $0 ("No action defined for " . $Count . " mode-button presses.") false; } + /system/scheduler/add name="_ModeButtonScheduler" \ + on-event=":global ModeButtonScheduler; \$ModeButtonScheduler;" interval=3s; + } else={ + $LogPrintExit2 debug $ScriptName ("Updating scheduler _ModeButtonScheduler...") false; + /system/scheduler/set $Scheduler start-time=[ /system/clock/get time ]; } - /system/scheduler/add name="_ModeButtonScheduler" \ - on-event=":global ModeButtonScheduler; \$ModeButtonScheduler;" interval=3s; -} else={ - $LogPrintExit2 debug $0 ("Updating scheduler _ModeButtonScheduler...") false; - /system/scheduler/set $Scheduler start-time=[ /system/clock/get time ]; } + +$Main [ :jobname ]; From 458fd1fdcd6b354d0addfd814f4e10c0443d5d53 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:01 +0100 Subject: [PATCH 216/908] netwatch-dns: move code into function --- netwatch-dns.rsc | 191 ++++++++++++++++++++++++----------------------- 1 file changed, 98 insertions(+), 93 deletions(-) diff --git a/netwatch-dns.rsc b/netwatch-dns.rsc index 3b98a32..45c12d4 100644 --- a/netwatch-dns.rsc +++ b/netwatch-dns.rsc @@ -8,116 +8,121 @@ # monitor and manage dns/doh with netwatch # https://git.eworm.de/cgit/routeros-scripts/about/doc/netwatch-dns.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global CertificateAvailable; -:global EitherOr; -:global LogPrintExit2; -:global ParseKeyValueStore; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0; + :global CertificateAvailable; + :global EitherOr; + :global LogPrintExit2; + :global ParseKeyValueStore; + :global ScriptLock; -:local SettleTime (5m30s - [ /system/resource/get uptime ]); -:if ($SettleTime > 0s) do={ - $LogPrintExit2 info $0 ("System just booted, giving netwatch " . $SettleTime . " to settle.") true; -} + $ScriptLock $ScriptName; -:local DnsServers ({}); -:local DnsFallback ({}); -:local DnsCurrent [ /ip/dns/get servers ]; + :local SettleTime (5m30s - [ /system/resource/get uptime ]); + :if ($SettleTime > 0s) do={ + $LogPrintExit2 info $ScriptName ("System just booted, giving netwatch " . $SettleTime . " to settle.") true; + } -:foreach Host in=[ /tool/netwatch/find where comment~"\\bdns\\b" status="up" ] do={ - :local HostVal [ /tool/netwatch/get $Host ]; - :local HostInfo [ $ParseKeyValueStore ($HostVal->"comment") ]; + :local DnsServers ({}); + :local DnsFallback ({}); + :local DnsCurrent [ /ip/dns/get servers ]; - :if ($HostInfo->"disabled" != true) do={ - :if ($HostInfo->"dns" = true) do={ - :set DnsServers ($DnsServers, $HostVal->"host"); - } - :if ($HostInfo->"dns-fallback" = true) do={ - :set DnsFallback ($DnsFallback, $HostVal->"host"); + :foreach Host in=[ /tool/netwatch/find where comment~"\\bdns\\b" status="up" ] do={ + :local HostVal [ /tool/netwatch/get $Host ]; + :local HostInfo [ $ParseKeyValueStore ($HostVal->"comment") ]; + + :if ($HostInfo->"disabled" != true) do={ + :if ($HostInfo->"dns" = true) do={ + :set DnsServers ($DnsServers, $HostVal->"host"); + } + :if ($HostInfo->"dns-fallback" = true) do={ + :set DnsFallback ($DnsFallback, $HostVal->"host"); + } } } -} -:if ([ :len $DnsServers ] > 0) do={ - :if ($DnsServers != $DnsCurrent) do={ - $LogPrintExit2 info $0 ("Updating DNS servers: " . [ :tostr $DnsServers ]) false; - /ip/dns/set servers=$DnsServers; + :if ([ :len $DnsServers ] > 0) do={ + :if ($DnsServers != $DnsCurrent) do={ + $LogPrintExit2 info $ScriptName ("Updating DNS servers: " . [ :tostr $DnsServers ]) false; + /ip/dns/set servers=$DnsServers; + /ip/dns/cache/flush; + } + } else={ + :if ([ :len $DnsFallback ] > 0) do={ + :if ($DnsFallback != $DnsCurrent) do={ + $LogPrintExit2 info $ScriptName ("Updating DNS servers to fallback: " . \ + [ :tostr $DnsFallback ]) false; + /ip/dns/set servers=$DnsFallback; + /ip/dns/cache/flush; + } + } + } + + :local DohCurrent [ /ip/dns/get use-doh-server ]; + :local DohServers ({}); + + :foreach Host in=[ /tool/netwatch/find where comment~"\\bdoh\\b" status="up" ] do={ + :local HostVal [ /tool/netwatch/get $Host ]; + :local HostInfo [ $ParseKeyValueStore ($HostVal->"comment") ]; + :local HostName [ /ip/dns/static/find where name address=($HostVal->"host") \ + (!type or type="A" or type="AAAA") !disabled !dynamic ]; + :if ([ :len $HostName ] > 0) do={ + :set HostName [ /ip/dns/static/get ($HostName->0) name ]; + } + + :if ($HostInfo->"doh" = true && $HostInfo->"disabled" != true) do={ + :if ([ :len ($HostInfo->"doh-url") ] = 0) do={ + :set ($HostInfo->"doh-url") ("https://" . [ $EitherOr $HostName ($HostVal->"host") ] . "/dns-query"); + } + + :if ($DohCurrent = $HostInfo->"doh-url") do={ + $LogPrintExit2 debug $ScriptName ("Current DoH server is still up: " . $DohCurrent) true; + } + + :set ($DohServers->[ :len $DohServers ]) $HostInfo; + } + } + + :if ([ :len $DohCurrent ] > 0) do={ + $LogPrintExit2 info $ScriptName ("Current DoH server is down, disabling: " . $DohCurrent) false; + /ip/dns/set use-doh-server=""; /ip/dns/cache/flush; } -} else={ - :if ([ :len $DnsFallback ] > 0) do={ - :if ($DnsFallback != $DnsCurrent) do={ - $LogPrintExit2 info $0 ("Updating DNS servers to fallback: " . \ - [ :tostr $DnsFallback ]) false; - /ip/dns/set servers=$DnsFallback; - /ip/dns/cache/flush; - } - } -} -:local DohCurrent [ /ip/dns/get use-doh-server ]; -:local DohServers ({}); - -:foreach Host in=[ /tool/netwatch/find where comment~"\\bdoh\\b" status="up" ] do={ - :local HostVal [ /tool/netwatch/get $Host ]; - :local HostInfo [ $ParseKeyValueStore ($HostVal->"comment") ]; - :local HostName [ /ip/dns/static/find where name address=($HostVal->"host") \ - (!type or type="A" or type="AAAA") !disabled !dynamic ]; - :if ([ :len $HostName ] > 0) do={ - :set HostName [ /ip/dns/static/get ($HostName->0) name ]; - } - - :if ($HostInfo->"doh" = true && $HostInfo->"disabled" != true) do={ - :if ([ :len ($HostInfo->"doh-url") ] = 0) do={ - :set ($HostInfo->"doh-url") ("https://" . [ $EitherOr $HostName ($HostVal->"host") ] . "/dns-query"); + :foreach DohServer in=$DohServers do={ + :if ([ :len ($DohServer->"doh-cert") ] > 0) do={ + :if ([ $CertificateAvailable ($DohServer->"doh-cert") ] = false) do={ + $LogPrintExit2 warning $ScriptName ("Downloading certificate failed, trying without.") false; + } } - :if ($DohCurrent = $HostInfo->"doh-url") do={ - $LogPrintExit2 debug $0 ("Current DoH server is still up: " . $DohCurrent) true; - } - - :set ($DohServers->[ :len $DohServers ]) $HostInfo; - } -} - -:if ([ :len $DohCurrent ] > 0) do={ - $LogPrintExit2 info $0 ("Current DoH server is down, disabling: " . $DohCurrent) false; - /ip/dns/set use-doh-server=""; - /ip/dns/cache/flush; -} - -:foreach DohServer in=$DohServers do={ - :if ([ :len ($DohServer->"doh-cert") ] > 0) do={ - :if ([ $CertificateAvailable ($DohServer->"doh-cert") ] = false) do={ - $LogPrintExit2 warning $0 ("Downloading certificate failed, trying without.") false; - } - } - - :local Data false; - :do { - :set Data ([ /tool/fetch check-certificate=yes-without-crl output=user \ - http-header-field=({ "accept: application/dns-message" }) \ - url=(($DohServer->"doh-url") . "?dns=" . [ :convert to=base64 ([ :rndstr length=2 ] . \ - "\01\00" . "\00\01" . "\00\00" . "\00\00" . "\00\00" . "\09doh-check\05eworm\02de\00" . \ - "\00\10" . "\00\01") ]) as-value ]->"data"); - } on-error={ - $LogPrintExit2 warning $0 ("Request to DoH server failed (network or certificate issue): " . \ - ($DohServer->"doh-url")) false; - } - - :if ($Data != false) do={ - :if ([ :typeof [ :find $Data "doh-check-OK" ] ] = "num") do={ - /ip/dns/set use-doh-server=($DohServer->"doh-url") verify-doh-cert=yes; - /ip/dns/cache/flush; - $LogPrintExit2 info $0 ("Setting DoH server: " . ($DohServer->"doh-url")) true; - } else={ - $LogPrintExit2 warning $0 ("Received unexpected response from DoH server: " . \ + :local Data false; + :do { + :set Data ([ /tool/fetch check-certificate=yes-without-crl output=user \ + http-header-field=({ "accept: application/dns-message" }) \ + url=(($DohServer->"doh-url") . "?dns=" . [ :convert to=base64 ([ :rndstr length=2 ] . \ + "\01\00" . "\00\01" . "\00\00" . "\00\00" . "\00\00" . "\09doh-check\05eworm\02de\00" . \ + "\00\10" . "\00\01") ]) as-value ]->"data"); + } on-error={ + $LogPrintExit2 warning $ScriptName ("Request to DoH server failed (network or certificate issue): " . \ ($DohServer->"doh-url")) false; } + + :if ($Data != false) do={ + :if ([ :typeof [ :find $Data "doh-check-OK" ] ] = "num") do={ + /ip/dns/set use-doh-server=($DohServer->"doh-url") verify-doh-cert=yes; + /ip/dns/cache/flush; + $LogPrintExit2 info $ScriptName ("Setting DoH server: " . ($DohServer->"doh-url")) true; + } else={ + $LogPrintExit2 warning $ScriptName ("Received unexpected response from DoH server: " . \ + ($DohServer->"doh-url")) false; + } + } } } + +$Main [ :jobname ]; From 3c7673891544637ce3086ce380a80e3396102aa4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:01 +0100 Subject: [PATCH 217/908] netwatch-notify: move code into function --- netwatch-notify.rsc | 375 ++++++++++++++++++++++---------------------- 1 file changed, 190 insertions(+), 185 deletions(-) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index 8c59af8..28ab229 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -8,208 +8,213 @@ # monitor netwatch and send notifications # https://git.eworm.de/cgit/routeros-scripts/about/doc/netwatch-notify.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global NetwatchNotify; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global EitherOr; -:global IfThenElse; -:global IsDNSResolving; -:global LogPrintExit2; -:global ParseKeyValueStore; -:global ScriptFromTerminal; -:global ScriptLock; -:global SendNotification2; -:global SymbolForNotification; - -:local NetwatchNotifyHook do={ - :local Name [ :tostr $1 ]; - :local Type [ :tostr $2 ]; - :local State [ :tostr $3 ]; - :local Hook [ :tostr $4 ]; + :global NetwatchNotify; + :global EitherOr; + :global IfThenElse; + :global IsDNSResolving; :global LogPrintExit2; - :global ValidateSyntax; + :global ParseKeyValueStore; + :global ScriptFromTerminal; + :global ScriptLock; + :global SendNotification2; + :global SymbolForNotification; - :if ([ $ValidateSyntax $Hook ] = true) do={ - :do { - [ :parse $Hook ]; - } on-error={ + :local NetwatchNotifyHook do={ + :local Name [ :tostr $1 ]; + :local Type [ :tostr $2 ]; + :local State [ :tostr $3 ]; + :local Hook [ :tostr $4 ]; + + :global LogPrintExit2; + :global ValidateSyntax; + + :if ([ $ValidateSyntax $Hook ] = true) do={ + :do { + [ :parse $Hook ]; + } on-error={ + $LogPrintExit2 warning $0 ("The " . $State . "-hook for " . $Type . " '" . $Name . \ + "' failed to run.") false; + :return ("The hook failed to run."); + } + } else={ $LogPrintExit2 warning $0 ("The " . $State . "-hook for " . $Type . " '" . $Name . \ - "' failed to run.") false; - :return ("The hook failed to run."); - } - } else={ - $LogPrintExit2 warning $0 ("The " . $State . "-hook for " . $Type . " '" . $Name . \ - "' failed syntax validation.") false; - :return ("The hook failed syntax validation."); - } - - $LogPrintExit2 info $0 ("Ran hook on " . $Type . " '" . $Name . "' " . $State . ": " . \ - $Hook) false; - :return ("Ran hook:\n" . $Hook); -} - -:local ResolveExpected do={ - :local Name [ :tostr $1 ]; - :local Expected [ :tostr $2 ]; - - :global GetRandom20CharAlNum; - - :local FwAddrList ($0 . "-" . [ $GetRandom20CharAlNum ]); - /ip/firewall/address-list/add address=$Name list=$FwAddrList dynamic=yes timeout=1s; - :delay 20ms; - :if ([ :len [ /ip/firewall/address-list/find where list=$FwAddrList address=$Expected ] ] > 0) do={ - :return true; - } - /ipv6/firewall/address-list/add address=$Name list=$FwAddrList dynamic=yes timeout=1s; - :delay 20ms; - :if ([ :len [ /ipv6/firewall/address-list/find where list=$FwAddrList address=$Expected ] ] > 0) do={ - :return true; - } - - :return false; -} - -$ScriptLock $0; - -:local ScriptFromTerminalCached [ $ScriptFromTerminal $0 ]; - -:if ([ :typeof $NetwatchNotify ] = "nothing") do={ - :set NetwatchNotify ({}); -} - -:foreach Host in=[ /tool/netwatch/find where comment~"\\bnotify\\b" !disabled status!="unknown" ] do={ - :local HostVal [ /tool/netwatch/get $Host ]; - :local Type [ $IfThenElse ($HostVal->"type" ~ "^(https?-get|tcp-conn)\$") "service" "host" ]; - :local HostInfo [ $ParseKeyValueStore ($HostVal->"comment") ]; - :local HostDetails ($HostVal->"host" . \ - [ $IfThenElse ([ :len ($HostInfo->"resolve") ] > 0) (", " . $HostInfo->"resolve") ]); - - :if ($HostInfo->"notify" = true && $HostInfo->"disabled" != true) do={ - :local Name [ $EitherOr ($HostInfo->"name") ($HostVal->"name") ]; - - :local Metric { "count-down"=0; "count-up"=0; "notified"=false; "resolve-failcnt"=0 }; - :if ([ :typeof ($NetwatchNotify->$Name) ] = "array") do={ - :set $Metric ($NetwatchNotify->$Name); + "' failed syntax validation.") false; + :return ("The hook failed syntax validation."); } - :if ([ :typeof ($HostInfo->"resolve") ] = "str") do={ - :if ([ $IsDNSResolving ] = true) do={ - :do { - :local Resolve [ :resolve ($HostInfo->"resolve") ]; - :if ($Resolve != $HostVal->"host") do={ - :if ([ $ResolveExpected ($HostInfo->"resolve") ($HostVal->"host") ] = false) do={ - $LogPrintExit2 info $0 ("Name '" . $HostInfo->"resolve" . [ $IfThenElse \ + $LogPrintExit2 info $0 ("Ran hook on " . $Type . " '" . $Name . "' " . $State . ": " . \ + $Hook) false; + :return ("Ran hook:\n" . $Hook); + } + + :local ResolveExpected do={ + :local Name [ :tostr $1 ]; + :local Expected [ :tostr $2 ]; + + :global GetRandom20CharAlNum; + + :local FwAddrList ($0 . "-" . [ $GetRandom20CharAlNum ]); + /ip/firewall/address-list/add address=$Name list=$FwAddrList dynamic=yes timeout=1s; + :delay 20ms; + :if ([ :len [ /ip/firewall/address-list/find where list=$FwAddrList address=$Expected ] ] > 0) do={ + :return true; + } + /ipv6/firewall/address-list/add address=$Name list=$FwAddrList dynamic=yes timeout=1s; + :delay 20ms; + :if ([ :len [ /ipv6/firewall/address-list/find where list=$FwAddrList address=$Expected ] ] > 0) do={ + :return true; + } + + :return false; + } + + $ScriptLock $ScriptName; + + :local ScriptFromTerminalCached [ $ScriptFromTerminal $ScriptName ]; + + :if ([ :typeof $NetwatchNotify ] = "nothing") do={ + :set NetwatchNotify ({}); + } + + :foreach Host in=[ /tool/netwatch/find where comment~"\\bnotify\\b" !disabled status!="unknown" ] do={ + :local HostVal [ /tool/netwatch/get $Host ]; + :local Type [ $IfThenElse ($HostVal->"type" ~ "^(https?-get|tcp-conn)\$") "service" "host" ]; + :local HostInfo [ $ParseKeyValueStore ($HostVal->"comment") ]; + :local HostDetails ($HostVal->"host" . \ + [ $IfThenElse ([ :len ($HostInfo->"resolve") ] > 0) (", " . $HostInfo->"resolve") ]); + + :if ($HostInfo->"notify" = true && $HostInfo->"disabled" != true) do={ + :local Name [ $EitherOr ($HostInfo->"name") ($HostVal->"name") ]; + + :local Metric { "count-down"=0; "count-up"=0; "notified"=false; "resolve-failcnt"=0 }; + :if ([ :typeof ($NetwatchNotify->$Name) ] = "array") do={ + :set $Metric ($NetwatchNotify->$Name); + } + + :if ([ :typeof ($HostInfo->"resolve") ] = "str") do={ + :if ([ $IsDNSResolving ] = true) do={ + :do { + :local Resolve [ :resolve ($HostInfo->"resolve") ]; + :if ($Resolve != $HostVal->"host") do={ + :if ([ $ResolveExpected ($HostInfo->"resolve") ($HostVal->"host") ] = false) do={ + $LogPrintExit2 info $ScriptName ("Name '" . $HostInfo->"resolve" . [ $IfThenElse \ + ($HostInfo->"resolve" != $HostInfo->"name") ("' for " . $Type . " '" . \ + $HostInfo->"name") "" ] . "' resolves to different address " . $Resolve . \ + ", updating.") false; + /tool/netwatch/set host=$Resolve $Host; + :set ($Metric->"resolve-failcnt") 0; + :set ($HostVal->"status") "unknown"; + } + } + } on-error={ + :set ($Metric->"resolve-failcnt") ($Metric->"resolve-failcnt" + 1); + :if ($Metric->"resolve-failcnt" = 3) do={ + $LogPrintExit2 warning $ScriptName ("Resolving name '" . $HostInfo->"resolve" . [ $IfThenElse \ ($HostInfo->"resolve" != $HostInfo->"name") ("' for " . $Type . " '" . \ - $HostInfo->"name") "" ] . "' resolves to different address " . $Resolve . \ - ", updating.") false; - /tool/netwatch/set host=$Resolve $Host; - :set ($Metric->"resolve-failcnt") 0; - :set ($HostVal->"status") "unknown"; + $HostInfo->"name") "" ] . "' failed.") false; } } - } on-error={ - :set ($Metric->"resolve-failcnt") ($Metric->"resolve-failcnt" + 1); - :if ($Metric->"resolve-failcnt" = 3) do={ - $LogPrintExit2 warning $0 ("Resolving name '" . $HostInfo->"resolve" . [ $IfThenElse \ - ($HostInfo->"resolve" != $HostInfo->"name") ("' for " . $Type . " '" . \ - $HostInfo->"name") "" ] . "' failed.") false; + } + } + + :if ($HostVal->"status" = "up") do={ + :local CountDown ($Metric->"count-down"); + :if ($CountDown > 0) do={ + $LogPrintExit2 info $ScriptName \ + ("The " . $Type . " '" . $Name . "' (" . $HostDetails . ") is up.") false; + :set ($Metric->"count-down") 0; + } + :set ($Metric->"count-up") ($Metric->"count-up" + 1); + :if ($Metric->"notified" = true) do={ + :local Message ("The " . $Type . " '" . $Name . "' (" . $HostDetails . \ + ") is up since " . $HostVal->"since" . ".\n" . \ + "It was down for " . $CountDown . " checks since " . ($Metric->"since") . "."); + :if ([ :typeof ($HostInfo->"note") ] = "str") do={ + :set Message ($Message . "\n\nNote:\n" . ($HostInfo->"note")); } - } - } - } - - :if ($HostVal->"status" = "up") do={ - :local CountDown ($Metric->"count-down"); - :if ($CountDown > 0) do={ - $LogPrintExit2 info $0 \ - ("The " . $Type . " '" . $Name . "' (" . $HostDetails . ") is up.") false; - :set ($Metric->"count-down") 0; - } - :set ($Metric->"count-up") ($Metric->"count-up" + 1); - :if ($Metric->"notified" = true) do={ - :local Message ("The " . $Type . " '" . $Name . "' (" . $HostDetails . \ - ") is up since " . $HostVal->"since" . ".\n" . \ - "It was down for " . $CountDown . " checks since " . ($Metric->"since") . "."); - :if ([ :typeof ($HostInfo->"note") ] = "str") do={ - :set Message ($Message . "\n\nNote:\n" . ($HostInfo->"note")); - } - :if ([ :typeof ($HostInfo->"up-hook") ] = "str") do={ - :set Message ($Message . "\n\n" . [ $NetwatchNotifyHook $Name $Type "up" \ - ($HostInfo->"up-hook") ]); - } - $SendNotification2 ({ origin=[ $EitherOr ($HostInfo->"origin") $0 ]; silent=($HostInfo->"silent"); \ - subject=([ $SymbolForNotification "white-heavy-check-mark" ] . "Netwatch Notify: " . $Name . " up"); \ - message=$Message }); - } - :set ($Metric->"notified") false; - :set ($Metric->"parent") ($HostInfo->"parent"); - :set ($Metric->"since"); - } - - :if ($HostVal->"status" = "down") do={ - :set ($Metric->"count-down") ($Metric->"count-down" + 1); - :set ($Metric->"count-up") 0; - :set ($Metric->"parent") ($HostInfo->"parent"); - :set ($Metric->"since") ($HostVal->"since"); - :local CountDown [ $IfThenElse ([ :tonum ($HostInfo->"count") ] > 0) ($HostInfo->"count") 5 ]; - :local Parent ($HostInfo->"parent"); - :local ParentUp false; - :while ([ :len $Parent ] > 0) do={ - :set CountDown ($CountDown + 1); - :set Parent ($NetwatchNotify->$Parent->"parent"); - } - :set Parent ($HostInfo->"parent"); - :local ParentNotified false; - :while ($ParentNotified = false && [ :len $Parent ] > 0) do={ - :set ParentNotified [ $IfThenElse (($NetwatchNotify->$Parent->"notified") = true) \ - true false ]; - :set ParentUp ($NetwatchNotify->$Parent->"count-up"); - :if ($ParentNotified = false) do={ - :set Parent ($NetwatchNotify->$Parent->"parent"); - } - } - :if ($Metric->"notified" = false || $Metric->"count-down" % 120 = 0 || \ - $ScriptFromTerminalCached = true) do={ - $LogPrintExit2 [ $IfThenElse ($HostInfo->"no-down-notification" != true) info debug ] $0 \ - ("The " . $Type . " '" . $Name . "' (" . $HostDetails . ") is down for " . \ - $Metric->"count-down" . " checks, " . [ $IfThenElse ($ParentNotified = false) [ $IfThenElse \ - ($Metric->"notified" = true) ("already notified.") ($CountDown - $Metric->"count-down" . \ - " to go.") ] ("parent " . $Type . " " . $Parent . " is down.") ]) false; - } - :if ((($CountDown * 2) - ($Metric->"count-down" * 3)) / 2 = 0 && \ - [ :typeof ($HostInfo->"pre-down-hook") ] = "str") do={ - $NetwatchNotifyHook $Name $Type "pre-down" ($HostInfo->"pre-down-hook"); - } - :if ($ParentNotified = false && $Metric->"count-down" >= $CountDown && \ - ($ParentUp = false || $ParentUp > 2) && $Metric->"notified" != true) do={ - :local Message ("The " . $Type . " '" . $Name . "' (" . $HostDetails . \ - ") is down since " . $HostVal->"since" . "."); - :if ([ :typeof ($HostInfo->"note") ] = "str") do={ - :set Message ($Message . "\n\nNote:\n" . ($HostInfo->"note")); - } - :if ([ :typeof ($HostInfo->"down-hook") ] = "str") do={ - :set Message ($Message . "\n\n" . [ $NetwatchNotifyHook $Name $Type "down" \ - ($HostInfo->"down-hook") ]); - } - :if ($HostInfo->"no-down-notification" != true) do={ - $SendNotification2 ({ origin=[ $EitherOr ($HostInfo->"origin") $0 ]; silent=($HostInfo->"silent"); \ - subject=([ $SymbolForNotification "cross-mark" ] . "Netwatch Notify: " . $Name . " down"); \ + :if ([ :typeof ($HostInfo->"up-hook") ] = "str") do={ + :set Message ($Message . "\n\n" . [ $NetwatchNotifyHook $Name $Type "up" \ + ($HostInfo->"up-hook") ]); + } + $SendNotification2 ({ origin=[ $EitherOr ($HostInfo->"origin") $ScriptName ]; silent=($HostInfo->"silent"); \ + subject=([ $SymbolForNotification "white-heavy-check-mark" ] . "Netwatch Notify: " . $Name . " up"); \ message=$Message }); } - :set ($Metric->"notified") true; + :set ($Metric->"notified") false; + :set ($Metric->"parent") ($HostInfo->"parent"); + :set ($Metric->"since"); } - } - :set ($NetwatchNotify->$Name) { - "count-down"=($Metric->"count-down"); - "count-up"=($Metric->"count-up"); - "notified"=($Metric->"notified"); - "parent"=($Metric->"parent"); - "resolve-failcnt"=($Metric->"resolve-failcnt"); - "since"=($Metric->"since") }; + :if ($HostVal->"status" = "down") do={ + :set ($Metric->"count-down") ($Metric->"count-down" + 1); + :set ($Metric->"count-up") 0; + :set ($Metric->"parent") ($HostInfo->"parent"); + :set ($Metric->"since") ($HostVal->"since"); + :local CountDown [ $IfThenElse ([ :tonum ($HostInfo->"count") ] > 0) ($HostInfo->"count") 5 ]; + :local Parent ($HostInfo->"parent"); + :local ParentUp false; + :while ([ :len $Parent ] > 0) do={ + :set CountDown ($CountDown + 1); + :set Parent ($NetwatchNotify->$Parent->"parent"); + } + :set Parent ($HostInfo->"parent"); + :local ParentNotified false; + :while ($ParentNotified = false && [ :len $Parent ] > 0) do={ + :set ParentNotified [ $IfThenElse (($NetwatchNotify->$Parent->"notified") = true) \ + true false ]; + :set ParentUp ($NetwatchNotify->$Parent->"count-up"); + :if ($ParentNotified = false) do={ + :set Parent ($NetwatchNotify->$Parent->"parent"); + } + } + :if ($Metric->"notified" = false || $Metric->"count-down" % 120 = 0 || \ + $ScriptFromTerminalCached = true) do={ + $LogPrintExit2 [ $IfThenElse ($HostInfo->"no-down-notification" != true) info debug ] $ScriptName \ + ("The " . $Type . " '" . $Name . "' (" . $HostDetails . ") is down for " . \ + $Metric->"count-down" . " checks, " . [ $IfThenElse ($ParentNotified = false) [ $IfThenElse \ + ($Metric->"notified" = true) ("already notified.") ($CountDown - $Metric->"count-down" . \ + " to go.") ] ("parent " . $Type . " " . $Parent . " is down.") ]) false; + } + :if ((($CountDown * 2) - ($Metric->"count-down" * 3)) / 2 = 0 && \ + [ :typeof ($HostInfo->"pre-down-hook") ] = "str") do={ + $NetwatchNotifyHook $Name $Type "pre-down" ($HostInfo->"pre-down-hook"); + } + :if ($ParentNotified = false && $Metric->"count-down" >= $CountDown && \ + ($ParentUp = false || $ParentUp > 2) && $Metric->"notified" != true) do={ + :local Message ("The " . $Type . " '" . $Name . "' (" . $HostDetails . \ + ") is down since " . $HostVal->"since" . "."); + :if ([ :typeof ($HostInfo->"note") ] = "str") do={ + :set Message ($Message . "\n\nNote:\n" . ($HostInfo->"note")); + } + :if ([ :typeof ($HostInfo->"down-hook") ] = "str") do={ + :set Message ($Message . "\n\n" . [ $NetwatchNotifyHook $Name $Type "down" \ + ($HostInfo->"down-hook") ]); + } + :if ($HostInfo->"no-down-notification" != true) do={ + $SendNotification2 ({ origin=[ $EitherOr ($HostInfo->"origin") $ScriptName ]; silent=($HostInfo->"silent"); \ + subject=([ $SymbolForNotification "cross-mark" ] . "Netwatch Notify: " . $Name . " down"); \ + message=$Message }); + } + :set ($Metric->"notified") true; + } + } + + :set ($NetwatchNotify->$Name) { + "count-down"=($Metric->"count-down"); + "count-up"=($Metric->"count-up"); + "notified"=($Metric->"notified"); + "parent"=($Metric->"parent"); + "resolve-failcnt"=($Metric->"resolve-failcnt"); + "since"=($Metric->"since") }; + } } } + +$Main [ :jobname ]; From 09ea05d989b001edd0502789576b9e06ef66dd0e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:01 +0100 Subject: [PATCH 218/908] ospf-to-leds: move code into function --- ospf-to-leds.rsc | 47 ++++++++++++++++++++++++++--------------------- 1 file changed, 26 insertions(+), 21 deletions(-) diff --git a/ospf-to-leds.rsc b/ospf-to-leds.rsc index 47e1d41..a462d2a 100644 --- a/ospf-to-leds.rsc +++ b/ospf-to-leds.rsc @@ -8,33 +8,38 @@ # visualize ospf instance state via leds # https://git.eworm.de/cgit/routeros-scripts/about/doc/ospf-to-leds.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global LogPrintExit2; -:global ParseKeyValueStore; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0; + :global LogPrintExit2; + :global ParseKeyValueStore; + :global ScriptLock; -:foreach Instance in=[ /routing/ospf/instance/find where comment~"^ospf-to-leds," ] do={ - :local InstanceVal [ /routing/ospf/instance/get $Instance ]; - :local LED ([ $ParseKeyValueStore ($InstanceVal->"comment") ]->"leds"); - :local LEDType [ /system/leds/get [ find where leds=$LED ] type ]; + $ScriptLock $ScriptName; - :local NeighborCount 0; - :foreach Area in=[ /routing/ospf/area/find where instance=($InstanceVal->"name") ] do={ - :local AreaName [ /routing/ospf/area/get $Area name ]; - :set NeighborCount ($NeighborCount + [ :len [ /routing/ospf/neighbor/find where area=$AreaName ] ]); - } + :foreach Instance in=[ /routing/ospf/instance/find where comment~"^ospf-to-leds," ] do={ + :local InstanceVal [ /routing/ospf/instance/get $Instance ]; + :local LED ([ $ParseKeyValueStore ($InstanceVal->"comment") ]->"leds"); + :local LEDType [ /system/leds/get [ find where leds=$LED ] type ]; - :if ($NeighborCount > 0 && $LEDType = "off") do={ - $LogPrintExit2 info $0 ("OSPF instance " . $InstanceVal->"name" . " has " . $NeighborCount . " neighbors, led on!") false; - /system/leds/set type=on [ find where leds=$LED ]; - } - :if ($NeighborCount = 0 && $LEDType = "on") do={ - $LogPrintExit2 info $0 ("OSPF instance " . $InstanceVal->"name" . " has no neighbors, led off!") false; - /system/leds/set type=off [ find where leds=$LED ]; + :local NeighborCount 0; + :foreach Area in=[ /routing/ospf/area/find where instance=($InstanceVal->"name") ] do={ + :local AreaName [ /routing/ospf/area/get $Area name ]; + :set NeighborCount ($NeighborCount + [ :len [ /routing/ospf/neighbor/find where area=$AreaName ] ]); + } + + :if ($NeighborCount > 0 && $LEDType = "off") do={ + $LogPrintExit2 info $ScriptName ("OSPF instance " . $InstanceVal->"name" . " has " . $NeighborCount . " neighbors, led on!") false; + /system/leds/set type=on [ find where leds=$LED ]; + } + :if ($NeighborCount = 0 && $LEDType = "on") do={ + $LogPrintExit2 info $ScriptName ("OSPF instance " . $InstanceVal->"name" . " has no neighbors, led off!") false; + /system/leds/set type=off [ find where leds=$LED ]; + } } } + +$Main [ :jobname ]; From 492edb4263991d02e752a8b75485a610e685cc42 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:01 +0100 Subject: [PATCH 219/908] packages-update: move code into function --- packages-update.rsc | 191 +++++++++++++++++++++++--------------------- 1 file changed, 99 insertions(+), 92 deletions(-) diff --git a/packages-update.rsc b/packages-update.rsc index 863d273..325009f 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -8,121 +8,128 @@ # download packages and reboot for installation # https://git.eworm.de/cgit/routeros-scripts/about/doc/packages-update.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global DownloadPackage; -:global Grep; -:global LogPrintExit2; -:global ParseKeyValueStore; -:global ScriptFromTerminal; -:global ScriptLock; -:global VersionToNum; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global PackagesUpdateDeferReboot; - -:local Schedule do={ - :global GetRandomNumber; + :global DownloadPackage; + :global Grep; :global LogPrintExit2; + :global ParseKeyValueStore; + :global ScriptFromTerminal; + :global ScriptLock; + :global VersionToNum; - :global RebootForUpdate do={ - /system/reboot; - } + :global PackagesUpdateDeferReboot; - :local StartTime [ :tostr [ :totime (10800 + [ $GetRandomNumber 7200 ]) ] ]; - /system/scheduler/add name="_RebootForUpdate" start-time=$StartTime interval=1d \ - on-event=("/system/scheduler/remove \"_RebootForUpdate\"; " . \ - ":global RebootForUpdate; \$RebootForUpdate;"); - $LogPrintExit2 info $1 ("Scheduled reboot for update at " . $StartTime . \ - " local time (" . [ /system/clock/get time-zone-name ] . ").") true; -} + :local Schedule do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0; + :global GetRandomNumber; + :global LogPrintExit2; -:local Update [ /system/package/update/get ]; - -:if ([ :typeof ($Update->"latest-version") ] = "nothing") do={ - $LogPrintExit2 warning $0 ("Latest version is not known.") true; -} - -:if ($Update->"installed-version" = $Update->"latest-version") do={ - $LogPrintExit2 info $0 ("Version " . $Update->"latest-version" . " is already installed.") true; -} - -:local NumInstalled [ $VersionToNum ($Update->"installed-version") ]; -:local NumLatest [ $VersionToNum ($Update->"latest-version") ]; - -:if ($NumInstalled < 0x070d0000 && $NumLatest > 0x070d0000) do={ - $LogPrintExit2 error $0 ("Migration to wireless/wifi package in RouterOS " . \ - ($Update->"latest-version") . " is pending. Please update manually!") true; -} - -:local DoDowngrade false; -:if ($NumInstalled > $NumLatest) do={ - :if ([ $ScriptFromTerminal $0 ] = true) do={ - :put "Latest version is older than installed one. Want to downgrade? [y/N]"; - :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ - :set DoDowngrade true; - } else={ - :put "Canceled..."; + :global RebootForUpdate do={ + /system/reboot; } - } else={ - $LogPrintExit2 warning $0 ("Not installing downgrade automatically.") true; + + :local StartTime [ :tostr [ :totime (10800 + [ $GetRandomNumber 7200 ]) ] ]; + /system/scheduler/add name="_RebootForUpdate" start-time=$StartTime interval=1d \ + on-event=("/system/scheduler/remove \"_RebootForUpdate\"; " . \ + ":global RebootForUpdate; \$RebootForUpdate;"); + $LogPrintExit2 info $ScriptName ("Scheduled reboot for update at " . $StartTime . \ + " local time (" . [ /system/clock/get time-zone-name ] . ").") true; } -} -:foreach Package in=[ /system/package/find where !bundle ] do={ - :local PkgName [ /system/package/get $Package name ]; - :if ([ $DownloadPackage $PkgName ($Update->"latest-version") ] = false) do={ - $LogPrintExit2 error $0 ("Download for package " . $PkgName . " failed, update aborted.") true; + $ScriptLock $ScriptName; + + :local Update [ /system/package/update/get ]; + + :if ([ :typeof ($Update->"latest-version") ] = "nothing") do={ + $LogPrintExit2 warning $ScriptName ("Latest version is not known.") true; } -} -:local RunOrder ({}); -:foreach Script in=[ /system/script/find where source~("\n# provides: backup-script\\b") ] do={ - :local ScriptVal [ /system/script/get $Script ]; - :local Store [ $ParseKeyValueStore [ $Grep ($ScriptVal->"source") ("\23 provides: backup-script, ") ] ]; + :if ($Update->"installed-version" = $Update->"latest-version") do={ + $LogPrintExit2 info $ScriptName ("Version " . $Update->"latest-version" . " is already installed.") true; + } - :set ($RunOrder->($Store->"order" . "-" . $ScriptVal->"name")) ($ScriptVal->"name"); -} + :local NumInstalled [ $VersionToNum ($Update->"installed-version") ]; + :local NumLatest [ $VersionToNum ($Update->"latest-version") ]; -:foreach Order,Script in=$RunOrder do={ - :do { - $LogPrintExit2 info $0 ("Running backup script " . $Script . " before update.") false; - /system/script/run $Script; - } on-error={ - $LogPrintExit2 warning $0 ("Running backup script " . $Script . " before update failed!") false; - :if ([ $ScriptFromTerminal $0 ] = true) do={ - :put "Do you want to continue anyway? [y/N]"; + :if ($NumInstalled < 0x070d0000 && $NumLatest > 0x070d0000) do={ + $LogPrintExit2 error $ScriptName ("Migration to wireless/wifi package in RouterOS " . \ + ($Update->"latest-version") . " is pending. Please update manually!") true; + } + + :local DoDowngrade false; + :if ($NumInstalled > $NumLatest) do={ + :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ + :put "Latest version is older than installed one. Want to downgrade? [y/N]"; :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ - $LogPrintExit2 info $0 ("User requested to continue anyway.") false; + :set DoDowngrade true; } else={ - $LogPrintExit2 info $0 ("Canceled update...") true; + :put "Canceled..."; } } else={ - $LogPrintExit2 info $0 ("Canceled non-interactive update.") true; + $LogPrintExit2 warning $ScriptName ("Not installing downgrade automatically.") true; } } -} -:if ($DoDowngrade = true) do={ - $LogPrintExit2 info $0 ("Rebooting for downgrade.") false; + :foreach Package in=[ /system/package/find where !bundle ] do={ + :local PkgName [ /system/package/get $Package name ]; + :if ([ $DownloadPackage $PkgName ($Update->"latest-version") ] = false) do={ + $LogPrintExit2 error $ScriptName ("Download for package " . $PkgName . " failed, update aborted.") true; + } + } + + :local RunOrder ({}); + :foreach Script in=[ /system/script/find where source~("\n# provides: backup-script\\b") ] do={ + :local ScriptVal [ /system/script/get $Script ]; + :local Store [ $ParseKeyValueStore [ $Grep ($ScriptVal->"source") ("\23 provides: backup-script, ") ] ]; + + :set ($RunOrder->($Store->"order" . "-" . $ScriptVal->"name")) ($ScriptVal->"name"); + } + + :foreach Order,Script in=$RunOrder do={ + :do { + $LogPrintExit2 info $ScriptName ("Running backup script " . $Script . " before update.") false; + /system/script/run $Script; + } on-error={ + $LogPrintExit2 warning $ScriptName ("Running backup script " . $Script . " before update failed!") false; + :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ + :put "Do you want to continue anyway? [y/N]"; + :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ + $LogPrintExit2 info $ScriptName ("User requested to continue anyway.") false; + } else={ + $LogPrintExit2 info $ScriptName ("Canceled update...") true; + } + } else={ + $LogPrintExit2 info $ScriptName ("Canceled non-interactive update.") true; + } + } + } + + :if ($DoDowngrade = true) do={ + $LogPrintExit2 info $ScriptName ("Rebooting for downgrade.") false; + :delay 1s; + /system/package/downgrade; + } + + :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ + :put "Do you want to (s)chedule reboot or (r)eboot now? [s/R]"; + :if (([ /terminal/inkey timeout=60 ] % 32) = 19) do={ + $Schedule $ScriptName; + } + } else={ + :if ($PackagesUpdateDeferReboot = true) do={ + $Schedule $ScriptName; + } + } + + $LogPrintExit2 info $ScriptName ("Rebooting for update.") false; :delay 1s; - /system/package/downgrade; + /system/reboot; } -:if ([ $ScriptFromTerminal $0 ] = true) do={ - :put "Do you want to (s)chedule reboot or (r)eboot now? [s/R]"; - :if (([ /terminal/inkey timeout=60 ] % 32) = 19) do={ - $Schedule $0; - } -} else={ - :if ($PackagesUpdateDeferReboot = true) do={ - $Schedule $0; - } -} - -$LogPrintExit2 info $0 ("Rebooting for update.") false; -:delay 1s; -/system/reboot; +$Main [ :jobname ]; From d6077025b22a30854e3fb8eec9f1f050e86e45a2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:01 +0100 Subject: [PATCH 220/908] ppp-on-up: move code into function --- ppp-on-up.rsc | 36 ++++++++++++++++++++---------------- 1 file changed, 20 insertions(+), 16 deletions(-) diff --git a/ppp-on-up.rsc b/ppp-on-up.rsc index ad09fdc..ae259d7 100644 --- a/ppp-on-up.rsc +++ b/ppp-on-up.rsc @@ -8,29 +8,33 @@ # run scripts on ppp up # https://git.eworm.de/cgit/routeros-scripts/about/doc/ppp-on-up.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global LogPrintExit2; +:local Main do={ + :local ScriptName [ :tostr $1 ]; + :local Interface $2; -:local Interface $interface; + :global LogPrintExit2; -:if ([ :typeof $Interface ] = "nothing") do={ - $LogPrintExit2 error $0 ("This script is supposed to run from ppp on-up script hook.") true; -} + :if ([ :typeof $Interface ] = "nothing") do={ + $LogPrintExit2 error $ScriptName ("This script is supposed to run from ppp on-up script hook.") true; + } -:local IntName [ /interface/get $Interface name ]; -$LogPrintExit2 info $0 ("PPP interface " . $IntName . " is up.") false; + :local IntName [ /interface/get $Interface name ]; + $LogPrintExit2 info $ScriptName ("PPP interface " . $IntName . " is up.") false; -/ipv6/dhcp-client/release [ find where interface=$IntName !disabled ]; + /ipv6/dhcp-client/release [ find where interface=$IntName !disabled ]; -:foreach Script in=[ /system/script/find where source~("\n# provides: ppp-on-up\n") ] do={ - :local ScriptName [ /system/script/get $Script name ]; - :do { - $LogPrintExit2 debug $0 ("Running script: " . $ScriptName) false; - /system/script/run $Script; - } on-error={ - $LogPrintExit2 warning $0 ("Running script '" . $ScriptName . "' failed!") false; + :foreach Script in=[ /system/script/find where source~("\n# provides: ppp-on-up\n") ] do={ + :local ScriptName [ /system/script/get $Script name ]; + :do { + $LogPrintExit2 debug $ScriptName ("Running script: " . $ScriptName) false; + /system/script/run $Script; + } on-error={ + $LogPrintExit2 warning $ScriptName ("Running script '" . $ScriptName . "' failed!") false; + } } } + +$Main [ :jobname ] $interface; From 721b6c783bb492cf850874d5608214293275b4fc Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:01 +0100 Subject: [PATCH 221/908] sms-action: move code into function --- sms-action.rsc | 34 +++++++++++++++++++--------------- 1 file changed, 19 insertions(+), 15 deletions(-) diff --git a/sms-action.rsc b/sms-action.rsc index 49b6cd5..b78a2b2 100644 --- a/sms-action.rsc +++ b/sms-action.rsc @@ -8,26 +8,30 @@ # run action on received SMS # https://git.eworm.de/cgit/routeros-scripts/about/doc/sms-action.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global SmsAction; +:local Main do={ + :local ScriptName [ :tostr $1 ]; + :local Action [ :tostr $2 ]; -:global LogPrintExit2; -:global ValidateSyntax; + :global SmsAction; -:local Action $action; + :global LogPrintExit2; + :global ValidateSyntax; -:if ([ :typeof $Action ] = "nothing") do={ - $LogPrintExit2 error $0 ("This script is supposed to run from SMS hook with action=...") true; + :if ([ :len $Action ] = 0) do={ + $LogPrintExit2 error $ScriptName ("This script is supposed to run from SMS hook with action=...") true; + } + + :local Code ($SmsAction->$Action); + :if ([ $ValidateSyntax $Code ] = true) do={ + :log info ("Acting on SMS action '" . $Action . "': " . $Code); + :delay 1s; + [ :parse $Code ]; + } else={ + $LogPrintExit2 warning $ScriptName ("The code for action '" . $Action . "' failed syntax validation!") false; + } } -:local Code ($SmsAction->$Action); -:if ([ $ValidateSyntax $Code ] = true) do={ - :log info ("Acting on SMS action '" . $Action . "': " . $Code); - :delay 1s; - [ :parse $Code ]; -} else={ - $LogPrintExit2 warning $0 ("The code for action '" . $Action . "' failed syntax validation!") false; -} +$Main [ :jobname ] $action; From 6b1c6a711926e32e0cc6cf4ba8359a96f1fc79c5 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:01 +0100 Subject: [PATCH 222/908] sms-forward: move code into function --- sms-forward.rsc | 125 +++++++++++++++++++++++++----------------------- 1 file changed, 65 insertions(+), 60 deletions(-) diff --git a/sms-forward.rsc b/sms-forward.rsc index f6d8e12..fee1539 100644 --- a/sms-forward.rsc +++ b/sms-forward.rsc @@ -9,84 +9,89 @@ # forward SMS to e-mail # https://git.eworm.de/cgit/routeros-scripts/about/doc/sms-forward.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global Identity; -:global SmsForwardHooks; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global IfThenElse; -:global LogPrintExit2; -:global LogPrintOnce; -:global ScriptLock; -:global SendNotification2; -:global SymbolForNotification; -:global ValidateSyntax; -:global WaitFullyConnected; + :global Identity; + :global SmsForwardHooks; -$ScriptLock $0; + :global IfThenElse; + :global LogPrintExit2; + :global LogPrintOnce; + :global ScriptLock; + :global SendNotification2; + :global SymbolForNotification; + :global ValidateSyntax; + :global WaitFullyConnected; -:if ([ /tool/sms/get receive-enabled ] = false) do={ - $LogPrintOnce warning $0 ("Receiving of SMS is not enabled.") true; -} + $ScriptLock $ScriptName; -$WaitFullyConnected; + :if ([ /tool/sms/get receive-enabled ] = false) do={ + $LogPrintOnce warning $ScriptName ("Receiving of SMS is not enabled.") true; + } -:local Settings [ /tool/sms/get ]; + $WaitFullyConnected; -:if ([ /interface/lte/get ($Settings->"port") running ] != true) do={ - $LogPrintExit2 info $0 ("The LTE interface is not in running state, skipping.") true; -} + :local Settings [ /tool/sms/get ]; -# forward SMS in a loop -:while ([ :len [ /tool/sms/inbox/find ] ] > 0) do={ - :local Phone [ /tool/sms/inbox/get ([ find ]->0) phone ]; - :local Messages ""; - :local Delete ({}); + :if ([ /interface/lte/get ($Settings->"port") running ] != true) do={ + $LogPrintExit2 info $ScriptName ("The LTE interface is not in running state, skipping.") true; + } - :foreach Sms in=[ /tool/sms/inbox/find where phone=$Phone ] do={ - :local SmsVal [ /tool/sms/inbox/get $Sms ]; + # forward SMS in a loop + :while ([ :len [ /tool/sms/inbox/find ] ] > 0) do={ + :local Phone [ /tool/sms/inbox/get ([ find ]->0) phone ]; + :local Messages ""; + :local Delete ({}); - :if ($Phone = $Settings->"allowed-number" && \ - ($SmsVal->"message")~("^:cmd " . $Settings->"secret" . " script ")) do={ - $LogPrintExit2 debug $0 ("Removing SMS, which started a script.") false; - /tool/sms/inbox/remove $Sms; - } else={ - :set Messages ($Messages . "\n\nOn " . $SmsVal->"timestamp" . \ - " type " . $SmsVal->"type" . ":\n" . $SmsVal->"message"); - :foreach Hook in=$SmsForwardHooks do={ - :if ($Phone~($Hook->"allowed-number") && ($SmsVal->"message")~($Hook->"match")) do={ - :if ([ $ValidateSyntax ($Hook->"command") ] = true) do={ - $LogPrintExit2 info $0 ("Running hook '" . $Hook->"match" . "': " . \ - $Hook->"command") false; - :do { - :local Command [ :parse ($Hook->"command") ]; - $Command Phone=$Phone Message=($SmsVal->"message"); - :set Messages ($Messages . "\n\nRan hook '" . $Hook->"match" . "':\n" . \ - $Hook->"command"); - } on-error={ - $LogPrintExit2 warning $0 ("The code for hook '" . $Hook->"match" . \ - "' failed to run!") false; + :foreach Sms in=[ /tool/sms/inbox/find where phone=$Phone ] do={ + :local SmsVal [ /tool/sms/inbox/get $Sms ]; + + :if ($Phone = $Settings->"allowed-number" && \ + ($SmsVal->"message")~("^:cmd " . $Settings->"secret" . " script ")) do={ + $LogPrintExit2 debug $ScriptName ("Removing SMS, which started a script.") false; + /tool/sms/inbox/remove $Sms; + } else={ + :set Messages ($Messages . "\n\nOn " . $SmsVal->"timestamp" . \ + " type " . $SmsVal->"type" . ":\n" . $SmsVal->"message"); + :foreach Hook in=$SmsForwardHooks do={ + :if ($Phone~($Hook->"allowed-number") && ($SmsVal->"message")~($Hook->"match")) do={ + :if ([ $ValidateSyntax ($Hook->"command") ] = true) do={ + $LogPrintExit2 info $ScriptName ("Running hook '" . $Hook->"match" . "': " . \ + $Hook->"command") false; + :do { + :local Command [ :parse ($Hook->"command") ]; + $Command Phone=$Phone Message=($SmsVal->"message"); + :set Messages ($Messages . "\n\nRan hook '" . $Hook->"match" . "':\n" . \ + $Hook->"command"); + } on-error={ + $LogPrintExit2 warning $ScriptName ("The code for hook '" . $Hook->"match" . \ + "' failed to run!") false; + } + } else={ + $LogPrintExit2 warning $ScriptName ("The code for hook '" . $Hook->"match" . \ + "' failed syntax validation!") false; } - } else={ - $LogPrintExit2 warning $0 ("The code for hook '" . $Hook->"match" . \ - "' failed syntax validation!") false; } } + :set Delete ($Delete, $Sms); } - :set Delete ($Delete, $Sms); } - } - :if ([ :len $Messages ] > 0) do={ - :local Count [ :len $Delete ]; - $SendNotification2 ({ origin=$0; \ - subject=([ $SymbolForNotification "incoming-envelope" ] . "SMS Forwarding from " . $Phone); \ - message=("Received " . [ $IfThenElse ($Count = 1) "this message" ("these " . $Count . " messages") ] . \ - " by " . $Identity . " from " . $Phone . ":" . $Messages) }); - :foreach Sms in=$Delete do={ - /tool/sms/inbox/remove $Sms; + :if ([ :len $Messages ] > 0) do={ + :local Count [ :len $Delete ]; + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "incoming-envelope" ] . "SMS Forwarding from " . $Phone); \ + message=("Received " . [ $IfThenElse ($Count = 1) "this message" ("these " . $Count . " messages") ] . \ + " by " . $Identity . " from " . $Phone . ":" . $Messages) }); + :foreach Sms in=$Delete do={ + /tool/sms/inbox/remove $Sms; + } } } } + +$Main [ :jobname ]; From 6fd745fc0f689ce0f7b57599bf0c497dda170f93 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:01 +0100 Subject: [PATCH 223/908] telegram-chat: move code into function --- telegram-chat.rsc | 267 +++++++++++++++++++++++----------------------- 1 file changed, 136 insertions(+), 131 deletions(-) diff --git a/telegram-chat.rsc b/telegram-chat.rsc index d8f917b..197c8a3 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -8,160 +8,165 @@ # use Telegram to chat with your Router and send commands # https://git.eworm.de/cgit/routeros-scripts/about/doc/telegram-chat.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global Identity; -:global TelegramChatActive; -:global TelegramChatGroups; -:global TelegramChatId; -:global TelegramChatIdsTrusted; -:global TelegramChatOffset; -:global TelegramChatRunTime; -:global TelegramMessageIDs; -:global TelegramRandomDelay; -:global TelegramTokenId; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -:global CertificateAvailable; -:global EitherOr; -:global EscapeForRegEx; -:global GetRandom20CharAlNum; -:global IfThenElse; -:global LogPrintExit2; -:global MAX; -:global MIN; -:global MkDir; -:global ParseJson; -:global RandomDelay; -:global ScriptLock; -:global SendTelegram2; -:global SymbolForNotification; -:global ValidateSyntax; -:global WaitForFile; -:global WaitFullyConnected; + :global Identity; + :global TelegramChatActive; + :global TelegramChatGroups; + :global TelegramChatId; + :global TelegramChatIdsTrusted; + :global TelegramChatOffset; + :global TelegramChatRunTime; + :global TelegramMessageIDs; + :global TelegramRandomDelay; + :global TelegramTokenId; -$ScriptLock $0; + :global CertificateAvailable; + :global EitherOr; + :global EscapeForRegEx; + :global GetRandom20CharAlNum; + :global IfThenElse; + :global LogPrintExit2; + :global MAX; + :global MIN; + :global MkDir; + :global ParseJson; + :global RandomDelay; + :global ScriptLock; + :global SendTelegram2; + :global SymbolForNotification; + :global ValidateSyntax; + :global WaitForFile; + :global WaitFullyConnected; -$WaitFullyConnected; + $ScriptLock $ScriptName; -:if ([ :typeof $TelegramChatOffset ] != "array") do={ - :set TelegramChatOffset { 0; 0; 0 }; -} -:if ([ :typeof $TelegramRandomDelay ] != "num") do={ - :set TelegramRandomDelay 0; -} + $WaitFullyConnected; -:if ([ $CertificateAvailable "Go Daddy Secure Certificate Authority - G2" ] = false) do={ - $LogPrintExit2 warning $0 ("Downloading required certificate failed.") true; -} + :if ([ :typeof $TelegramChatOffset ] != "array") do={ + :set TelegramChatOffset { 0; 0; 0 }; + } + :if ([ :typeof $TelegramRandomDelay ] != "num") do={ + :set TelegramRandomDelay 0; + } -$RandomDelay $TelegramRandomDelay; + :if ([ $CertificateAvailable "Go Daddy Secure Certificate Authority - G2" ] = false) do={ + $LogPrintExit2 warning $ScriptName ("Downloading required certificate failed.") true; + } -:local Data false; -:for I from=1 to=4 do={ - :if ($Data = false) do={ - :do { - :set Data ([ /tool/fetch check-certificate=yes-without-crl output=user \ - ("https://api.telegram.org/bot" . $TelegramTokenId . "/getUpdates?offset=" . \ - $TelegramChatOffset->0 . "&allowed_updates=%5B%22message%22%5D") as-value ]->"data"); - :set TelegramRandomDelay [ $MAX 0 ($TelegramRandomDelay - 1) ]; - } on-error={ - :if ($I < 4) do={ - $LogPrintExit2 debug $0 ("Fetch failed, " . $I . ". try.") false; - :set TelegramRandomDelay [ $MIN 15 ($TelegramRandomDelay + 5) ]; - :delay (($I * $I) . "s"); + $RandomDelay $TelegramRandomDelay; + + :local Data false; + :for I from=1 to=4 do={ + :if ($Data = false) do={ + :do { + :set Data ([ /tool/fetch check-certificate=yes-without-crl output=user \ + ("https://api.telegram.org/bot" . $TelegramTokenId . "/getUpdates?offset=" . \ + $TelegramChatOffset->0 . "&allowed_updates=%5B%22message%22%5D") as-value ]->"data"); + :set TelegramRandomDelay [ $MAX 0 ($TelegramRandomDelay - 1) ]; + } on-error={ + :if ($I < 4) do={ + $LogPrintExit2 debug $ScriptName ("Fetch failed, " . $I . ". try.") false; + :set TelegramRandomDelay [ $MIN 15 ($TelegramRandomDelay + 5) ]; + :delay (($I * $I) . "s"); + } } } } -} -:if ($Data = false) do={ - $LogPrintExit2 warning $0 ("Failed getting updates from Telegram.") true; -} + :if ($Data = false) do={ + $LogPrintExit2 warning $ScriptName ("Failed getting updates from Telegram.") true; + } -:local UpdateID 0; -:local Uptime [ /system/resource/get uptime ]; -:foreach UpdateArray in=([ $ParseJson $Data ]->"result") do={ - :local Update [ $ParseJson $UpdateArray ]; - :set UpdateID ($Update->"update_id"); - :local Message [ $ParseJson ($Update->"message") ]; - :local IsReply [ :len ($Message->"reply_to_message") ]; - :local IsMyReply ($TelegramMessageIDs->([ $ParseJson ($Message->"reply_to_message") ]->"message_id")); - :if (($IsMyReply = 1 || $TelegramChatOffset->0 > 0 || $Uptime > 5m) && $UpdateID >= $TelegramChatOffset->2) do={ - :local Trusted false; - :local Chat [ $ParseJson ($Message->"chat") ]; - :local From [ $ParseJson ($Message->"from") ]; + :local UpdateID 0; + :local Uptime [ /system/resource/get uptime ]; + :foreach UpdateArray in=([ $ParseJson $Data ]->"result") do={ + :local Update [ $ParseJson $UpdateArray ]; + :set UpdateID ($Update->"update_id"); + :local Message [ $ParseJson ($Update->"message") ]; + :local IsReply [ :len ($Message->"reply_to_message") ]; + :local IsMyReply ($TelegramMessageIDs->([ $ParseJson ($Message->"reply_to_message") ]->"message_id")); + :if (($IsMyReply = 1 || $TelegramChatOffset->0 > 0 || $Uptime > 5m) && $UpdateID >= $TelegramChatOffset->2) do={ + :local Trusted false; + :local Chat [ $ParseJson ($Message->"chat") ]; + :local From [ $ParseJson ($Message->"from") ]; - :foreach IdsTrusted in=($TelegramChatId, $TelegramChatIdsTrusted) do={ - :if ($From->"id" = $IdsTrusted || $From->"username" = $IdsTrusted) do={ - :set Trusted true; - } - } - - :if ($Trusted = true) do={ - :local Done false; - :if ($Message->"text" = "?") do={ - $LogPrintExit2 info $0 ("Sending notice for update " . $UpdateID . ".") false; - $SendTelegram2 ({ origin=$0; chatid=($Chat->"id"); silent=true; replyto=($Message->"message_id"); \ - subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ - message=("Online, awaiting your commands!") }); - :set Done true; - } - :if ($Done = false && [ :pick ($Message->"text") 0 1 ] = "!") do={ - :if ($Message->"text" ~ ("^! *(" . [ $EscapeForRegEx $Identity ] . "|@" . $TelegramChatGroups . ")\$")) do={ - :set TelegramChatActive true; - } else={ - :set TelegramChatActive false; + :foreach IdsTrusted in=($TelegramChatId, $TelegramChatIdsTrusted) do={ + :if ($From->"id" = $IdsTrusted || $From->"username" = $IdsTrusted) do={ + :set Trusted true; } - $LogPrintExit2 info $0 ("Now " . [ $IfThenElse $TelegramChatActive "active" "passive" ] . \ - " from update " . $UpdateID . "!") false; - :set Done true; } - :if ($Done = false && ($IsMyReply = 1 || ($IsReply = 0 && $TelegramChatActive = true)) && [ :len ($Message->"text") ] > 0) do={ - :if ([ $ValidateSyntax ($Message->"text") ] = true) do={ - :local State ""; - :local File ("tmpfs/telegram-chat/" . [ $GetRandom20CharAlNum 6 ]); - $MkDir "tmpfs/telegram-chat"; - $LogPrintExit2 info $0 ("Running command from update " . $UpdateID . ": " . $Message->"text") false; - :execute script=(":do {\n" . $Message->"text" . "\n} on-error={ /file/add name=\"" . $File . ".failed\" };" . \ - "/file/add name=\"" . $File . ".done\"") file=($File . "\00"); - :if ([ $WaitForFile ($File . ".done") [ $EitherOr $TelegramChatRunTime 20s ] ] = false) do={ - :set State "The command did not finish, still running in background.\n\n"; - } - :if ([ :len [ /file/find where name=($File . ".failed") ] ] > 0) do={ - :set State "The command failed with an error!\n\n"; - } - :local Content [ /file/get $File contents ]; - $SendTelegram2 ({ origin=$0; chatid=($Chat->"id"); silent=true; replyto=($Message->"message_id"); \ + + :if ($Trusted = true) do={ + :local Done false; + :if ($Message->"text" = "?") do={ + $LogPrintExit2 info $ScriptName ("Sending notice for update " . $UpdateID . ".") false; + $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=true; replyto=($Message->"message_id"); \ subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ - message=("Command:\n" . $Message->"text" . "\n\n" . $State . [ $IfThenElse ([ :len $Content ] > 0) \ - ("Output:\n" . $Content) [ $IfThenElse ([ /file/get $File size ] > 0) \ - ("Output exceeds file read size.") ("No output.") ] ]) }); - /file/remove "tmpfs/telegram-chat"; + message=("Online, awaiting your commands!") }); + :set Done true; + } + :if ($Done = false && [ :pick ($Message->"text") 0 1 ] = "!") do={ + :if ($Message->"text" ~ ("^! *(" . [ $EscapeForRegEx $Identity ] . "|@" . $TelegramChatGroups . ")\$")) do={ + :set TelegramChatActive true; + } else={ + :set TelegramChatActive false; + } + $LogPrintExit2 info $ScriptName ("Now " . [ $IfThenElse $TelegramChatActive "active" "passive" ] . \ + " from update " . $UpdateID . "!") false; + :set Done true; + } + :if ($Done = false && ($IsMyReply = 1 || ($IsReply = 0 && $TelegramChatActive = true)) && [ :len ($Message->"text") ] > 0) do={ + :if ([ $ValidateSyntax ($Message->"text") ] = true) do={ + :local State ""; + :local File ("tmpfs/telegram-chat/" . [ $GetRandom20CharAlNum 6 ]); + $MkDir "tmpfs/telegram-chat"; + $LogPrintExit2 info $ScriptName ("Running command from update " . $UpdateID . ": " . $Message->"text") false; + :execute script=(":do {\n" . $Message->"text" . "\n} on-error={ /file/add name=\"" . $File . ".failed\" };" . \ + "/file/add name=\"" . $File . ".done\"") file=($File . "\00"); + :if ([ $WaitForFile ($File . ".done") [ $EitherOr $TelegramChatRunTime 20s ] ] = false) do={ + :set State "The command did not finish, still running in background.\n\n"; + } + :if ([ :len [ /file/find where name=($File . ".failed") ] ] > 0) do={ + :set State "The command failed with an error!\n\n"; + } + :local Content [ /file/get $File contents ]; + $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=true; replyto=($Message->"message_id"); \ + subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ + message=("Command:\n" . $Message->"text" . "\n\n" . $State . [ $IfThenElse ([ :len $Content ] > 0) \ + ("Output:\n" . $Content) [ $IfThenElse ([ /file/get $File size ] > 0) \ + ("Output exceeds file read size.") ("No output.") ] ]) }); + /file/remove "tmpfs/telegram-chat"; + } else={ + $LogPrintExit2 info $ScriptName ("The command from update " . $UpdateID . " failed syntax validation!") false; + $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=false; replyto=($Message->"message_id"); \ + subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ + message=("Command:\n" . $Message->"text" . "\n\nThe command failed syntax validation!") }); + } + } + } else={ + :local MessageText ("Received a message from untrusted contact " . \ + [ $IfThenElse ([ :len ($From->"username") ] = 0) "without username" ("'" . $From->"username" . "'") ] . \ + " (ID " . $From->"id" . ") in update " . $UpdateID . "!"); + :if ($Message->"text" ~ ("^! *" . [ $EscapeForRegEx $Identity ] . "\$")) do={ + $LogPrintExit2 warning $ScriptName $MessageText false; + $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=false; replyto=($Message->"message_id"); \ + subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ + message=("You are not trusted.") }); } else={ - $LogPrintExit2 info $0 ("The command from update " . $UpdateID . " failed syntax validation!") false; - $SendTelegram2 ({ origin=$0; chatid=($Chat->"id"); silent=false; replyto=($Message->"message_id"); \ - subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ - message=("Command:\n" . $Message->"text" . "\n\nThe command failed syntax validation!") }); + $LogPrintExit2 info $ScriptName $MessageText false; } } } else={ - :local MessageText ("Received a message from untrusted contact " . \ - [ $IfThenElse ([ :len ($From->"username") ] = 0) "without username" ("'" . $From->"username" . "'") ] . \ - " (ID " . $From->"id" . ") in update " . $UpdateID . "!"); - :if ($Message->"text" ~ ("^! *" . [ $EscapeForRegEx $Identity ] . "\$")) do={ - $LogPrintExit2 warning $0 $MessageText false; - $SendTelegram2 ({ origin=$0; chatid=($Chat->"id"); silent=false; replyto=($Message->"message_id"); \ - subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ - message=("You are not trusted.") }); - } else={ - $LogPrintExit2 info $0 $MessageText false; - } + $LogPrintExit2 debug $ScriptName ("Already handled update " . $UpdateID . ".") false; } - } else={ - $LogPrintExit2 debug $0 ("Already handled update " . $UpdateID . ".") false; } + :set TelegramChatOffset ([ :pick $TelegramChatOffset 1 3 ], \ + [ $IfThenElse ($UpdateID >= $TelegramChatOffset->2) ($UpdateID + 1) ($TelegramChatOffset->2) ]); } -:set TelegramChatOffset ([ :pick $TelegramChatOffset 1 3 ], \ - [ $IfThenElse ($UpdateID >= $TelegramChatOffset->2) ($UpdateID + 1) ($TelegramChatOffset->2) ]); + +$Main [ :jobname ]; From ad623f069e43798da6775f77fef72cd4a8fbc05e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:01 +0100 Subject: [PATCH 224/908] update-gre-address: move code into function --- update-gre-address.rsc | 39 ++++++++++++++++++++++----------------- 1 file changed, 22 insertions(+), 17 deletions(-) diff --git a/update-gre-address.rsc b/update-gre-address.rsc index c5c699b..62cdfe1 100644 --- a/update-gre-address.rsc +++ b/update-gre-address.rsc @@ -9,29 +9,34 @@ # ipsec remote peer # https://git.eworm.de/cgit/routeros-scripts/about/doc/update-gre-address.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global CharacterReplace; -:global LogPrintExit2; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0; + :global CharacterReplace; + :global LogPrintExit2; + :global ScriptLock; -/interface/gre/set remote-address=0.0.0.0 disabled=yes [ find where !running !disabled ]; + $ScriptLock $ScriptName; -:foreach Peer in=[ /ip/ipsec/active-peers/find ] do={ - :local PeerVal [ /ip/ipsec/active-peers/get $Peer ]; - :local GreInt [ /interface/gre/find where comment=($PeerVal->"id") or comment=[ $CharacterReplace ($PeerVal->"id") "CN=" "" ] ]; - :if ([ :len $GreInt ] > 0) do={ - :local GreIntVal [ /interface/gre/get $GreInt ]; - :if ([ :typeof ($PeerVal->"dynamic-address") ] = "str" && \ - ($PeerVal->"dynamic-address" != $GreIntVal->"remote-address" || \ - $GreIntVal->"disabled" = true)) do={ - $LogPrintExit2 info $0 ("Updating remote address for interface " . $GreIntVal->"name" . " to " . $PeerVal->"dynamic-address") false; - /interface/gre/set remote-address=0.0.0.0 disabled=yes [ find where remote-address=$PeerVal->"dynamic-address" name!=$GreIntVal->"name" ]; - /interface/gre/set $GreInt remote-address=($PeerVal->"dynamic-address") disabled=no; + /interface/gre/set remote-address=0.0.0.0 disabled=yes [ find where !running !disabled ]; + + :foreach Peer in=[ /ip/ipsec/active-peers/find ] do={ + :local PeerVal [ /ip/ipsec/active-peers/get $Peer ]; + :local GreInt [ /interface/gre/find where comment=($PeerVal->"id") or comment=[ $CharacterReplace ($PeerVal->"id") "CN=" "" ] ]; + :if ([ :len $GreInt ] > 0) do={ + :local GreIntVal [ /interface/gre/get $GreInt ]; + :if ([ :typeof ($PeerVal->"dynamic-address") ] = "str" && \ + ($PeerVal->"dynamic-address" != $GreIntVal->"remote-address" || \ + $GreIntVal->"disabled" = true)) do={ + $LogPrintExit2 info $ScriptName ("Updating remote address for interface " . $GreIntVal->"name" . " to " . $PeerVal->"dynamic-address") false; + /interface/gre/set remote-address=0.0.0.0 disabled=yes [ find where remote-address=$PeerVal->"dynamic-address" name!=$GreIntVal->"name" ]; + /interface/gre/set $GreInt remote-address=($PeerVal->"dynamic-address") disabled=no; + } } } } + +$Main [ :jobname ]; From 698360f03757cefc08b27c9beac9fe16af7c1d7e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 13:48:01 +0100 Subject: [PATCH 225/908] update-tunnelbroker: move code into function --- update-tunnelbroker.rsc | 73 ++++++++++++++++++++++------------------- 1 file changed, 39 insertions(+), 34 deletions(-) diff --git a/update-tunnelbroker.rsc b/update-tunnelbroker.rsc index 4d4379a..c61d82e 100644 --- a/update-tunnelbroker.rsc +++ b/update-tunnelbroker.rsc @@ -10,51 +10,56 @@ # update local address of tunnelbroker interface # https://git.eworm.de/cgit/routeros-scripts/about/doc/update-tunnelbroker.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:global CertificateAvailable; -:global LogPrintExit2; -:global ParseKeyValueStore; -:global ScriptLock; +:local Main do={ + :local ScriptName [ :tostr $1 ]; -$ScriptLock $0; + :global CertificateAvailable; + :global LogPrintExit2; + :global ParseKeyValueStore; + :global ScriptLock; -:if ([ $CertificateAvailable "Starfield Secure Certificate Authority - G2" ] = false) do={ - $LogPrintExit2 error $0 ("Downloading required certificate failed.") true; -} + $ScriptLock $ScriptName; -:foreach Interface in=[ /interface/6to4/find where comment~"^tunnelbroker" !disabled ] do={ - :local Data false; - :local InterfaceVal [ /interface/6to4/get $Interface ]; - :local Comment [ $ParseKeyValueStore ($InterfaceVal->"comment") ]; + :if ([ $CertificateAvailable "Starfield Secure Certificate Authority - G2" ] = false) do={ + $LogPrintExit2 error $ScriptName ("Downloading required certificate failed.") true; + } - :for I from=2 to=0 do={ - :if ($Data = false) do={ - :do { - :set Data ([ /tool/fetch check-certificate=yes-without-crl \ - ("https://ipv4.tunnelbroker.net/nic/update?hostname=" . $Comment->"id") \ - user=($Comment->"user") password=($Comment->"pass") output=user as-value ]->"data"); - } on-error={ - $LogPrintExit2 debug $0 ("Failed downloading, " . $I . " retries pending.") false; - :delay 2s; + :foreach Interface in=[ /interface/6to4/find where comment~"^tunnelbroker" !disabled ] do={ + :local Data false; + :local InterfaceVal [ /interface/6to4/get $Interface ]; + :local Comment [ $ParseKeyValueStore ($InterfaceVal->"comment") ]; + + :for I from=2 to=0 do={ + :if ($Data = false) do={ + :do { + :set Data ([ /tool/fetch check-certificate=yes-without-crl \ + ("https://ipv4.tunnelbroker.net/nic/update?hostname=" . $Comment->"id") \ + user=($Comment->"user") password=($Comment->"pass") output=user as-value ]->"data"); + } on-error={ + $LogPrintExit2 debug $ScriptName ("Failed downloading, " . $I . " retries pending.") false; + :delay 2s; + } } } - } - :if (!($Data ~ "^(good|nochg) ")) do={ - $LogPrintExit2 error $0 ("Failed sending the local address to tunnelbroker or unexpected response!") true; - } - - :local PublicAddress [ :pick $Data ([ :find $Data " " ] + 1) [ :find $Data "\n" ] ]; - - :if ($PublicAddress != $InterfaceVal->"local-address") do={ - :if ([ :len [ /ip/address find where address~("^" . $PublicAddress . "/") ] ] < 1) do={ - $LogPrintExit2 warning $0 ("The address " . $PublicAddress . " is not configured on your device. NAT by ISP?") false; + :if (!($Data ~ "^(good|nochg) ")) do={ + $LogPrintExit2 error $ScriptName ("Failed sending the local address to tunnelbroker or unexpected response!") true; } - $LogPrintExit2 info $0 ("Local address changed, updating tunnel configuration with address: " . $PublicAddress) false; - /interface/6to4/set $Interface local-address=$PublicAddress; + :local PublicAddress [ :pick $Data ([ :find $Data " " ] + 1) [ :find $Data "\n" ] ]; + + :if ($PublicAddress != $InterfaceVal->"local-address") do={ + :if ([ :len [ /ip/address find where address~("^" . $PublicAddress . "/") ] ] < 1) do={ + $LogPrintExit2 warning $ScriptName ("The address " . $PublicAddress . " is not configured on your device. NAT by ISP?") false; + } + + $LogPrintExit2 info $ScriptName ("Local address changed, updating tunnel configuration with address: " . $PublicAddress) false; + /interface/6to4/set $Interface local-address=$PublicAddress; + } } } + +$Main [ :jobname ]; From d46156ad92322ffda1c7769d8eb9ea2b9fab6015 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 12 Mar 2024 15:19:42 +0100 Subject: [PATCH 226/908] global-functions: use variable name $ScriptName --- global-functions.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 92fabff..90148f8 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -9,7 +9,7 @@ # global functions # https://git.eworm.de/cgit/routeros-scripts/about/ -:local 0 [ :jobname ]; +:local ScriptName [ :jobname ]; # expected configuration version :global ExpectedConfigVersion 119; @@ -1534,7 +1534,7 @@ # Log success :local Resource [ /system/resource/get ]; -$LogPrintOnce info $0 ("Loaded on " . $Resource->"board-name" . \ +$LogPrintOnce info $ScriptName ("Loaded on " . $Resource->"board-name" . \ " with RouterOS " . $Resource->"version" . ".") false; # signal we are ready From 4f3cf3656c49360a68de1e04d0f066ba1e931415 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 227/908] BRANCHES: add badges --- BRANCHES.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/BRANCHES.md b/BRANCHES.md index c431711..0fdbdb4 100644 --- a/BRANCHES.md +++ b/BRANCHES.md @@ -1,6 +1,13 @@ Installing from branches ======================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](README.md) > ⚠️ **Warning**: Living on the edge? Great, read on! From 120d4780fd55304473031ff67ad2f452e49ec52b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 228/908] CONTRIBUTIONS: add badges --- CONTRIBUTIONS.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CONTRIBUTIONS.md b/CONTRIBUTIONS.md index 6d64e67..dff933b 100644 --- a/CONTRIBUTIONS.md +++ b/CONTRIBUTIONS.md @@ -1,6 +1,13 @@ Past Contributions ================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](README.md) Thanks a lot for your contributions! ❤️ From 13d0075a48f5626ecf32d5a94af4cea270a5e8e0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 229/908] INITIAL-COMMANDS: add badges --- INITIAL-COMMANDS.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/INITIAL-COMMANDS.md b/INITIAL-COMMANDS.md index c58662b..0de50ae 100644 --- a/INITIAL-COMMANDS.md +++ b/INITIAL-COMMANDS.md @@ -1,6 +1,13 @@ Initial commands ================ +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](README.md) > ⚠️ **Warning**: These command are inteneded for initial setup. If you are From f9fb61ec498a7898dbee57e53ebb43b34dc6061b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 230/908] doc/accesslist-duplicates: add badges --- doc/accesslist-duplicates.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/accesslist-duplicates.md b/doc/accesslist-duplicates.md index 6cb40f6..109bebf 100644 --- a/doc/accesslist-duplicates.md +++ b/doc/accesslist-duplicates.md @@ -1,6 +1,13 @@ Find and remove access list duplicates ====================================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️️ **Info**: This script can not be used on its own but requires the base From 4af1092272c3263529eed4220ec7fa73fee409dd Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 231/908] doc/backup-cloud: add badges --- doc/backup-cloud.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/backup-cloud.md b/doc/backup-cloud.md index ac7edb7..03d5953 100644 --- a/doc/backup-cloud.md +++ b/doc/backup-cloud.md @@ -1,6 +1,13 @@ Upload backup to Mikrotik cloud =============================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From 7b527840b1e3bdc5578f68107fd033794d8ddb45 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 232/908] doc/backup-email: add badges --- doc/backup-email.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/backup-email.md b/doc/backup-email.md index 67564e7..56b0540 100644 --- a/doc/backup-email.md +++ b/doc/backup-email.md @@ -1,6 +1,13 @@ Send backup via e-mail ====================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From acc8cdf8ca4ea557ec9ed356b74e88a0051d5ab4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 233/908] doc/backup-partition: add badges --- doc/backup-partition.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/backup-partition.md b/doc/backup-partition.md index 18edc0c..e2ca8e0 100644 --- a/doc/backup-partition.md +++ b/doc/backup-partition.md @@ -1,6 +1,13 @@ Save configuration to fallback partition ======================================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From a92715ea31f04161ffe682c8eebdefd89b3ca4fe Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 234/908] doc/backup-upload: add badges --- doc/backup-upload.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/backup-upload.md b/doc/backup-upload.md index b132e56..953ac93 100644 --- a/doc/backup-upload.md +++ b/doc/backup-upload.md @@ -1,6 +1,13 @@ Upload backup to server ======================= +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From 9deaed735020694b4748ed6146684c8482901e66 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 235/908] doc/capsman-download-packages: add badges --- doc/capsman-download-packages.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/capsman-download-packages.md b/doc/capsman-download-packages.md index 03e4497..20fb007 100644 --- a/doc/capsman-download-packages.md +++ b/doc/capsman-download-packages.md @@ -1,6 +1,13 @@ Download packages for CAP upgrade from CAPsMAN ============================================= +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From 50694ec5122b617a9f5b96e9a51530e2a5b1feee Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 236/908] doc/capsman-rolling-upgrade: add badges --- doc/capsman-rolling-upgrade.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/capsman-rolling-upgrade.md b/doc/capsman-rolling-upgrade.md index b4e342d..8362794 100644 --- a/doc/capsman-rolling-upgrade.md +++ b/doc/capsman-rolling-upgrade.md @@ -1,6 +1,13 @@ Run rolling CAP upgrades from CAPsMAN ===================================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From 0c46668e2e350916bf4844138f563261f2a1a55d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 237/908] doc/certificate-renew-issued: add badges --- doc/certificate-renew-issued.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/certificate-renew-issued.md b/doc/certificate-renew-issued.md index bb8e18c..2df8be3 100644 --- a/doc/certificate-renew-issued.md +++ b/doc/certificate-renew-issued.md @@ -1,6 +1,13 @@ Renew locally issued certificates ================================= +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From 71ce8709ca973e2349ad667baa13432c4bb662c7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 238/908] doc/check-certificates: add badges --- doc/check-certificates.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/check-certificates.md b/doc/check-certificates.md index 186702c..62b9ceb 100644 --- a/doc/check-certificates.md +++ b/doc/check-certificates.md @@ -1,6 +1,13 @@ Renew certificates and notify on expiration =========================================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From f68ee9bc00fcdd4a7bab10835faeaaf2ae2ad679 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 239/908] doc/check-health: add badges --- doc/check-health.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/check-health.md b/doc/check-health.md index 3bde4e9..ee52b61 100644 --- a/doc/check-health.md +++ b/doc/check-health.md @@ -1,6 +1,13 @@ Notify about health state ========================= +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From a2afb1d5dc391c50dc538baccaf54560101d242f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 240/908] doc/check-lte-firmware-upgrade: add badges --- doc/check-lte-firmware-upgrade.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/check-lte-firmware-upgrade.md b/doc/check-lte-firmware-upgrade.md index a81ca86..bec3177 100644 --- a/doc/check-lte-firmware-upgrade.md +++ b/doc/check-lte-firmware-upgrade.md @@ -1,6 +1,13 @@ Notify on LTE firmware upgrade ============================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From b9b1197c1aae47b188ee87278aed4e44dc6adf3e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 241/908] doc/check-routeros-update: add badges --- doc/check-routeros-update.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/check-routeros-update.md b/doc/check-routeros-update.md index dbe83b8..dbb2b89 100644 --- a/doc/check-routeros-update.md +++ b/doc/check-routeros-update.md @@ -1,6 +1,13 @@ Notify on RouterOS update ========================= +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From 6737c291caf2b059b1ff576c75765034b79062e0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 242/908] doc/collect-wireless-mac: add badges --- doc/collect-wireless-mac.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/collect-wireless-mac.md b/doc/collect-wireless-mac.md index 49772e9..b0a2298 100644 --- a/doc/collect-wireless-mac.md +++ b/doc/collect-wireless-mac.md @@ -1,6 +1,13 @@ Collect MAC addresses in wireless access list ============================================= +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From d1549712abbf07eff580487a99db97d4eb194325 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 243/908] doc/daily-psk: add badges --- doc/daily-psk.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/daily-psk.md b/doc/daily-psk.md index 01fb9f6..f723617 100644 --- a/doc/daily-psk.md +++ b/doc/daily-psk.md @@ -1,6 +1,13 @@ Use wireless network with daily psk =================================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From 16b318832a3920664f78ffe782b5daac9c1f1282 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 244/908] doc/dhcp-lease-comment: add badges --- doc/dhcp-lease-comment.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/dhcp-lease-comment.md b/doc/dhcp-lease-comment.md index d98f3fc..4831b8c 100644 --- a/doc/dhcp-lease-comment.md +++ b/doc/dhcp-lease-comment.md @@ -1,6 +1,13 @@ Comment DHCP leases with info from access list ============================================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From b178e47d6d0bd1cf07a9af43f18b63231f1461dc Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 245/908] doc/dhcp-to-dns: add badges --- doc/dhcp-to-dns.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/dhcp-to-dns.md b/doc/dhcp-to-dns.md index 772704e..e7f3b88 100644 --- a/doc/dhcp-to-dns.md +++ b/doc/dhcp-to-dns.md @@ -1,6 +1,13 @@ Create DNS records for DHCP leases ================================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From d0af9d62ea6bd3b749d717f223ee424d5962c2af Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 246/908] accesslist-duplicates: drop main function, use :do with on-error --- accesslist-duplicates.capsman.rsc | 8 +++----- accesslist-duplicates.local.rsc | 8 +++----- accesslist-duplicates.template.rsc | 8 +++----- accesslist-duplicates.wifi.rsc | 8 +++----- 4 files changed, 12 insertions(+), 20 deletions(-) diff --git a/accesslist-duplicates.capsman.rsc b/accesslist-duplicates.capsman.rsc index f781eb3..2ce8302 100644 --- a/accesslist-duplicates.capsman.rsc +++ b/accesslist-duplicates.capsman.rsc @@ -13,8 +13,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :local Seen ({}); @@ -31,6 +31,4 @@ } :set ($Seen->$Mac) 1; } -} - -$Main [ :jobname ]; +} on-error={ } diff --git a/accesslist-duplicates.local.rsc b/accesslist-duplicates.local.rsc index b235cd1..51ef6f3 100644 --- a/accesslist-duplicates.local.rsc +++ b/accesslist-duplicates.local.rsc @@ -13,8 +13,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :local Seen ({}); @@ -31,6 +31,4 @@ } :set ($Seen->$Mac) 1; } -} - -$Main [ :jobname ]; +} on-error={ } diff --git a/accesslist-duplicates.template.rsc b/accesslist-duplicates.template.rsc index c65e9e0..770fb30 100644 --- a/accesslist-duplicates.template.rsc +++ b/accesslist-duplicates.template.rsc @@ -14,8 +14,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :local Seen ({}); @@ -40,6 +40,4 @@ } :set ($Seen->$Mac) 1; } -} - -$Main [ :jobname ]; +} on-error={ } diff --git a/accesslist-duplicates.wifi.rsc b/accesslist-duplicates.wifi.rsc index 04ac19c..65f8aaa 100644 --- a/accesslist-duplicates.wifi.rsc +++ b/accesslist-duplicates.wifi.rsc @@ -13,8 +13,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :local Seen ({}); @@ -31,6 +31,4 @@ } :set ($Seen->$Mac) 1; } -} - -$Main [ :jobname ]; +} on-error={ } From 2bd2b9b6e36f085b26713dd121aea80460b10025 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 247/908] doc/firmware-upgrade-reboot: add badges --- doc/firmware-upgrade-reboot.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/firmware-upgrade-reboot.md b/doc/firmware-upgrade-reboot.md index 8bf4d19..420dfe1 100644 --- a/doc/firmware-upgrade-reboot.md +++ b/doc/firmware-upgrade-reboot.md @@ -1,6 +1,13 @@ Automatically upgrade firmware and reboot ========================================= +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From 15c68c5660ab6bc0af4c9dee4de7b74ebcf0abb8 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 248/908] backup-cloud: drop main function, use :do with on-error --- backup-cloud.rsc | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/backup-cloud.rsc b/backup-cloud.rsc index 2846d75..a3dfe0c 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -12,8 +12,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global BackupRandomDelay; :global Identity; @@ -32,7 +32,7 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } $WaitFullyConnected; @@ -77,6 +77,4 @@ $LogPrintExit2 error $ScriptName ("Failed uploading backup for " . $Identity . " to cloud!") true; } /file/remove "tmpfs/backup-cloud"; -} - -$Main [ :jobname ]; +} on-error={ } From 900e868cafb57f8d4ad59abc8eb6da7e6ffa9276 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 249/908] doc/fw-addr-lists: add badges --- doc/fw-addr-lists.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/fw-addr-lists.md b/doc/fw-addr-lists.md index 6dc6b66..70ca6e9 100644 --- a/doc/fw-addr-lists.md +++ b/doc/fw-addr-lists.md @@ -1,6 +1,13 @@ Download, import and update firewall address-lists ================================================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From 3eb8fad5ae36334b2f4c56c6641d453eee5b0136 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 250/908] backup-email: drop main function, use :do with on-error --- backup-email.rsc | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/backup-email.rsc b/backup-email.rsc index c5b4568..9f6e31a 100644 --- a/backup-email.rsc +++ b/backup-email.rsc @@ -12,8 +12,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global BackupPassword; :global BackupRandomDelay; @@ -46,7 +46,7 @@ } :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } $WaitFullyConnected; @@ -114,6 +114,4 @@ :delay 1s; :set I ($I + 1); } -} - -$Main [ :jobname ]; +} on-error={ } From 8ab1df596043a5dc4fb7a100888025f236a2252a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 251/908] doc/global-wait: add badges --- doc/global-wait.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/global-wait.md b/doc/global-wait.md index 39921db..a3fe6d6 100644 --- a/doc/global-wait.md +++ b/doc/global-wait.md @@ -1,6 +1,13 @@ Wait for global functions and modules ===================================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From b8bd64bac5b9925d84d1baa0eef8dbd511b738a9 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 252/908] backup-partition: drop main function, use :do with on-error --- backup-partition.rsc | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/backup-partition.rsc b/backup-partition.rsc index 74dccfe..1238fab 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -12,14 +12,14 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global LogPrintExit2; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } :if ([ :len [ /partitions/find ] ] < 2) do={ @@ -47,6 +47,4 @@ $LogPrintExit2 error $ScriptName ("Failed saving configuration to partition '" . \ $FallbackTo . "'!") true; } -} - -$Main [ :jobname ]; +} on-error={ } From e2f6401a15573c9a526e2dd68a5b43bf6a2df817 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 253/908] doc/gps-track: add badges --- doc/gps-track.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/gps-track.md b/doc/gps-track.md index 721b075..03f79a7 100644 --- a/doc/gps-track.md +++ b/doc/gps-track.md @@ -1,6 +1,13 @@ Send GPS position to server =========================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From 8d020a4de84cc86f0328a79c6e27bf87a35d45ba Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 254/908] backup-upload: drop main function, use :do with on-error --- backup-upload.rsc | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/backup-upload.rsc b/backup-upload.rsc index c2b3285..2b42730 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -12,8 +12,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global BackupPassword; :global BackupRandomDelay; @@ -45,7 +45,7 @@ } :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } $WaitFullyConnected; @@ -153,6 +153,4 @@ :if ($Failed = 1) do={ :error "An error occured!"; } -} - -$Main [ :jobname ]; +} on-error={ } From b45b7606a9dfa75de0ef627f0b25e7cb91fdfef6 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 255/908] doc/hotspot-to-wpa: add badges --- doc/hotspot-to-wpa.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/hotspot-to-wpa.md b/doc/hotspot-to-wpa.md index fc784dd..6ce4421 100644 --- a/doc/hotspot-to-wpa.md +++ b/doc/hotspot-to-wpa.md @@ -1,6 +1,13 @@ Use WPA network with hotspot credentials ======================================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From 03309d4fdb3542c60e81b505ee9a9dc1fd623f5d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 256/908] capsman-download-packages: drop main function, use :do with on-error --- capsman-download-packages.capsman.rsc | 10 ++++------ capsman-download-packages.template.rsc | 10 ++++------ capsman-download-packages.wifi.rsc | 10 ++++------ 3 files changed, 12 insertions(+), 18 deletions(-) diff --git a/capsman-download-packages.capsman.rsc b/capsman-download-packages.capsman.rsc index cb82a37..d4e900d 100644 --- a/capsman-download-packages.capsman.rsc +++ b/capsman-download-packages.capsman.rsc @@ -14,8 +14,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global CleanFilePath; :global DownloadPackage; @@ -25,7 +25,7 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } $WaitFullyConnected; @@ -78,6 +78,4 @@ /caps-man/remote-cap/upgrade [ find where version!=$InstalledVersion ]; } } -} - -$Main [ :jobname ]; +} on-error={ } diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index a76071e..cd4a83b 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -15,8 +15,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global CleanFilePath; :global DownloadPackage; @@ -26,7 +26,7 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } $WaitFullyConnected; @@ -89,6 +89,4 @@ /interface/wifi/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ]; } } -} - -$Main [ :jobname ]; +} on-error={ } diff --git a/capsman-download-packages.wifi.rsc b/capsman-download-packages.wifi.rsc index 89af381..633830a 100644 --- a/capsman-download-packages.wifi.rsc +++ b/capsman-download-packages.wifi.rsc @@ -14,8 +14,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global CleanFilePath; :global DownloadPackage; @@ -25,7 +25,7 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } $WaitFullyConnected; @@ -80,6 +80,4 @@ /interface/wifi/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ]; } } -} - -$Main [ :jobname ]; +} on-error={ } From ac51956c3ff003305ec1f700e2203aa100305f3b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 257/908] doc/ip-addr-bridge: add badges --- doc/ip-addr-bridge.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/ip-addr-bridge.md b/doc/ip-addr-bridge.md index a759829..8bb9811 100644 --- a/doc/ip-addr-bridge.md +++ b/doc/ip-addr-bridge.md @@ -1,6 +1,13 @@ Manage IP addresses with bridge status ====================================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) Description From 25c9bff6f38fa7738c21572c8f13b3a831e1e6f3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 258/908] capsman-rolling-upgrade: drop main function, use :do with on-error --- capsman-rolling-upgrade.capsman.rsc | 10 ++++------ capsman-rolling-upgrade.template.rsc | 10 ++++------ capsman-rolling-upgrade.wifi.rsc | 10 ++++------ 3 files changed, 12 insertions(+), 18 deletions(-) diff --git a/capsman-rolling-upgrade.capsman.rsc b/capsman-rolling-upgrade.capsman.rsc index 9379b24..16a3498 100644 --- a/capsman-rolling-upgrade.capsman.rsc +++ b/capsman-rolling-upgrade.capsman.rsc @@ -15,14 +15,14 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global LogPrintExit2; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } :local InstalledVersion [ /system/package/update/get installed-version ]; @@ -43,6 +43,4 @@ :delay ($Delay . "s"); } } -} - -$Main [ :jobname ]; +} on-error={ } diff --git a/capsman-rolling-upgrade.template.rsc b/capsman-rolling-upgrade.template.rsc index 731dbeb..45a5f8e 100644 --- a/capsman-rolling-upgrade.template.rsc +++ b/capsman-rolling-upgrade.template.rsc @@ -16,14 +16,14 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global LogPrintExit2; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } :local InstalledVersion [ /system/package/update/get installed-version ]; @@ -51,6 +51,4 @@ :delay ($Delay . "s"); } } -} - -$Main [ :jobname ]; +} on-error={ } diff --git a/capsman-rolling-upgrade.wifi.rsc b/capsman-rolling-upgrade.wifi.rsc index 205d1d8..63245dc 100644 --- a/capsman-rolling-upgrade.wifi.rsc +++ b/capsman-rolling-upgrade.wifi.rsc @@ -15,14 +15,14 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global LogPrintExit2; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } :local InstalledVersion [ /system/package/update/get installed-version ]; @@ -44,6 +44,4 @@ :delay ($Delay . "s"); } } -} - -$Main [ :jobname ]; +} on-error={ } From c645ab5100bbde7c8c3cb386afc7cb09bcf35e96 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 259/908] doc/ipsec-to-dns: add badges --- doc/ipsec-to-dns.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/ipsec-to-dns.md b/doc/ipsec-to-dns.md index 04500a3..ca5b86c 100644 --- a/doc/ipsec-to-dns.md +++ b/doc/ipsec-to-dns.md @@ -1,6 +1,13 @@ Create DNS records for IPSec peers ================================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From 78f65ead599a6ccb9161fe93a88674e28d8e95cb Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 260/908] certificate-renew-issued: drop main function, use :do with on-error --- certificate-renew-issued.rsc | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/certificate-renew-issued.rsc b/certificate-renew-issued.rsc index 7bf4128..a360a3f 100644 --- a/certificate-renew-issued.rsc +++ b/certificate-renew-issued.rsc @@ -11,8 +11,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global CertIssuedExportPass; @@ -21,7 +21,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } :foreach Cert in=[ /certificate/find where issued expires-after<3w ] do={ @@ -45,6 +45,4 @@ $LogPrintExit2 info $ScriptName ("Issued a new certificate for \"" . $CertVal->"common-name" . "\".") false; } } -} - -$Main [ :jobname ]; +} on-error={ } From 8b5c919d8cb16bfabacb06e01cc5a7245923e740 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 261/908] doc/ipv6-update: add badges --- doc/ipv6-update.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/ipv6-update.md b/doc/ipv6-update.md index f49cfaa..a5661fc 100644 --- a/doc/ipv6-update.md +++ b/doc/ipv6-update.md @@ -1,6 +1,13 @@ Update configuration on IPv6 prefix change ========================================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From b1e37c27346209aa523705ee7076a2480e782780 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 262/908] check-certificates: drop main function, use :do with on-error --- check-certificates.rsc | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index e470b59..edde7f3 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -11,8 +11,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global CertRenewTime; :global CertRenewUrl; @@ -132,7 +132,7 @@ } :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } $WaitFullyConnected; @@ -216,6 +216,4 @@ ", it is invalid after " . ($CertVal->"invalid-after") . ".") false; } } -} - -$Main [ :jobname ]; +} on-error={ } From fd1cb3131df0966a3b351fcd95d614a9d98628d7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 263/908] doc/lease-script: add badges --- doc/lease-script.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/lease-script.md b/doc/lease-script.md index c4ff20e..f346621 100644 --- a/doc/lease-script.md +++ b/doc/lease-script.md @@ -1,6 +1,13 @@ Run other scripts on DHCP lease =============================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From 7bf36fa8a5b4b568444e17aca7ccee817280ed31 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 264/908] check-health: drop main function, use :do with on-error --- check-health.rsc | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/check-health.rsc b/check-health.rsc index df76d25..91330fc 100644 --- a/check-health.rsc +++ b/check-health.rsc @@ -11,8 +11,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global CheckHealthCPUUtilization; :global CheckHealthCPUUtilizationNotified; @@ -40,7 +40,7 @@ } :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } :local Resource [ /system/resource/get ]; @@ -78,7 +78,7 @@ :if ([ :len [ /system/health/find ] ] = 0) do={ $LogPrintExit2 debug $ScriptName ("Your device does not provide any health values.") false; - :return true; + :error true; } :if ([ :typeof $CheckHealthLast ] != "array") do={ @@ -175,6 +175,4 @@ } :set ($CheckHealthLast->$Name) $Value; } -} - -$Main [ :jobname ]; +} on-error={ } From 91e94c6e385607574a7d5c27b92d2f654542acc2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 265/908] doc/leds-mode: add badges --- doc/leds-mode.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/leds-mode.md b/doc/leds-mode.md index 5710d85..5dd5f63 100644 --- a/doc/leds-mode.md +++ b/doc/leds-mode.md @@ -1,6 +1,13 @@ Manage LEDs dark mode ===================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) Description From b78556ca41c720f14c57eb84b85bcf099c06764c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 266/908] check-lte-firmware-upgrade: drop main function, use :do with on-error --- check-lte-firmware-upgrade.rsc | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/check-lte-firmware-upgrade.rsc b/check-lte-firmware-upgrade.rsc index 18109fb..f2a6e37 100644 --- a/check-lte-firmware-upgrade.rsc +++ b/check-lte-firmware-upgrade.rsc @@ -11,15 +11,15 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global SentLteFirmwareUpgradeNotification; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } :if ([ :typeof $SentLteFirmwareUpgradeNotification ] != "array") do={ @@ -100,6 +100,4 @@ :foreach Interface in=[ /interface/lte/find ] do={ $CheckInterface $ScriptName $Interface; } -} - -$Main [ :jobname ]; +} on-error={ } From b6983c86154d66d683562f6a38461bbf16fc7302 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 267/908] doc/log-forward: add badges --- doc/log-forward.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/log-forward.md b/doc/log-forward.md index 4212381..4183d7b 100644 --- a/doc/log-forward.md +++ b/doc/log-forward.md @@ -1,6 +1,13 @@ Forward log messages via notification ===================================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From 7110b29cbabdd7097c0eeebb338b4b5b42ce6aee Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 268/908] check-routeros-update: drop main function, use :do with on-error --- check-routeros-update.rsc | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index ae0038c..a68762b 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -11,8 +11,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global Identity; :global SafeUpdateAll; @@ -42,7 +42,7 @@ } :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } $WaitFullyConnected; @@ -56,7 +56,7 @@ :if ([ $ScriptFromTerminal $ScriptName ] = true && ($Update->"installed-version") = ($Update->"latest-version")) do={ $LogPrintExit2 info $ScriptName ("System is already up to date.") false; - :return true; + :error true; } :local NumInstalled [ $VersionToNum ($Update->"installed-version") ]; @@ -133,7 +133,7 @@ :if ($SentRouterosUpdateNotification = $Update->"latest-version") do={ $LogPrintExit2 info $ScriptName ("Already sent the RouterOS update notification for version " . \ $Update->"latest-version" . ".") false; - :return true; + :error true; } $SendNotification2 ({ origin=$ScriptName; \ @@ -148,7 +148,7 @@ :if ($SentRouterosUpdateNotification = $Update->"latest-version") do={ $LogPrintExit2 info $ScriptName ("Already sent the RouterOS downgrade notification for version " . \ $Update->"latest-version" . ".") false; - :return true; + :error true; } $SendNotification2 ({ origin=$ScriptName; \ @@ -160,6 +160,4 @@ " is available for downgrade.") false; :set SentRouterosUpdateNotification ($Update->"latest-version"); } -} - -$Main [ :jobname ]; +} on-error={ } From 202096c610569ae19c1d678407b883ea26793a7a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 269/908] doc/mod/bridge-port-to: add badges --- doc/mod/bridge-port-to.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/mod/bridge-port-to.md b/doc/mod/bridge-port-to.md index a956de4..838d1e0 100644 --- a/doc/mod/bridge-port-to.md +++ b/doc/mod/bridge-port-to.md @@ -1,6 +1,13 @@ Manage ports in bridge ====================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../../README.md) > ℹ️️ **Info**: This module can not be used on its own but requires the base From 4ada2e7678d43246575005a300f2baab24f019f8 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 270/908] collect-wireless-mac: drop main function, use :do with on-error --- collect-wireless-mac.capsman.rsc | 10 ++++------ collect-wireless-mac.local.rsc | 10 ++++------ collect-wireless-mac.template.rsc | 10 ++++------ collect-wireless-mac.wifi.rsc | 10 ++++------ 4 files changed, 16 insertions(+), 24 deletions(-) diff --git a/collect-wireless-mac.capsman.rsc b/collect-wireless-mac.capsman.rsc index 3a10b1f..5423624 100644 --- a/collect-wireless-mac.capsman.rsc +++ b/collect-wireless-mac.capsman.rsc @@ -14,8 +14,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global Identity; @@ -29,7 +29,7 @@ :global SymbolForNotification; :if ([ $ScriptLock $ScriptName 10 ] = false) do={ - :return false; + :error false; } :if ([ :len [ /caps-man/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ @@ -93,6 +93,4 @@ $LogPrintExit2 debug $ScriptName ("No mac address available... Ignoring.") false; } } -} - -$Main [ :jobname ]; +} on-error={ } diff --git a/collect-wireless-mac.local.rsc b/collect-wireless-mac.local.rsc index f6f898e..a4e81a3 100644 --- a/collect-wireless-mac.local.rsc +++ b/collect-wireless-mac.local.rsc @@ -14,8 +14,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global Identity; @@ -29,7 +29,7 @@ :global SymbolForNotification; :if ([ $ScriptLock $ScriptName 10 ] = false) do={ - :return false; + :error false; } :if ([ :len [ /interface/wireless/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ @@ -94,6 +94,4 @@ $LogPrintExit2 debug $ScriptName ("No mac address available... Ignoring.") false; } } -} - -$Main [ :jobname ]; +} on-error={ } diff --git a/collect-wireless-mac.template.rsc b/collect-wireless-mac.template.rsc index e633e03..f647eb3 100644 --- a/collect-wireless-mac.template.rsc +++ b/collect-wireless-mac.template.rsc @@ -15,8 +15,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global Identity; @@ -30,7 +30,7 @@ :global SymbolForNotification; :if ([ $ScriptLock $ScriptName 10 ] = false) do={ - :return false; + :error false; } :if ([ :len [ /caps-man/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ @@ -111,6 +111,4 @@ $LogPrintExit2 debug $ScriptName ("No mac address available... Ignoring.") false; } } -} - -$Main [ :jobname ]; +} on-error={ } diff --git a/collect-wireless-mac.wifi.rsc b/collect-wireless-mac.wifi.rsc index c866bcc..063d6dc 100644 --- a/collect-wireless-mac.wifi.rsc +++ b/collect-wireless-mac.wifi.rsc @@ -14,8 +14,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global Identity; @@ -29,7 +29,7 @@ :global SymbolForNotification; :if ([ $ScriptLock $ScriptName 10 ] = false) do={ - :return false; + :error false; } :if ([ :len [ /interface/wifi/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ @@ -93,6 +93,4 @@ $LogPrintExit2 debug $ScriptName ("No mac address available... Ignoring.") false; } } -} - -$Main [ :jobname ]; +} on-error={ } From 9cd84ddffebf5911787fa689f5ec2fae41af8bb2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 271/908] doc/mod/bridge-port-vlan: add badges --- doc/mod/bridge-port-vlan.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/mod/bridge-port-vlan.md b/doc/mod/bridge-port-vlan.md index 068f050..5660b9d 100644 --- a/doc/mod/bridge-port-vlan.md +++ b/doc/mod/bridge-port-vlan.md @@ -1,6 +1,13 @@ Manage VLANs on bridge ports ============================ +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../../README.md) > ℹ️️ **Info**: This module can not be used on its own but requires the base From 7fa03ab70e4e711dfb3ceeefa37639bf6676e27c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 15:27:03 +0100 Subject: [PATCH 272/908] log-forward: do not exit with error --- log-forward.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/log-forward.rsc b/log-forward.rsc index 13b490e..5044d43 100644 --- a/log-forward.rsc +++ b/log-forward.rsc @@ -40,7 +40,8 @@ :if ($LogForwardRateLimit > 30) do={ :set LogForwardRateLimit ($LogForwardRateLimit - 1); - $LogPrintExit2 info $ScriptName ("Rate limit in action, not forwarding logs, if any!") true; + $LogPrintExit2 info $ScriptName ("Rate limit in action, not forwarding logs, if any!") false; + :return true; } :local Count 0; From f79206a9b82850c2df299158191f63d9e57c03f4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 273/908] daily-psk: drop main function, use :do with on-error --- daily-psk.capsman.rsc | 10 ++++------ daily-psk.local.rsc | 10 ++++------ daily-psk.template.rsc | 10 ++++------ daily-psk.wifi.rsc | 10 ++++------ 4 files changed, 16 insertions(+), 24 deletions(-) diff --git a/daily-psk.capsman.rsc b/daily-psk.capsman.rsc index 85e05b6..c9c0186 100644 --- a/daily-psk.capsman.rsc +++ b/daily-psk.capsman.rsc @@ -14,8 +14,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global DailyPskMatchComment; :global DailyPskQrCodeUrl; @@ -31,7 +31,7 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } $WaitFullyConnected; @@ -89,6 +89,4 @@ } } } -} - -$Main [ :jobname ]; +} on-error={ } diff --git a/daily-psk.local.rsc b/daily-psk.local.rsc index 108c711..228efc8 100644 --- a/daily-psk.local.rsc +++ b/daily-psk.local.rsc @@ -14,8 +14,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global DailyPskMatchComment; :global DailyPskQrCodeUrl; @@ -31,7 +31,7 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } $WaitFullyConnected; @@ -88,6 +88,4 @@ } } } -} - -$Main [ :jobname ]; +} on-error={ } diff --git a/daily-psk.template.rsc b/daily-psk.template.rsc index c45f34a..4403fe6 100644 --- a/daily-psk.template.rsc +++ b/daily-psk.template.rsc @@ -15,8 +15,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global DailyPskMatchComment; :global DailyPskQrCodeUrl; @@ -32,7 +32,7 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } $WaitFullyConnected; @@ -104,6 +104,4 @@ } } } -} - -$Main [ :jobname ]; +} on-error={ } diff --git a/daily-psk.wifi.rsc b/daily-psk.wifi.rsc index 0ba22ab..e9b5199 100644 --- a/daily-psk.wifi.rsc +++ b/daily-psk.wifi.rsc @@ -14,8 +14,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global DailyPskMatchComment; :global DailyPskQrCodeUrl; @@ -31,7 +31,7 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } $WaitFullyConnected; @@ -89,6 +89,4 @@ } } } -} - -$Main [ :jobname ]; +} on-error={ } From 73d56b3d5f930c1f767e0d06e56f082c8ee64137 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 274/908] doc/mod/inspectvar: add badges --- doc/mod/inspectvar.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/mod/inspectvar.md b/doc/mod/inspectvar.md index 1cc49a2..7ec74f2 100644 --- a/doc/mod/inspectvar.md +++ b/doc/mod/inspectvar.md @@ -1,6 +1,13 @@ Inspect variables ================= +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../../README.md) > ℹ️️ **Info**: This module can not be used on its own but requires the base From 6712cc101d57fbe47420c562ea82d36b07a5ad9c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 15:27:57 +0100 Subject: [PATCH 275/908] check-health: do not exit with error --- check-health.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/check-health.rsc b/check-health.rsc index b819665..9d7c68e 100644 --- a/check-health.rsc +++ b/check-health.rsc @@ -75,7 +75,8 @@ } :if ([ :len [ /system/health/find ] ] = 0) do={ - $LogPrintExit2 debug $ScriptName ("Your device does not provide any health values.") true; + $LogPrintExit2 debug $ScriptName ("Your device does not provide any health values.") false; + :return true; } :if ([ :typeof $CheckHealthLast ] != "array") do={ From 0d1c4cece27094aa529a5bf75ef5a0bae3bc6321 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 276/908] dhcp-lease-comment: drop main function, use :do with on-error --- dhcp-lease-comment.capsman.rsc | 10 ++++------ dhcp-lease-comment.local.rsc | 10 ++++------ dhcp-lease-comment.template.rsc | 10 ++++------ dhcp-lease-comment.wifi.rsc | 10 ++++------ 4 files changed, 16 insertions(+), 24 deletions(-) diff --git a/dhcp-lease-comment.capsman.rsc b/dhcp-lease-comment.capsman.rsc index 09893ce..1b61167 100644 --- a/dhcp-lease-comment.capsman.rsc +++ b/dhcp-lease-comment.capsman.rsc @@ -14,14 +14,14 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global LogPrintExit2; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={ @@ -36,6 +36,4 @@ /ip/dhcp-server/lease/set comment=$NewComment $Lease; } } -} - -$Main [ :jobname ]; +} on-error={ } diff --git a/dhcp-lease-comment.local.rsc b/dhcp-lease-comment.local.rsc index a5e9330..5401a77 100644 --- a/dhcp-lease-comment.local.rsc +++ b/dhcp-lease-comment.local.rsc @@ -14,14 +14,14 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global LogPrintExit2; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={ @@ -36,6 +36,4 @@ /ip/dhcp-server/lease/set comment=$NewComment $Lease; } } -} - -$Main [ :jobname ]; +} on-error={ } diff --git a/dhcp-lease-comment.template.rsc b/dhcp-lease-comment.template.rsc index d7f36a3..6ed8fc3 100644 --- a/dhcp-lease-comment.template.rsc +++ b/dhcp-lease-comment.template.rsc @@ -15,14 +15,14 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global LogPrintExit2; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={ @@ -41,6 +41,4 @@ /ip/dhcp-server/lease/set comment=$NewComment $Lease; } } -} - -$Main [ :jobname ]; +} on-error={ } diff --git a/dhcp-lease-comment.wifi.rsc b/dhcp-lease-comment.wifi.rsc index 2552b5a..62ed03d 100644 --- a/dhcp-lease-comment.wifi.rsc +++ b/dhcp-lease-comment.wifi.rsc @@ -14,14 +14,14 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global LogPrintExit2; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={ @@ -36,6 +36,4 @@ /ip/dhcp-server/lease/set comment=$NewComment $Lease; } } -} - -$Main [ :jobname ]; +} on-error={ } From 732b86bb86369ce41bcd195313a2ae2de3d6516a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 277/908] doc/mod/ipcalc: add badges --- doc/mod/ipcalc.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/mod/ipcalc.md b/doc/mod/ipcalc.md index f2f1140..5b24952 100644 --- a/doc/mod/ipcalc.md +++ b/doc/mod/ipcalc.md @@ -1,6 +1,13 @@ IP address calculation ====================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../../README.md) > ℹ️️ **Info**: This module can not be used on its own but requires the base From 5af8b95444ae161bcc38565163aa4ed56a8e3f0e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 15:29:33 +0100 Subject: [PATCH 278/908] netwatch-dns: do not exit with error --- netwatch-dns.rsc | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/netwatch-dns.rsc b/netwatch-dns.rsc index 45c12d4..1603427 100644 --- a/netwatch-dns.rsc +++ b/netwatch-dns.rsc @@ -24,7 +24,8 @@ :local SettleTime (5m30s - [ /system/resource/get uptime ]); :if ($SettleTime > 0s) do={ - $LogPrintExit2 info $ScriptName ("System just booted, giving netwatch " . $SettleTime . " to settle.") true; + $LogPrintExit2 info $ScriptName ("System just booted, giving netwatch " . $SettleTime . " to settle.") false; + :return true; } :local DnsServers ({}); @@ -80,7 +81,8 @@ } :if ($DohCurrent = $HostInfo->"doh-url") do={ - $LogPrintExit2 debug $ScriptName ("Current DoH server is still up: " . $DohCurrent) true; + $LogPrintExit2 debug $ScriptName ("Current DoH server is still up: " . $DohCurrent) false; + :return true; } :set ($DohServers->[ :len $DohServers ]) $HostInfo; @@ -116,7 +118,8 @@ :if ([ :typeof [ :find $Data "doh-check-OK" ] ] = "num") do={ /ip/dns/set use-doh-server=($DohServer->"doh-url") verify-doh-cert=yes; /ip/dns/cache/flush; - $LogPrintExit2 info $ScriptName ("Setting DoH server: " . ($DohServer->"doh-url")) true; + $LogPrintExit2 info $ScriptName ("Setting DoH server: " . ($DohServer->"doh-url")) false; + :return true; } else={ $LogPrintExit2 warning $ScriptName ("Received unexpected response from DoH server: " . \ ($DohServer->"doh-url")) false; From ef5972e9f09be975f0905ca8d81477bc443515cb Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 279/908] dhcp-to-dns: drop main function, use :do with on-error --- dhcp-to-dns.rsc | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/dhcp-to-dns.rsc b/dhcp-to-dns.rsc index df6ae01..84a1e84 100644 --- a/dhcp-to-dns.rsc +++ b/dhcp-to-dns.rsc @@ -12,8 +12,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global Domain; :global Identity; @@ -27,7 +27,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName 10 ] = false) do={ - :return false; + :error false; } :local Ttl 5m; @@ -123,6 +123,4 @@ $LogPrintExit2 debug $ScriptName ("No address available... Ignoring.") false; } } -} - -$Main [ :jobname ]; +} on-error={ } From e2823d87465e459dd70799938e604d545d45f8a4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 280/908] doc/mod/notification-email: add badges --- doc/mod/notification-email.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/mod/notification-email.md b/doc/mod/notification-email.md index 373f8fe..76816c1 100644 --- a/doc/mod/notification-email.md +++ b/doc/mod/notification-email.md @@ -1,6 +1,13 @@ Send notifications via e-mail ============================= +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../../README.md) > ℹ️️ **Info**: This module can not be used on its own but requires the base From 184a769eebc245be7b60f0c6e8ee4157b740c704 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 15:45:09 +0100 Subject: [PATCH 281/908] check-routeros-update: do not exit with error --- check-routeros-update.rsc | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index 519c2d4..1e3a1f4 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -53,7 +53,8 @@ :local Update [ /system/package/update/get ]; :if ([ $ScriptFromTerminal $ScriptName ] = true && ($Update->"installed-version") = ($Update->"latest-version")) do={ - $LogPrintExit2 info $ScriptName ("System is already up to date.") true; + $LogPrintExit2 info $ScriptName ("System is already up to date.") false; + :return true; } :local NumInstalled [ $VersionToNum ($Update->"installed-version") ]; @@ -129,7 +130,8 @@ :if ($SentRouterosUpdateNotification = $Update->"latest-version") do={ $LogPrintExit2 info $ScriptName ("Already sent the RouterOS update notification for version " . \ - $Update->"latest-version" . ".") true; + $Update->"latest-version" . ".") false; + :return true; } $SendNotification2 ({ origin=$ScriptName; \ @@ -143,7 +145,8 @@ :if ($NumInstalled > $NumLatest) do={ :if ($SentRouterosUpdateNotification = $Update->"latest-version") do={ $LogPrintExit2 info $ScriptName ("Already sent the RouterOS downgrade notification for version " . \ - $Update->"latest-version" . ".") true; + $Update->"latest-version" . ".") false; + :return true; } $SendNotification2 ({ origin=$ScriptName; \ From 894c36fc1583bbc6b48ecaa35c562dfcf467e4d3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 282/908] firmware-upgrade-reboot: drop main function, use :do with on-error --- firmware-upgrade-reboot.rsc | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/firmware-upgrade-reboot.rsc b/firmware-upgrade-reboot.rsc index bd28f12..6499d27 100644 --- a/firmware-upgrade-reboot.rsc +++ b/firmware-upgrade-reboot.rsc @@ -11,26 +11,26 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global LogPrintExit2; :global ScriptLock; :global VersionToNum; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } :local RouterBoard [ /system/routerboard/get ]; :if ($RouterBoard->"current-firmware" = $RouterBoard->"upgrade-firmware") do={ $LogPrintExit2 info $ScriptName ("Current and upgrade firmware match with version " . \ $RouterBoard->"current-firmware" . ".") false; - :return true; + :error true; } :if ([ $VersionToNum ($RouterBoard->"current-firmware") ] > [ $VersionToNum ($RouterBoard->"upgrade-firmware") ]) do={ $LogPrintExit2 info $ScriptName ("Different firmware version is available, but it is a downgrade. Ignoring.") false; - :return true; + :error true; } :if ([ /system/routerboard/settings/get auto-upgrade ] = false) do={ @@ -51,6 +51,4 @@ $LogPrintExit2 info $ScriptName ("Firmware upgrade successful, rebooting.") false; /system/reboot; -} - -$Main [ :jobname ]; +} on-error={ } From 4a08c0912942a0de57ace8194e1277e2768c19b4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 283/908] doc/mod/notification-matrix: add badges --- doc/mod/notification-matrix.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/mod/notification-matrix.md b/doc/mod/notification-matrix.md index b309d3d..c68b0aa 100644 --- a/doc/mod/notification-matrix.md +++ b/doc/mod/notification-matrix.md @@ -1,6 +1,13 @@ Send notifications via Matrix ============================= +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../../README.md) > ℹ️️ **Info**: This module can not be used on its own but requires the base From ab0b2e27c3d190b627325827d0fba5808cba9137 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 15:46:46 +0100 Subject: [PATCH 284/908] firmware-upgrade-reboot: do not exit with error --- firmware-upgrade-reboot.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/firmware-upgrade-reboot.rsc b/firmware-upgrade-reboot.rsc index efe22ae..95adab0 100644 --- a/firmware-upgrade-reboot.rsc +++ b/firmware-upgrade-reboot.rsc @@ -23,10 +23,12 @@ :local RouterBoard [ /system/routerboard/get ]; :if ($RouterBoard->"current-firmware" = $RouterBoard->"upgrade-firmware") do={ $LogPrintExit2 info $ScriptName ("Current and upgrade firmware match with version " . \ - $RouterBoard->"current-firmware" . ".") true; + $RouterBoard->"current-firmware" . ".") false; + :return true; } :if ([ $VersionToNum ($RouterBoard->"current-firmware") ] > [ $VersionToNum ($RouterBoard->"upgrade-firmware") ]) do={ - $LogPrintExit2 info $ScriptName ("Different firmware version is available, but it is a downgrade. Ignoring.") true; + $LogPrintExit2 info $ScriptName ("Different firmware version is available, but it is a downgrade. Ignoring.") false; + :return true; } :if ([ /system/routerboard/settings/get auto-upgrade ] = false) do={ From c1362f54e585d2b17fac9232cbf845da34fa8707 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 285/908] fw-addr-lists: drop main function, use :do with on-error --- fw-addr-lists.rsc | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 8ba0147..6071f7b 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -11,8 +11,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global FetchUserAgent; :global FwAddrLists; @@ -35,7 +35,7 @@ } :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } $WaitFullyConnected; @@ -156,6 +156,4 @@ $LogPrintExit2 info $ScriptName ("list: " . $FwListName . " -- added: " . $CntAdd . " - renewed: " . $CntRenew . " - removed: " . $CntRemove) false; } -} - -$Main [ :jobname ]; +} on-error={ } From db211a9804d1fc44b7bbd5a6795df8b5e87f217a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 286/908] doc/mod/notification-ntfy: add badges --- doc/mod/notification-ntfy.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/mod/notification-ntfy.md b/doc/mod/notification-ntfy.md index f4cad8a..a3fdf88 100644 --- a/doc/mod/notification-ntfy.md +++ b/doc/mod/notification-ntfy.md @@ -1,6 +1,13 @@ Send notifications via Ntfy =========================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../../README.md) > ℹ️️ **Info**: This module can not be used on its own but requires the base From 3acdebad044785371208246ab74b062a32a6d09f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 15:58:32 +0100 Subject: [PATCH 287/908] hotspot-to-wpa: do not exit with error --- hotspot-to-wpa.capsman.rsc | 3 ++- hotspot-to-wpa.template.rsc | 3 ++- hotspot-to-wpa.wifi.rsc | 3 ++- hotspot-to-wpa.wifiwave2.rsc | 3 ++- 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/hotspot-to-wpa.capsman.rsc b/hotspot-to-wpa.capsman.rsc index d903fe9..f9f9324 100644 --- a/hotspot-to-wpa.capsman.rsc +++ b/hotspot-to-wpa.capsman.rsc @@ -52,7 +52,8 @@ comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ]; :if ($Template->"action" = "reject") do={ - $LogPrintExit2 info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'.") true; + $LogPrintExit2 info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'.") false; + :return true; } # allow login page to load diff --git a/hotspot-to-wpa.template.rsc b/hotspot-to-wpa.template.rsc index 1f82c28..9fa52c5 100644 --- a/hotspot-to-wpa.template.rsc +++ b/hotspot-to-wpa.template.rsc @@ -65,7 +65,8 @@ comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ]; :if ($Template->"action" = "reject") do={ - $LogPrintExit2 info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'.") true; + $LogPrintExit2 info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'.") false; + :return true; } # allow login page to load diff --git a/hotspot-to-wpa.wifi.rsc b/hotspot-to-wpa.wifi.rsc index cd6aa80..7638cf7 100644 --- a/hotspot-to-wpa.wifi.rsc +++ b/hotspot-to-wpa.wifi.rsc @@ -52,7 +52,8 @@ comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ]; :if ($Template->"action" = "reject") do={ - $LogPrintExit2 info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'.") true; + $LogPrintExit2 info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'.") false; + :return true; } # allow login page to load diff --git a/hotspot-to-wpa.wifiwave2.rsc b/hotspot-to-wpa.wifiwave2.rsc index ef068b6..1b60227 100644 --- a/hotspot-to-wpa.wifiwave2.rsc +++ b/hotspot-to-wpa.wifiwave2.rsc @@ -52,7 +52,8 @@ comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ]; :if ($Template->"action" = "reject") do={ - $LogPrintExit2 info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'.") true; + $LogPrintExit2 info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'.") false; + :return true; } # allow login page to load From 47b67af2266e8706f8b047477c9db84c6282360a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 288/908] gps-track: drop main function, use :do with on-error --- gps-track.rsc | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/gps-track.rsc b/gps-track.rsc index cef95f2..c40e2e0 100644 --- a/gps-track.rsc +++ b/gps-track.rsc @@ -11,8 +11,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global GpsTrackUrl; :global Identity; @@ -22,7 +22,7 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } $WaitFullyConnected; @@ -47,6 +47,4 @@ } else={ $LogPrintExit2 debug $ScriptName ("GPS data not valid.") false; } -} - -$Main [ :jobname ]; +} on-error={ } From 4313de6c68877e663b0517ace72fc2b649152931 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 289/908] doc/mod/notification-telegram: add badges --- doc/mod/notification-telegram.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/mod/notification-telegram.md b/doc/mod/notification-telegram.md index 444938f..cb326f0 100644 --- a/doc/mod/notification-telegram.md +++ b/doc/mod/notification-telegram.md @@ -1,6 +1,13 @@ Send notifications via Telegram =============================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../../README.md) > ℹ️️ **Info**: This module can not be used on its own but requires the base From c6639518bcd6689286ed63505d243369c95196e2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 16:01:00 +0100 Subject: [PATCH 290/908] lease-script: do not exit with error --- lease-script.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lease-script.rsc b/lease-script.rsc index d9c7177..64e7f46 100644 --- a/lease-script.rsc +++ b/lease-script.rsc @@ -37,7 +37,8 @@ $ScriptLock $ScriptName false 10; :if ([ :len [ /system/script/job/find where script=$ScriptName ] ] > 1) do={ - $LogPrintExit2 debug $ScriptName ("More invocations are waiting, exiting early.") true; + $LogPrintExit2 debug $ScriptName ("More invocations are waiting, exiting early.") false; + :return true; } :local RunOrder ({}); From b622f47d6566d2049f95f17c787f1b3ee2b103b4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 291/908] hotspot-to-wpa-cleanup: drop main function, use :do with on-error --- hotspot-to-wpa-cleanup.capsman.rsc | 10 ++++------ hotspot-to-wpa-cleanup.template.rsc | 10 ++++------ hotspot-to-wpa-cleanup.wifi.rsc | 10 ++++------ 3 files changed, 12 insertions(+), 18 deletions(-) diff --git a/hotspot-to-wpa-cleanup.capsman.rsc b/hotspot-to-wpa-cleanup.capsman.rsc index 62beacc..ba74260 100644 --- a/hotspot-to-wpa-cleanup.capsman.rsc +++ b/hotspot-to-wpa-cleanup.capsman.rsc @@ -14,8 +14,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global EitherOr; :global LogPrintExit2; @@ -23,7 +23,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName 10 ] = false) do={ - :return false; + :error false; } :local DHCPServers ({}); @@ -71,6 +71,4 @@ /ip/dhcp-server/lease/remove $Lease; } } -} - -$Main [ :jobname ]; +} on-error={ } diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc index bba9f0e..c46d75d 100644 --- a/hotspot-to-wpa-cleanup.template.rsc +++ b/hotspot-to-wpa-cleanup.template.rsc @@ -15,8 +15,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global EitherOr; :global LogPrintExit2; @@ -24,7 +24,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName 10 ] = false) do={ - :return false; + :error false; } :local DHCPServers ({}); @@ -78,6 +78,4 @@ /ip/dhcp-server/lease/remove $Lease; } } -} - -$Main [ :jobname ]; +} on-error={ } diff --git a/hotspot-to-wpa-cleanup.wifi.rsc b/hotspot-to-wpa-cleanup.wifi.rsc index a44064f..3e5799a 100644 --- a/hotspot-to-wpa-cleanup.wifi.rsc +++ b/hotspot-to-wpa-cleanup.wifi.rsc @@ -14,8 +14,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global EitherOr; :global LogPrintExit2; @@ -23,7 +23,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName 10 ] = false) do={ - :return false; + :error false; } :local DHCPServers ({}); @@ -71,6 +71,4 @@ /ip/dhcp-server/lease/remove $Lease; } } -} - -$Main [ :jobname ]; +} on-error={ } From 564a288c4ccfcba43f07f3578bbc843e99f6abc2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 292/908] doc/mod/scriptrunonce: add badges --- doc/mod/scriptrunonce.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/mod/scriptrunonce.md b/doc/mod/scriptrunonce.md index 895c20c..6619efb 100644 --- a/doc/mod/scriptrunonce.md +++ b/doc/mod/scriptrunonce.md @@ -1,6 +1,13 @@ Download script and run it once =============================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../../README.md) > ℹ️️ **Info**: This module can not be used on its own but requires the base From ec90695e8ff892926e9839d29bdbf672d2b5ca90 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 16:18:29 +0100 Subject: [PATCH 293/908] packages-update: do not exit with error --- packages-update.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/packages-update.rsc b/packages-update.rsc index 325009f..e6bed78 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -39,7 +39,8 @@ on-event=("/system/scheduler/remove \"_RebootForUpdate\"; " . \ ":global RebootForUpdate; \$RebootForUpdate;"); $LogPrintExit2 info $ScriptName ("Scheduled reboot for update at " . $StartTime . \ - " local time (" . [ /system/clock/get time-zone-name ] . ").") true; + " local time (" . [ /system/clock/get time-zone-name ] . ").") false; + :return true; } $ScriptLock $ScriptName; @@ -51,7 +52,8 @@ } :if ($Update->"installed-version" = $Update->"latest-version") do={ - $LogPrintExit2 info $ScriptName ("Version " . $Update->"latest-version" . " is already installed.") true; + $LogPrintExit2 info $ScriptName ("Version " . $Update->"latest-version" . " is already installed.") false; + :return true; } :local NumInstalled [ $VersionToNum ($Update->"installed-version") ]; From 54638924e4a06f926d3bdd3bbd44489acc692a75 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 294/908] hotspot-to-wpa: drop main function, use :do with on-error --- hotspot-to-wpa.capsman.rsc | 19 +++++++++---------- hotspot-to-wpa.template.rsc | 19 +++++++++---------- hotspot-to-wpa.wifi.rsc | 19 +++++++++---------- 3 files changed, 27 insertions(+), 30 deletions(-) diff --git a/hotspot-to-wpa.capsman.rsc b/hotspot-to-wpa.capsman.rsc index 7498ae2..a6ad2a1 100644 --- a/hotspot-to-wpa.capsman.rsc +++ b/hotspot-to-wpa.capsman.rsc @@ -13,21 +13,22 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; - :local MacAddress [ :tostr $2 ]; - :local UserName [ :tostr $3 ]; +:do { + :local ScriptName [ :jobname ]; :global EitherOr; :global LogPrintExit2; :global ParseKeyValueStore; :global ScriptLock; + :local MacAddress $"mac-address"; + :local UserName $username; + :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } - :if ([ :len $MacAddress ] = 0 || [ :len $UserName ] = 0) do={ + :if ([ :typeof $MacAddress ] = "nothing" || [ :typeof $UserName ] = "nothing") do={ $LogPrintExit2 error $ScriptName ("This script is supposed to run from hotspot on login.") true; } @@ -55,7 +56,7 @@ :if ($Template->"action" = "reject") do={ $LogPrintExit2 info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'.") false; - :return true; + :error true; } # allow login page to load @@ -93,6 +94,4 @@ :delay 2s; /caps-man/access-list/set $Entry action=accept; -} - -$Main [ :jobname ] $"mac-address" $username; +} on-error={ } diff --git a/hotspot-to-wpa.template.rsc b/hotspot-to-wpa.template.rsc index c96096c..b7869c4 100644 --- a/hotspot-to-wpa.template.rsc +++ b/hotspot-to-wpa.template.rsc @@ -14,21 +14,22 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; - :local MacAddress [ :tostr $2 ]; - :local UserName [ :tostr $3 ]; +:do { + :local ScriptName [ :jobname ]; :global EitherOr; :global LogPrintExit2; :global ParseKeyValueStore; :global ScriptLock; + :local MacAddress $"mac-address"; + :local UserName $username; + :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } - :if ([ :len $MacAddress ] = 0 || [ :len $UserName ] = 0) do={ + :if ([ :typeof $MacAddress ] = "nothing" || [ :typeof $UserName ] = "nothing") do={ $LogPrintExit2 error $ScriptName ("This script is supposed to run from hotspot on login.") true; } @@ -62,7 +63,7 @@ :if ($Template->"action" = "reject") do={ $LogPrintExit2 info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'.") false; - :return true; + :error true; } # allow login page to load @@ -113,6 +114,4 @@ :delay 2s; /caps-man/access-list/set $Entry action=accept; /interface/wifi/access-list/set $Entry action=accept; -} - -$Main [ :jobname ] $"mac-address" $username; +} on-error={ } diff --git a/hotspot-to-wpa.wifi.rsc b/hotspot-to-wpa.wifi.rsc index 83f490d..e728d7f 100644 --- a/hotspot-to-wpa.wifi.rsc +++ b/hotspot-to-wpa.wifi.rsc @@ -13,21 +13,22 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; - :local MacAddress [ :tostr $2 ]; - :local UserName [ :tostr $3 ]; +:do { + :local ScriptName [ :jobname ]; :global EitherOr; :global LogPrintExit2; :global ParseKeyValueStore; :global ScriptLock; + :local MacAddress $"mac-address"; + :local UserName $username; + :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } - :if ([ :len $MacAddress ] = 0 || [ :len $UserName ] = 0) do={ + :if ([ :typeof $MacAddress ] = "nothing" || [ :typeof $UserName ] = "nothing") do={ $LogPrintExit2 error $ScriptName ("This script is supposed to run from hotspot on login.") true; } @@ -55,7 +56,7 @@ :if ($Template->"action" = "reject") do={ $LogPrintExit2 info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'.") false; - :return true; + :error true; } # allow login page to load @@ -90,6 +91,4 @@ :delay 2s; /interface/wifi/access-list/set $Entry action=accept; -} - -$Main [ :jobname ] $"mac-address" $username; +} on-error={ } From 1934c63512cbf77d2cf6d3183995e3d6af11f850 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 295/908] doc/mod/ssh-keys-import: add badges --- doc/mod/ssh-keys-import.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/mod/ssh-keys-import.md b/doc/mod/ssh-keys-import.md index 1d00882..3d81566 100644 --- a/doc/mod/ssh-keys-import.md +++ b/doc/mod/ssh-keys-import.md @@ -1,6 +1,13 @@ Import ssh keys for public key authentication ============================================= +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../../README.md) > ℹ️️ **Info**: This module can not be used on its own but requires the base From 4004d713aa9c9ffeb5c317a5030e0e929d668460 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 16:22:17 +0100 Subject: [PATCH 296/908] sms-forward: do not exit with error --- sms-forward.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sms-forward.rsc b/sms-forward.rsc index fee1539..f85dab2 100644 --- a/sms-forward.rsc +++ b/sms-forward.rsc @@ -38,7 +38,8 @@ :local Settings [ /tool/sms/get ]; :if ([ /interface/lte/get ($Settings->"port") running ] != true) do={ - $LogPrintExit2 info $ScriptName ("The LTE interface is not in running state, skipping.") true; + $LogPrintExit2 info $ScriptName ("The LTE interface is not in running state, skipping.") false; + :return true; } # forward SMS in a loop From 341e84682cd3242735a0776640901ed0b9b7bebe Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 297/908] ipsec-to-dns: drop main function, use :do with on-error --- ipsec-to-dns.rsc | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/ipsec-to-dns.rsc b/ipsec-to-dns.rsc index e19a11b..03abf59 100644 --- a/ipsec-to-dns.rsc +++ b/ipsec-to-dns.rsc @@ -11,8 +11,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global Domain; :global HostNameInZone; @@ -26,7 +26,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } :local Zone \ @@ -76,6 +76,4 @@ /ip/dns/static/add name=$Fqdn address=($PeerVal->"dynamic-address") ttl=$Ttl comment=$Comment place-before=$PlaceBefore; } } -} - -$Main [ :jobname ]; +} on-error={ } From 2170505bebb9d24e0c69a146c63868e1539c8846 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 298/908] doc/mode-button: add badges --- doc/mode-button.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/mode-button.md b/doc/mode-button.md index 38a4b11..22ec215 100644 --- a/doc/mode-button.md +++ b/doc/mode-button.md @@ -1,6 +1,13 @@ Mode button with multiple presses ================================= +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From d799edfc17cb50b0949c6bcd3d3de8fba9914c54 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 5 Mar 2024 11:02:45 +0100 Subject: [PATCH 299/908] Makefile: drop support for wifiwave2 --- Makefile | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) diff --git a/Makefile b/Makefile index b18b09a..d21713c 100644 --- a/Makefile +++ b/Makefile @@ -5,39 +5,32 @@ CAPSMAN = $(wildcard *.capsman.rsc) LOCAL = $(wildcard *.local.rsc) WIFI = $(wildcard *.wifi.rsc) -WIFIWAVE2 = $(wildcard *.wifiwave2.rsc) MARKDOWN = $(wildcard *.md doc/*.md doc/mod/*.md) HTML = $(MARKDOWN:.md=.html) -all: $(CAPSMAN) $(LOCAL) $(WIFI) $(WIFIWAVE2) $(HTML) +all: $(CAPSMAN) $(LOCAL) $(WIFI) $(HTML) %.html: %.md Makefile markdown $< | sed 's/href="\([-_\./[:alnum:]]*\)\.md"/href="\1.html"/g' > $@ %.capsman.rsc: %.template.rsc Makefile - sed -e '/\/interface\/wifi\//d' -e '/\/interface\/wifiwave2\//d' -e '/\/interface\/wireless\//d' -e 's|%TEMPL%|.capsman|' \ + sed -e '/\/interface\/wifi\//d' -e '/\/interface\/wireless\//d' -e 's|%TEMPL%|.capsman|' \ -e '/^# NOT \/caps-man\/ #$$/,/^# NOT \/caps-man\/ #$$/d' \ -e '/^# !!/,/^# !!/c # !! Do not edit this file, it is generated from template!' \ < $< > $@ %.local.rsc: %.template.rsc Makefile - sed -e '/\/caps-man\//d' -e '/\/interface\/wifi\//d' -e '/\/interface\/wifiwave2\//d' -e 's|%TEMPL%|.local|' \ + sed -e '/\/caps-man\//d' -e '/\/interface\/wifi\//d' -e 's|%TEMPL%|.local|' \ -e '/^# NOT \/interface\/wireless\/ #$$/,/^# NOT \/interface\/wireless\/ #$$/d' \ -e '/^# !!/,/^# !!/c # !! Do not edit this file, it is generated from template!' \ < $< > $@ %.wifi.rsc: %.template.rsc Makefile - sed -e '/\/caps-man\//d' -e '/\/interface\/wifiwave2\//d' -e '/\/interface\/wireless\//d' -e 's|%TEMPL%|.wifi|' \ + sed -e '/\/caps-man\//d' -e '/\/interface\/wireless\//d' -e 's|%TEMPL%|.wifi|' \ -e '/^# NOT \/interface\/wifi\/ #$$/,/^# NOT \/interface\/wifi\/ #$$/d' \ -e '/^# !!/,/^# !!/c # !! Do not edit this file, it is generated from template!' \ < $< > $@ -%.wifiwave2.rsc: %.template.rsc Makefile - sed -e '/\/caps-man\//d' -e '/\/interface\/wifi\//d' -e '/\/interface\/wireless\//d' -e 's|%TEMPL%|.wifiwave2|' \ - -e '/^# NOT \/interface\/wifiwave2\/ #$$/,/^# NOT \/interface\/wifiwave2\/ #$$/d' \ - -e '/^# !!/,/^# !!/c # !! Do not edit this file, it is generated from template!' \ - < $< > $@ - clean: rm -f $(HTML) From 56e97dd60c3c9603df07bb315587c44da1ff44fd Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 5 Mar 2024 15:59:22 +0100 Subject: [PATCH 300/908] global-functions: $DownloadPackage: do not exit from global function --- global-functions.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 90148f8..b68fbaa 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -328,7 +328,8 @@ } :if ([ $CertificateAvailable "R3" ] = false) do={ - $LogPrintExit2 error $0 ("Downloading required certificate failed.") true; + $LogPrintExit2 error $0 ("Downloading required certificate failed.") false; + :return false; } :local Url ("https://upgrade.mikrotik.com/routeros/" . $PkgVer . "/" . $PkgFile); From 6f91c97b7fe68dbfd5274259aafbc2a77dd80d3d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 301/908] ipv6-update: drop main function, use :do with on-error --- ipv6-update.rsc | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/ipv6-update.rsc b/ipv6-update.rsc index d173347..8ce1e4d 100644 --- a/ipv6-update.rsc +++ b/ipv6-update.rsc @@ -11,16 +11,17 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; - :local PdPrefix $2; +:do { + :local ScriptName [ :jobname ]; :global LogPrintExit2; :global ParseKeyValueStore; :global ScriptLock; + :local PdPrefix $"pd-prefix"; + :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } :if ([ :typeof $PdPrefix ] = "nothing") do={ @@ -82,6 +83,4 @@ } } } -} - -$Main [ :jobname ] $"pd-prefix"; +} on-error={ } From fe83328a57c3ada51b54be1186a817341250176c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 302/908] doc/netwatch-dns: add badges --- doc/netwatch-dns.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/netwatch-dns.md b/doc/netwatch-dns.md index 88d4878..e00ccd0 100644 --- a/doc/netwatch-dns.md +++ b/doc/netwatch-dns.md @@ -1,6 +1,13 @@ Manage DNS and DoH servers from netwatch ======================================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From 9ecc3c4c49cd1113e2444116e2f7ab859e5193fa Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 5 Mar 2024 11:04:20 +0100 Subject: [PATCH 303/908] accesslist-duplicates: drop support for wifiwave2 --- accesslist-duplicates.template.rsc | 4 ---- accesslist-duplicates.wifiwave2.rsc | 36 ----------------------------- doc/accesslist-duplicates.md | 13 ++++------- 3 files changed, 4 insertions(+), 49 deletions(-) delete mode 100644 accesslist-duplicates.wifiwave2.rsc diff --git a/accesslist-duplicates.template.rsc b/accesslist-duplicates.template.rsc index 97f6138..c65e9e0 100644 --- a/accesslist-duplicates.template.rsc +++ b/accesslist-duplicates.template.rsc @@ -21,16 +21,13 @@ :foreach AccList in=[ /caps-man/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ :foreach AccList in=[ /interface/wifi/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ - :foreach AccList in=[ /interface/wifiwave2/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ :foreach AccList in=[ /interface/wireless/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ :local Mac [ /caps-man/access-list/get $AccList mac-address ]; :local Mac [ /interface/wifi/access-list/get $AccList mac-address ]; - :local Mac [ /interface/wifiwave2/access-list/get $AccList mac-address ]; :local Mac [ /interface/wireless/access-list/get $AccList mac-address ]; :if ($Seen->$Mac = 1) do={ /caps-man/access-list/print where mac-address=$Mac; /interface/wifi/access-list/print where mac-address=$Mac; - /interface/wifiwave2/access-list/print where mac-address=$Mac; /interface/wireless/access-list/print where mac-address=$Mac; :local Remove [ :tonum [ /terminal/ask prompt="\nNumeric id to remove, any key to skip!" ] ]; @@ -38,7 +35,6 @@ :put ("Removing numeric id " . $Remove . "...\n"); /caps-man/access-list/remove $Remove; /interface/wifi/access-list/remove $Remove; - /interface/wifiwave2/access-list/remove $Remove; /interface/wireless/access-list/remove $Remove; } } diff --git a/accesslist-duplicates.wifiwave2.rsc b/accesslist-duplicates.wifiwave2.rsc deleted file mode 100644 index 232d941..0000000 --- a/accesslist-duplicates.wifiwave2.rsc +++ /dev/null @@ -1,36 +0,0 @@ -#!rsc by RouterOS -# RouterOS script: accesslist-duplicates.wifiwave2 -# Copyright (c) 2018-2024 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md -# -# requires RouterOS, version=7.12 -# -# print duplicate antries in wireless access list -# https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md -# -# !! Do not edit this file, it is generated from template! - -:global GlobalFunctionsReady; -:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } - -:local Main do={ - :local ScriptName [ :tostr $1 ]; - - :local Seen ({}); - - :foreach AccList in=[ /interface/wifiwave2/access-list/find where mac-address!="00:00:00:00:00:00" ] do={ - :local Mac [ /interface/wifiwave2/access-list/get $AccList mac-address ]; - :if ($Seen->$Mac = 1) do={ - /interface/wifiwave2/access-list/print where mac-address=$Mac; - :local Remove [ :tonum [ /terminal/ask prompt="\nNumeric id to remove, any key to skip!" ] ]; - - :if ([ :typeof $Remove ] = "num") do={ - :put ("Removing numeric id " . $Remove . "...\n"); - /interface/wifiwave2/access-list/remove $Remove; - } - } - :set ($Seen->$Mac) 1; - } -} - -$Main [ :jobname ]; diff --git a/doc/accesslist-duplicates.md b/doc/accesslist-duplicates.md index 090298e..6cb40f6 100644 --- a/doc/accesslist-duplicates.md +++ b/doc/accesslist-duplicates.md @@ -15,19 +15,14 @@ entries in wireless access list. Requirements and installation ----------------------------- -Depending on whether you use `wifi` package (`/interface/wifi`), `wifiwave2` -package (`/interface/wifiwave2`), legacy wifi with CAPsMAN (`/caps-man`) -or local wireless interface (`/interface/wireless`) you need to install a -different script. +Depending on whether you use `wifi` package (`/interface/wifi`), legacy +wifi with CAPsMAN (`/caps-man`) or local wireless interface +(`/interface/wireless`) you need to install a different script. -For `wifi` (RouterOS 7.13 and later): +For `wifi`: $ScriptInstallUpdate accesslist-duplicates.wifi; -For `wifiwave2` (up to RouterOS 7.12): - - $ScriptInstallUpdate accesslist-duplicates.wifiwave2; - For legacy CAPsMAN: $ScriptInstallUpdate accesslist-duplicates.capsman; From 1e8918fdaa5a30393e2004d1f5e4dff458936b67 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 5 Mar 2024 16:12:36 +0100 Subject: [PATCH 304/908] global-functions: $ScriptLock: do not exit from global function --- backup-cloud.rsc | 4 +++- backup-email.rsc | 4 +++- backup-partition.rsc | 4 +++- backup-upload.rsc | 4 +++- capsman-download-packages.capsman.rsc | 4 +++- capsman-download-packages.template.rsc | 4 +++- capsman-download-packages.wifi.rsc | 4 +++- capsman-download-packages.wifiwave2.rsc | 4 +++- capsman-rolling-upgrade.capsman.rsc | 4 +++- capsman-rolling-upgrade.template.rsc | 4 +++- capsman-rolling-upgrade.wifi.rsc | 4 +++- capsman-rolling-upgrade.wifiwave2.rsc | 4 +++- certificate-renew-issued.rsc | 4 +++- check-certificates.rsc | 4 +++- check-health.rsc | 4 +++- check-lte-firmware-upgrade.rsc | 4 +++- check-routeros-update.rsc | 4 +++- collect-wireless-mac.capsman.rsc | 4 +++- collect-wireless-mac.local.rsc | 4 +++- collect-wireless-mac.template.rsc | 4 +++- collect-wireless-mac.wifi.rsc | 4 +++- collect-wireless-mac.wifiwave2.rsc | 4 +++- daily-psk.capsman.rsc | 4 +++- daily-psk.local.rsc | 4 +++- daily-psk.template.rsc | 4 +++- daily-psk.wifi.rsc | 4 +++- daily-psk.wifiwave2.rsc | 4 +++- dhcp-lease-comment.capsman.rsc | 4 +++- dhcp-lease-comment.local.rsc | 4 +++- dhcp-lease-comment.template.rsc | 4 +++- dhcp-lease-comment.wifi.rsc | 4 +++- dhcp-lease-comment.wifiwave2.rsc | 4 +++- dhcp-to-dns.rsc | 4 +++- firmware-upgrade-reboot.rsc | 4 +++- fw-addr-lists.rsc | 4 +++- global-functions.rsc | 9 ++++----- gps-track.rsc | 4 +++- hotspot-to-wpa-cleanup.capsman.rsc | 4 +++- hotspot-to-wpa-cleanup.template.rsc | 4 +++- hotspot-to-wpa-cleanup.wifi.rsc | 4 +++- hotspot-to-wpa-cleanup.wifiwave2.rsc | 4 +++- hotspot-to-wpa.capsman.rsc | 4 +++- hotspot-to-wpa.template.rsc | 4 +++- hotspot-to-wpa.wifi.rsc | 4 +++- hotspot-to-wpa.wifiwave2.rsc | 4 +++- ipsec-to-dns.rsc | 4 +++- ipv6-update.rsc | 4 +++- lease-script.rsc | 4 +++- log-forward.rsc | 4 +++- netwatch-dns.rsc | 4 +++- netwatch-notify.rsc | 4 +++- ospf-to-leds.rsc | 4 +++- packages-update.rsc | 4 +++- sms-forward.rsc | 4 +++- telegram-chat.rsc | 4 +++- update-gre-address.rsc | 4 +++- update-tunnelbroker.rsc | 4 +++- 57 files changed, 172 insertions(+), 61 deletions(-) diff --git a/backup-cloud.rsc b/backup-cloud.rsc index 94966c5..418e68d 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -30,7 +30,9 @@ :global SymbolForNotification; :global WaitFullyConnected; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } $WaitFullyConnected; :if ([ $ScriptFromTerminal $ScriptName ] = false && $BackupRandomDelay > 0) do={ diff --git a/backup-email.rsc b/backup-email.rsc index 7380a5d..c5b4568 100644 --- a/backup-email.rsc +++ b/backup-email.rsc @@ -45,7 +45,9 @@ $LogPrintExit2 error $ScriptName ("Configured to send neither backup nor config export.") true; } - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } $WaitFullyConnected; :if ([ $ScriptFromTerminal $ScriptName ] = false && $BackupRandomDelay > 0) do={ diff --git a/backup-partition.rsc b/backup-partition.rsc index 4793f12..74dccfe 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -18,7 +18,9 @@ :global LogPrintExit2; :global ScriptLock; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :if ([ :len [ /partitions/find ] ] < 2) do={ $LogPrintExit2 error $ScriptName ("Device does not have a fallback partition.") true; diff --git a/backup-upload.rsc b/backup-upload.rsc index dfba15e..c2b3285 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -44,7 +44,9 @@ $LogPrintExit2 error $ScriptName ("Configured to send neither backup nor config export.") true; } - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } $WaitFullyConnected; :if ([ $ScriptFromTerminal $ScriptName ] = false && $BackupRandomDelay > 0) do={ diff --git a/capsman-download-packages.capsman.rsc b/capsman-download-packages.capsman.rsc index 18ecf57..cb82a37 100644 --- a/capsman-download-packages.capsman.rsc +++ b/capsman-download-packages.capsman.rsc @@ -24,7 +24,9 @@ :global ScriptLock; :global WaitFullyConnected; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } $WaitFullyConnected; :local PackagePath [ $CleanFilePath [ /caps-man/manager/get package-path ] ]; diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index 8cc7b2d..41d2dca 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -25,7 +25,9 @@ :global ScriptLock; :global WaitFullyConnected; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } $WaitFullyConnected; :local PackagePath [ $CleanFilePath [ /caps-man/manager/get package-path ] ]; diff --git a/capsman-download-packages.wifi.rsc b/capsman-download-packages.wifi.rsc index 6f62c54..89af381 100644 --- a/capsman-download-packages.wifi.rsc +++ b/capsman-download-packages.wifi.rsc @@ -24,7 +24,9 @@ :global ScriptLock; :global WaitFullyConnected; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } $WaitFullyConnected; :local PackagePath [ $CleanFilePath [ /interface/wifi/capsman/get package-path ] ]; diff --git a/capsman-download-packages.wifiwave2.rsc b/capsman-download-packages.wifiwave2.rsc index 705da70..2b8ea73 100644 --- a/capsman-download-packages.wifiwave2.rsc +++ b/capsman-download-packages.wifiwave2.rsc @@ -24,7 +24,9 @@ :global ScriptLock; :global WaitFullyConnected; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } $WaitFullyConnected; :local PackagePath [ $CleanFilePath [ /interface/wifiwave2/capsman/get package-path ] ]; diff --git a/capsman-rolling-upgrade.capsman.rsc b/capsman-rolling-upgrade.capsman.rsc index fb0904d..9379b24 100644 --- a/capsman-rolling-upgrade.capsman.rsc +++ b/capsman-rolling-upgrade.capsman.rsc @@ -21,7 +21,9 @@ :global LogPrintExit2; :global ScriptLock; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :local InstalledVersion [ /system/package/update/get installed-version ]; diff --git a/capsman-rolling-upgrade.template.rsc b/capsman-rolling-upgrade.template.rsc index 6ea9ac0..c810f43 100644 --- a/capsman-rolling-upgrade.template.rsc +++ b/capsman-rolling-upgrade.template.rsc @@ -22,7 +22,9 @@ :global LogPrintExit2; :global ScriptLock; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :local InstalledVersion [ /system/package/update/get installed-version ]; diff --git a/capsman-rolling-upgrade.wifi.rsc b/capsman-rolling-upgrade.wifi.rsc index d788c29..205d1d8 100644 --- a/capsman-rolling-upgrade.wifi.rsc +++ b/capsman-rolling-upgrade.wifi.rsc @@ -21,7 +21,9 @@ :global LogPrintExit2; :global ScriptLock; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :local InstalledVersion [ /system/package/update/get installed-version ]; diff --git a/capsman-rolling-upgrade.wifiwave2.rsc b/capsman-rolling-upgrade.wifiwave2.rsc index 78e348d..4b3aba4 100644 --- a/capsman-rolling-upgrade.wifiwave2.rsc +++ b/capsman-rolling-upgrade.wifiwave2.rsc @@ -21,7 +21,9 @@ :global LogPrintExit2; :global ScriptLock; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :local InstalledVersion [ /system/package/update/get installed-version ]; diff --git a/certificate-renew-issued.rsc b/certificate-renew-issued.rsc index 79ed0ba..7bf4128 100644 --- a/certificate-renew-issued.rsc +++ b/certificate-renew-issued.rsc @@ -20,7 +20,9 @@ :global MkDir; :global ScriptLock; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :foreach Cert in=[ /certificate/find where issued expires-after<3w ] do={ :local CertVal [ /certificate/get $Cert ]; diff --git a/check-certificates.rsc b/check-certificates.rsc index f15f145..69d9097 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -127,7 +127,9 @@ [ $FormatLine "Expires in" [ $IfThenElse (($CertVal->"expired") = true) "expired" [ $FormatExpire ($CertVal->"expires-after") ] ] ]); } - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } $WaitFullyConnected; :foreach Cert in=[ /certificate/find where !revoked !ca !scep-url expires-after<$CertRenewTime ] do={ diff --git a/check-health.rsc b/check-health.rsc index 9d7c68e..df76d25 100644 --- a/check-health.rsc +++ b/check-health.rsc @@ -39,7 +39,9 @@ :return ($T->0 * 10 + $T->1); } - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :local Resource [ /system/resource/get ]; diff --git a/check-lte-firmware-upgrade.rsc b/check-lte-firmware-upgrade.rsc index 12d2dd4..18109fb 100644 --- a/check-lte-firmware-upgrade.rsc +++ b/check-lte-firmware-upgrade.rsc @@ -18,7 +18,9 @@ :global ScriptLock; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :if ([ :typeof $SentLteFirmwareUpgradeNotification ] != "array") do={ :global SentLteFirmwareUpgradeNotification ({}); diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index 1e3a1f4..ae0038c 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -41,7 +41,9 @@ :error "Waiting for system to reboot."; } - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } $WaitFullyConnected; :if ([ :len [ /system/scheduler/find where name="_RebootForUpdate" ] ] > 0) do={ diff --git a/collect-wireless-mac.capsman.rsc b/collect-wireless-mac.capsman.rsc index 0ae15ee..3a10b1f 100644 --- a/collect-wireless-mac.capsman.rsc +++ b/collect-wireless-mac.capsman.rsc @@ -28,7 +28,9 @@ :global SendNotification2; :global SymbolForNotification; - $ScriptLock $ScriptName false 10; + :if ([ $ScriptLock $ScriptName 10 ] = false) do={ + :return false; + } :if ([ :len [ /caps-man/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ /caps-man/access-list/add comment="--- collected above ---" disabled=yes; diff --git a/collect-wireless-mac.local.rsc b/collect-wireless-mac.local.rsc index 0353ddb..f6f898e 100644 --- a/collect-wireless-mac.local.rsc +++ b/collect-wireless-mac.local.rsc @@ -28,7 +28,9 @@ :global SendNotification2; :global SymbolForNotification; - $ScriptLock $ScriptName false 10; + :if ([ $ScriptLock $ScriptName 10 ] = false) do={ + :return false; + } :if ([ :len [ /interface/wireless/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ /interface/wireless/access-list/add comment="--- collected above ---" disabled=yes; diff --git a/collect-wireless-mac.template.rsc b/collect-wireless-mac.template.rsc index 71f5679..d046fbe 100644 --- a/collect-wireless-mac.template.rsc +++ b/collect-wireless-mac.template.rsc @@ -29,7 +29,9 @@ :global SendNotification2; :global SymbolForNotification; - $ScriptLock $ScriptName false 10; + :if ([ $ScriptLock $ScriptName 10 ] = false) do={ + :return false; + } :if ([ :len [ /caps-man/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ :if ([ :len [ /interface/wifi/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ diff --git a/collect-wireless-mac.wifi.rsc b/collect-wireless-mac.wifi.rsc index f35cdad..c866bcc 100644 --- a/collect-wireless-mac.wifi.rsc +++ b/collect-wireless-mac.wifi.rsc @@ -28,7 +28,9 @@ :global SendNotification2; :global SymbolForNotification; - $ScriptLock $ScriptName false 10; + :if ([ $ScriptLock $ScriptName 10 ] = false) do={ + :return false; + } :if ([ :len [ /interface/wifi/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ /interface/wifi/access-list/add comment="--- collected above ---" disabled=yes; diff --git a/collect-wireless-mac.wifiwave2.rsc b/collect-wireless-mac.wifiwave2.rsc index 86aef65..de8cdab 100644 --- a/collect-wireless-mac.wifiwave2.rsc +++ b/collect-wireless-mac.wifiwave2.rsc @@ -28,7 +28,9 @@ :global SendNotification2; :global SymbolForNotification; - $ScriptLock $ScriptName false 10; + :if ([ $ScriptLock $ScriptName 10 ] = false) do={ + :return false; + } :if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ /interface/wifiwave2/access-list/add comment="--- collected above ---" disabled=yes; diff --git a/daily-psk.capsman.rsc b/daily-psk.capsman.rsc index b47ae14..85e05b6 100644 --- a/daily-psk.capsman.rsc +++ b/daily-psk.capsman.rsc @@ -30,7 +30,9 @@ :global WaitForFile; :global WaitFullyConnected; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } $WaitFullyConnected; # return pseudo-random string for PSK diff --git a/daily-psk.local.rsc b/daily-psk.local.rsc index 72e20ef..108c711 100644 --- a/daily-psk.local.rsc +++ b/daily-psk.local.rsc @@ -30,7 +30,9 @@ :global WaitForFile; :global WaitFullyConnected; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } $WaitFullyConnected; # return pseudo-random string for PSK diff --git a/daily-psk.template.rsc b/daily-psk.template.rsc index 2f2838e..93cefeb 100644 --- a/daily-psk.template.rsc +++ b/daily-psk.template.rsc @@ -31,7 +31,9 @@ :global WaitForFile; :global WaitFullyConnected; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } $WaitFullyConnected; # return pseudo-random string for PSK diff --git a/daily-psk.wifi.rsc b/daily-psk.wifi.rsc index e013dd1..0ba22ab 100644 --- a/daily-psk.wifi.rsc +++ b/daily-psk.wifi.rsc @@ -30,7 +30,9 @@ :global WaitForFile; :global WaitFullyConnected; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } $WaitFullyConnected; # return pseudo-random string for PSK diff --git a/daily-psk.wifiwave2.rsc b/daily-psk.wifiwave2.rsc index 75cfb7a..4e71489 100644 --- a/daily-psk.wifiwave2.rsc +++ b/daily-psk.wifiwave2.rsc @@ -30,7 +30,9 @@ :global WaitForFile; :global WaitFullyConnected; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } $WaitFullyConnected; # return pseudo-random string for PSK diff --git a/dhcp-lease-comment.capsman.rsc b/dhcp-lease-comment.capsman.rsc index 825077a..09893ce 100644 --- a/dhcp-lease-comment.capsman.rsc +++ b/dhcp-lease-comment.capsman.rsc @@ -20,7 +20,9 @@ :global LogPrintExit2; :global ScriptLock; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; diff --git a/dhcp-lease-comment.local.rsc b/dhcp-lease-comment.local.rsc index 13c04a7..a5e9330 100644 --- a/dhcp-lease-comment.local.rsc +++ b/dhcp-lease-comment.local.rsc @@ -20,7 +20,9 @@ :global LogPrintExit2; :global ScriptLock; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; diff --git a/dhcp-lease-comment.template.rsc b/dhcp-lease-comment.template.rsc index 9f79d06..d0133c8 100644 --- a/dhcp-lease-comment.template.rsc +++ b/dhcp-lease-comment.template.rsc @@ -21,7 +21,9 @@ :global LogPrintExit2; :global ScriptLock; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; diff --git a/dhcp-lease-comment.wifi.rsc b/dhcp-lease-comment.wifi.rsc index cba1d6c..2552b5a 100644 --- a/dhcp-lease-comment.wifi.rsc +++ b/dhcp-lease-comment.wifi.rsc @@ -20,7 +20,9 @@ :global LogPrintExit2; :global ScriptLock; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; diff --git a/dhcp-lease-comment.wifiwave2.rsc b/dhcp-lease-comment.wifiwave2.rsc index 137ac6d..7cc29da 100644 --- a/dhcp-lease-comment.wifiwave2.rsc +++ b/dhcp-lease-comment.wifiwave2.rsc @@ -20,7 +20,9 @@ :global LogPrintExit2; :global ScriptLock; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; diff --git a/dhcp-to-dns.rsc b/dhcp-to-dns.rsc index 1cdd86e..df6ae01 100644 --- a/dhcp-to-dns.rsc +++ b/dhcp-to-dns.rsc @@ -26,7 +26,9 @@ :global ParseKeyValueStore; :global ScriptLock; - $ScriptLock $ScriptName false 10; + :if ([ $ScriptLock $ScriptName 10 ] = false) do={ + :return false; + } :local Ttl 5m; :local CommentPrefix ("managed by " . $ScriptName); diff --git a/firmware-upgrade-reboot.rsc b/firmware-upgrade-reboot.rsc index 95adab0..bd28f12 100644 --- a/firmware-upgrade-reboot.rsc +++ b/firmware-upgrade-reboot.rsc @@ -18,7 +18,9 @@ :global ScriptLock; :global VersionToNum; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :local RouterBoard [ /system/routerboard/get ]; :if ($RouterBoard->"current-firmware" = $RouterBoard->"upgrade-firmware") do={ diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index d4ac519..8ba0147 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -34,7 +34,9 @@ } } - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } $WaitFullyConnected; :local ListComment ("managed by " . $ScriptName); diff --git a/global-functions.rsc b/global-functions.rsc index b68fbaa..1e36616 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1170,8 +1170,7 @@ # lock script against multiple invocation :set ScriptLock do={ :local Script [ :tostr $1 ]; - :local DoReturn $2; - :local WaitMax ([ :tonum $3 ] * 10); + :local WaitMax ([ :tonum $3 ] * 10); :global GetRandom20CharAlNum; :global IfThenElse; @@ -1286,13 +1285,13 @@ :if ([ $IsFirstTicket $Script $MyTicket ] = true && [ $TicketCount $Script ] = [ $JobCount $Script ]) do={ $RemoveTicket $Script $MyTicket; $CleanupTickets $Script; - :return false; + :return true; } $RemoveTicket $Script $MyTicket; $LogPrintExit2 info $0 ("Script '" . $Script . "' started more than once" . [ $IfThenElse ($WaitCount > 0) \ - " and timed out waiting for lock" "" ] . "... Aborting.") [ $IfThenElse ($DoReturn = true) false true ]; - :return true; + " and timed out waiting for lock" "" ] . "... Aborting.") false; + :return false; } # send notification via NotificationFunctions - expects at least two string arguments diff --git a/gps-track.rsc b/gps-track.rsc index 8517778..cef95f2 100644 --- a/gps-track.rsc +++ b/gps-track.rsc @@ -21,7 +21,9 @@ :global ScriptLock; :global WaitFullyConnected; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } $WaitFullyConnected; :local CoordinateFormat [ /system/gps/get coordinate-format ]; diff --git a/hotspot-to-wpa-cleanup.capsman.rsc b/hotspot-to-wpa-cleanup.capsman.rsc index 498e853..62beacc 100644 --- a/hotspot-to-wpa-cleanup.capsman.rsc +++ b/hotspot-to-wpa-cleanup.capsman.rsc @@ -22,7 +22,9 @@ :global ParseKeyValueStore; :global ScriptLock; - $ScriptLock $ScriptName false 10; + :if ([ $ScriptLock $ScriptName 10 ] = false) do={ + :return false; + } :local DHCPServers ({}); :foreach Server in=[ /ip/dhcp-server/find where comment~"hotspot-to-wpa" ] do={ diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc index 9ffc6ea..c393888 100644 --- a/hotspot-to-wpa-cleanup.template.rsc +++ b/hotspot-to-wpa-cleanup.template.rsc @@ -23,7 +23,9 @@ :global ParseKeyValueStore; :global ScriptLock; - $ScriptLock $ScriptName false 10; + :if ([ $ScriptLock $ScriptName 10 ] = false) do={ + :return false; + } :local DHCPServers ({}); :foreach Server in=[ /ip/dhcp-server/find where comment~"hotspot-to-wpa" ] do={ diff --git a/hotspot-to-wpa-cleanup.wifi.rsc b/hotspot-to-wpa-cleanup.wifi.rsc index cf7eaad..a44064f 100644 --- a/hotspot-to-wpa-cleanup.wifi.rsc +++ b/hotspot-to-wpa-cleanup.wifi.rsc @@ -22,7 +22,9 @@ :global ParseKeyValueStore; :global ScriptLock; - $ScriptLock $ScriptName false 10; + :if ([ $ScriptLock $ScriptName 10 ] = false) do={ + :return false; + } :local DHCPServers ({}); :foreach Server in=[ /ip/dhcp-server/find where comment~"hotspot-to-wpa" ] do={ diff --git a/hotspot-to-wpa-cleanup.wifiwave2.rsc b/hotspot-to-wpa-cleanup.wifiwave2.rsc index bbb64c5..e5a0cf5 100644 --- a/hotspot-to-wpa-cleanup.wifiwave2.rsc +++ b/hotspot-to-wpa-cleanup.wifiwave2.rsc @@ -22,7 +22,9 @@ :global ParseKeyValueStore; :global ScriptLock; - $ScriptLock $ScriptName false 10; + :if ([ $ScriptLock $ScriptName 10 ] = false) do={ + :return false; + } :local DHCPServers ({}); :foreach Server in=[ /ip/dhcp-server/find where comment~"hotspot-to-wpa" ] do={ diff --git a/hotspot-to-wpa.capsman.rsc b/hotspot-to-wpa.capsman.rsc index f9f9324..7498ae2 100644 --- a/hotspot-to-wpa.capsman.rsc +++ b/hotspot-to-wpa.capsman.rsc @@ -23,7 +23,9 @@ :global ParseKeyValueStore; :global ScriptLock; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :if ([ :len $MacAddress ] = 0 || [ :len $UserName ] = 0) do={ $LogPrintExit2 error $ScriptName ("This script is supposed to run from hotspot on login.") true; diff --git a/hotspot-to-wpa.template.rsc b/hotspot-to-wpa.template.rsc index 9fa52c5..9038d82 100644 --- a/hotspot-to-wpa.template.rsc +++ b/hotspot-to-wpa.template.rsc @@ -24,7 +24,9 @@ :global ParseKeyValueStore; :global ScriptLock; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :if ([ :len $MacAddress ] = 0 || [ :len $UserName ] = 0) do={ $LogPrintExit2 error $ScriptName ("This script is supposed to run from hotspot on login.") true; diff --git a/hotspot-to-wpa.wifi.rsc b/hotspot-to-wpa.wifi.rsc index 7638cf7..83f490d 100644 --- a/hotspot-to-wpa.wifi.rsc +++ b/hotspot-to-wpa.wifi.rsc @@ -23,7 +23,9 @@ :global ParseKeyValueStore; :global ScriptLock; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :if ([ :len $MacAddress ] = 0 || [ :len $UserName ] = 0) do={ $LogPrintExit2 error $ScriptName ("This script is supposed to run from hotspot on login.") true; diff --git a/hotspot-to-wpa.wifiwave2.rsc b/hotspot-to-wpa.wifiwave2.rsc index 1b60227..519f81f 100644 --- a/hotspot-to-wpa.wifiwave2.rsc +++ b/hotspot-to-wpa.wifiwave2.rsc @@ -23,7 +23,9 @@ :global ParseKeyValueStore; :global ScriptLock; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :if ([ :len $MacAddress ] = 0 || [ :len $UserName ] = 0) do={ $LogPrintExit2 error $ScriptName ("This script is supposed to run from hotspot on login.") true; diff --git a/ipsec-to-dns.rsc b/ipsec-to-dns.rsc index ff445e6..e19a11b 100644 --- a/ipsec-to-dns.rsc +++ b/ipsec-to-dns.rsc @@ -25,7 +25,9 @@ :global LogPrintExit2; :global ScriptLock; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :local Zone \ ([ $IfThenElse ($PrefixInZone = true) "ipsec." ] . \ diff --git a/ipv6-update.rsc b/ipv6-update.rsc index 350fc4b..d173347 100644 --- a/ipv6-update.rsc +++ b/ipv6-update.rsc @@ -19,7 +19,9 @@ :global ParseKeyValueStore; :global ScriptLock; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :if ([ :typeof $PdPrefix ] = "nothing") do={ $LogPrintExit2 error $ScriptName ("This script is supposed to run from ipv6 dhcp-client.") true; diff --git a/lease-script.rsc b/lease-script.rsc index 64e7f46..582f8ff 100644 --- a/lease-script.rsc +++ b/lease-script.rsc @@ -34,7 +34,9 @@ $LogPrintExit2 debug $ScriptName ("DHCP Server " . $leaseServerName . " " . [ $IfThenElse ($leaseBound = 0) \ "de" "" ] . "assigned lease " . $leaseActIP . " to " . $leaseActMAC) false; - $ScriptLock $ScriptName false 10; + :if ([ $ScriptLock $ScriptName 10 ] = false) do={ + :return false; + } :if ([ :len [ /system/script/job/find where script=$ScriptName ] ] > 1) do={ $LogPrintExit2 debug $ScriptName ("More invocations are waiting, exiting early.") false; diff --git a/log-forward.rsc b/log-forward.rsc index 5044d43..b9dbc8b 100644 --- a/log-forward.rsc +++ b/log-forward.rsc @@ -32,7 +32,9 @@ :global SendNotification2; :global SymbolForNotification; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :if ([ :typeof $LogForwardRateLimit ] = "nothing") do={ :set LogForwardRateLimit 0; diff --git a/netwatch-dns.rsc b/netwatch-dns.rsc index 1603427..2468d35 100644 --- a/netwatch-dns.rsc +++ b/netwatch-dns.rsc @@ -20,7 +20,9 @@ :global ParseKeyValueStore; :global ScriptLock; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :local SettleTime (5m30s - [ /system/resource/get uptime ]); :if ($SettleTime > 0s) do={ diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index 28ab229..ce74ffa 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -75,7 +75,9 @@ :return false; } - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :local ScriptFromTerminalCached [ $ScriptFromTerminal $ScriptName ]; diff --git a/ospf-to-leds.rsc b/ospf-to-leds.rsc index a462d2a..3ca16db 100644 --- a/ospf-to-leds.rsc +++ b/ospf-to-leds.rsc @@ -18,7 +18,9 @@ :global ParseKeyValueStore; :global ScriptLock; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :foreach Instance in=[ /routing/ospf/instance/find where comment~"^ospf-to-leds," ] do={ :local InstanceVal [ /routing/ospf/instance/get $Instance ]; diff --git a/packages-update.rsc b/packages-update.rsc index e6bed78..5b6d158 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -43,7 +43,9 @@ :return true; } - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :local Update [ /system/package/update/get ]; diff --git a/sms-forward.rsc b/sms-forward.rsc index f85dab2..7c4488a 100644 --- a/sms-forward.rsc +++ b/sms-forward.rsc @@ -27,7 +27,9 @@ :global ValidateSyntax; :global WaitFullyConnected; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :if ([ /tool/sms/get receive-enabled ] = false) do={ $LogPrintOnce warning $ScriptName ("Receiving of SMS is not enabled.") true; diff --git a/telegram-chat.rsc b/telegram-chat.rsc index 197c8a3..bb12042 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -43,7 +43,9 @@ :global WaitForFile; :global WaitFullyConnected; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } $WaitFullyConnected; diff --git a/update-gre-address.rsc b/update-gre-address.rsc index 62cdfe1..d9a7a55 100644 --- a/update-gre-address.rsc +++ b/update-gre-address.rsc @@ -19,7 +19,9 @@ :global LogPrintExit2; :global ScriptLock; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } /interface/gre/set remote-address=0.0.0.0 disabled=yes [ find where !running !disabled ]; diff --git a/update-tunnelbroker.rsc b/update-tunnelbroker.rsc index c61d82e..90e3f24 100644 --- a/update-tunnelbroker.rsc +++ b/update-tunnelbroker.rsc @@ -21,7 +21,9 @@ :global ParseKeyValueStore; :global ScriptLock; - $ScriptLock $ScriptName; + :if ([ $ScriptLock $ScriptName ] = false) do={ + :return false; + } :if ([ $CertificateAvailable "Starfield Secure Certificate Authority - G2" ] = false) do={ $LogPrintExit2 error $ScriptName ("Downloading required certificate failed.") true; From 6546e7f085c9a5ce33c6efa0b1887d178eb4ac5a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 305/908] lease-script: drop main function, use :do with on-error --- lease-script.rsc | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/lease-script.rsc b/lease-script.rsc index 582f8ff..0f6b7f8 100644 --- a/lease-script.rsc +++ b/lease-script.rsc @@ -11,12 +11,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; - :local leaseActIP [ :tostr $2 ]; - :local leaseActMAC [ :tostr $2 ]; - :local leaseServerName [ :tostr $2 ]; - :local leaseBound [ :tostr $2 ]; +:do { + :local ScriptName [ :jobname ]; :global Grep; :global IfThenElse; @@ -35,12 +31,12 @@ "de" "" ] . "assigned lease " . $leaseActIP . " to " . $leaseActMAC) false; :if ([ $ScriptLock $ScriptName 10 ] = false) do={ - :return false; + :error false; } :if ([ :len [ /system/script/job/find where script=$ScriptName ] ] > 1) do={ $LogPrintExit2 debug $ScriptName ("More invocations are waiting, exiting early.") false; - :return true; + :error true; } :local RunOrder ({}); @@ -59,6 +55,4 @@ $LogPrintExit2 warning $ScriptName ("Running script '" . $Script . "' failed!") false; } } -} - -$Main [ :jobname ] $leaseActIP $leaseActMAC $leaseServerName $leaseBound; +} on-error={ } From cdc0db3b814f8119649536300c604d4a31261f85 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 306/908] doc/netwatch-notify: add badges --- doc/netwatch-notify.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/netwatch-notify.md b/doc/netwatch-notify.md index e252d39..6f3e1ce 100644 --- a/doc/netwatch-notify.md +++ b/doc/netwatch-notify.md @@ -1,6 +1,13 @@ Notify on host up and down ========================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From 34620ba53cb5fd1e3160c0a53a36c27ba34da256 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 5 Mar 2024 11:06:53 +0100 Subject: [PATCH 307/908] capsman-download-packages: drop support for wifiwave2 --- capsman-download-packages.template.rsc | 9 --- capsman-download-packages.wifiwave2.rsc | 83 ------------------------- doc/capsman-download-packages.md | 19 ++---- 3 files changed, 4 insertions(+), 107 deletions(-) delete mode 100644 capsman-download-packages.wifiwave2.rsc diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index 41d2dca..a76071e 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -32,7 +32,6 @@ :local PackagePath [ $CleanFilePath [ /caps-man/manager/get package-path ] ]; :local PackagePath [ $CleanFilePath [ /interface/wifi/capsman/get package-path ] ]; - :local PackagePath [ $CleanFilePath [ /interface/wifiwave2/capsman/get package-path ] ]; :local InstalledVersion [ /system/package/update/get installed-version ]; :local Updated false; @@ -65,21 +64,14 @@ :if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={ $LogPrintExit2 info $ScriptName ("No packages available, downloading default set.") false; # NOT /interface/wifi/ # -# NOT /interface/wifiwave2/ # :foreach Arch in={ "arm"; "mipsbe" } do={ :foreach Package in={ "routeros"; "wireless" } do={ # NOT /interface/wifi/ # -# NOT /interface/wifiwave2/ # # NOT /caps-man/ # :foreach Arch in={ "arm"; "arm64" } do={ -# NOT /interface/wifi/ # - :foreach Package in={ "routeros"; "wifiwave2" } do={ -# NOT /interface/wifi/ # -# NOT /interface/wifiwave2/ # :local Packages { "arm"={ "routeros"; "wifi-qcom"; "wifi-qcom-ac" }; "arm64"={ "routeros"; "wifi-qcom" } }; :foreach Package in=($Packages->$Arch) do={ -# NOT /interface/wifiwave2/ # # NOT /caps-man/ # :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={ :set Updated true; @@ -95,7 +87,6 @@ } else={ /caps-man/remote-cap/upgrade [ find where version!=$InstalledVersion ]; /interface/wifi/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ]; - /interface/wifiwave2/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ]; } } } diff --git a/capsman-download-packages.wifiwave2.rsc b/capsman-download-packages.wifiwave2.rsc deleted file mode 100644 index 2b8ea73..0000000 --- a/capsman-download-packages.wifiwave2.rsc +++ /dev/null @@ -1,83 +0,0 @@ -#!rsc by RouterOS -# RouterOS script: capsman-download-packages.wifiwave2 -# Copyright (c) 2018-2024 Christian Hesse -# Michael Gisbers -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md -# -# requires RouterOS, version=7.12 -# -# download and cleanup packages for CAP installation from CAPsMAN -# https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-download-packages.md -# -# !! Do not edit this file, it is generated from template! - -:global GlobalFunctionsReady; -:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } - -:local Main do={ - :local ScriptName [ :tostr $1 ]; - - :global CleanFilePath; - :global DownloadPackage; - :global LogPrintExit2; - :global MkDir; - :global ScriptLock; - :global WaitFullyConnected; - - :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; - } - $WaitFullyConnected; - - :local PackagePath [ $CleanFilePath [ /interface/wifiwave2/capsman/get package-path ] ]; - :local InstalledVersion [ /system/package/update/get installed-version ]; - :local Updated false; - - :if ([ :len $PackagePath ] = 0) do={ - $LogPrintExit2 warning $ScriptName ("The CAPsMAN package path is not defined, can not download packages.") true; - } - - :if ([ :len [ /file/find where name=$PackagePath type="directory" ] ] = 0) do={ - :if ([ $MkDir $PackagePath ] = false) do={ - $LogPrintExit2 warning $ScriptName ("Creating directory at CAPsMAN package path (" . \ - $PackagePath . ") failed!") true; - } - $LogPrintExit2 info $ScriptName ("Created directory at CAPsMAN package path (" . $PackagePath . \ - "). Please place your packages!") false; - } - - :foreach Package in=[ /file/find where type=package \ - package-version!=$InstalledVersion name~("^" . $PackagePath) ] do={ - :local File [ /file/get $Package ]; - :if ($File->"package-architecture" = "mips") do={ - :set ($File->"package-architecture") "mipsbe"; - } - :if ([ $DownloadPackage ($File->"package-name") $InstalledVersion \ - ($File->"package-architecture") $PackagePath ] = true) do={ - :set Updated true; - /file/remove $Package; - } - } - - :if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={ - $LogPrintExit2 info $ScriptName ("No packages available, downloading default set.") false; - :foreach Arch in={ "arm"; "arm64" } do={ - :foreach Package in={ "routeros"; "wifiwave2" } do={ - :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={ - :set Updated true; - } - } - } - } - - :if ($Updated = true) do={ - :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade\n" ]->0); - :if ([ :len $Script ] > 0) do={ - /system/script/run $Script; - } else={ - /interface/wifiwave2/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ]; - } - } -} - -$Main [ :jobname ]; diff --git a/doc/capsman-download-packages.md b/doc/capsman-download-packages.md index 5b9550d..03e4497 100644 --- a/doc/capsman-download-packages.md +++ b/doc/capsman-download-packages.md @@ -23,31 +23,21 @@ as that is where packages are downloaded to and where the system expects them. Then just install the script on CAPsMAN device. -Depending on whether you use `wifi` package (`/interface/wifi`), `wifiwave2` -package (`/interface/wifiwave2`) or legacy wifi with CAPsMAN (`/caps-man`) -you need to install a different script. +Depending on whether you use `wifi` package (`/interface/wifi`) or legacy +wifi with CAPsMAN (`/caps-man`) you need to install a different script. -For `wifi` (RouterOS 7.13 and later): +For `wifi`: $ScriptInstallUpdate capsman-download-packages.wifi; -For `wifiwave2` (up to RouterOS 7.12): - - $ScriptInstallUpdate capsman-download-packages.wifiwave2; - For legacy CAPsMAN: $ScriptInstallUpdate capsman-download-packages.capsman; -Optionally add a scheduler to run after startup. For `wifi` (RouterOS 7.13 -and later): +Optionally add a scheduler to run after startup. For `wifi`: /system/scheduler/add name=capsman-download-packages on-event="/system/script/run capsman-download-packages.wifi;" start-time=startup; -For `wifiwave2` (up to RouterOS 7.12): - - /system/scheduler/add name=capsman-download-packages on-event="/system/script/run capsman-download-packages.wifiwave2;" start-time=startup; - For legacy CAPsMAN: /system/scheduler/add name=capsman-download-packages on-event="/system/script/run capsman-download-packages.capsman;" start-time=startup; @@ -58,7 +48,6 @@ unconditionally. If no packages are found the script downloads a default set of packages: * `wifi`: `routeros` and `wifi-qcom` for *arm* and *arm64*, `wifi-qcom-ac` for *arm* - * `wifiwave2`: `routeros` and `wifiwave2` for *arm* and *arm64* * legacy CAPsMAN: `routeros` and `wireless` for *arm* and *mipsbe* > ℹ️ **Info**: If you have packages in the directory and things go wrong for From ada91536366d72e1a30c186be9289fb455ab3149 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 5 Mar 2024 21:48:21 +0100 Subject: [PATCH 308/908] global-functions: $ScriptLock: fix wording... ... as this does (no longer) abort. --- global-functions.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 1e36616..6ddcbd3 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1290,7 +1290,7 @@ $RemoveTicket $Script $MyTicket; $LogPrintExit2 info $0 ("Script '" . $Script . "' started more than once" . [ $IfThenElse ($WaitCount > 0) \ - " and timed out waiting for lock" "" ] . "... Aborting.") false; + " and timed out waiting for lock" "" ] . "...") false; :return false; } From 52f54baea08184294825b24a43f1c21a45de265d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 309/908] log-forward: drop main function, use :do with on-error --- log-forward.rsc | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/log-forward.rsc b/log-forward.rsc index b9dbc8b..09e3b84 100644 --- a/log-forward.rsc +++ b/log-forward.rsc @@ -11,8 +11,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global Identity; :global LogForwardFilter; @@ -33,7 +33,7 @@ :global SymbolForNotification; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } :if ([ :typeof $LogForwardRateLimit ] = "nothing") do={ @@ -43,7 +43,7 @@ :if ($LogForwardRateLimit > 30) do={ :set LogForwardRateLimit ($LogForwardRateLimit - 1); $LogPrintExit2 info $ScriptName ("Rate limit in action, not forwarding logs, if any!") false; - :return true; + :error false; } :local Count 0; @@ -99,6 +99,4 @@ } else={ :set LogForwardRateLimit [ $MAX 0 ($LogForwardRateLimit - 1) ]; } -} - -$Main [ :jobname ]; +} on-error={ } From 6786fbb29224e26994b5f2e091fef2c979e04919 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 310/908] doc/ospf-to-leds: add badges --- doc/ospf-to-leds.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/ospf-to-leds.md b/doc/ospf-to-leds.md index ce7f9ff..a7d4e9a 100644 --- a/doc/ospf-to-leds.md +++ b/doc/ospf-to-leds.md @@ -1,6 +1,13 @@ Visualize OSPF state via LEDs ============================= +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From e8c5585cc7557c5785096f33c678a4d789158874 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 5 Mar 2024 11:07:59 +0100 Subject: [PATCH 311/908] capsman-rolling-upgrade: drop support for wifiwave2 --- capsman-rolling-upgrade.template.rsc | 4 --- capsman-rolling-upgrade.wifiwave2.rsc | 49 --------------------------- doc/capsman-rolling-upgrade.md | 11 ++---- 3 files changed, 3 insertions(+), 61 deletions(-) delete mode 100644 capsman-rolling-upgrade.wifiwave2.rsc diff --git a/capsman-rolling-upgrade.template.rsc b/capsman-rolling-upgrade.template.rsc index c810f43..731dbeb 100644 --- a/capsman-rolling-upgrade.template.rsc +++ b/capsman-rolling-upgrade.template.rsc @@ -30,16 +30,13 @@ :local RemoteCapCount [ :len [ /caps-man/remote-cap/find ] ]; :local RemoteCapCount [ :len [ /interface/wifi/capsman/remote-cap/find ] ]; - :local RemoteCapCount [ :len [ /interface/wifiwave2/capsman/remote-cap/find ] ]; :if ($RemoteCapCount > 0) do={ :local Delay (600 / $RemoteCapCount); :if ($Delay > 120) do={ :set Delay 120; } :foreach RemoteCap in=[ /caps-man/remote-cap/find where version!=$InstalledVersion ] do={ :foreach RemoteCap in=[ /interface/wifi/capsman/remote-cap/find where version!=$InstalledVersion ] do={ - :foreach RemoteCap in=[ /interface/wifiwave2/capsman/remote-cap/find where version!=$InstalledVersion ] do={ :local RemoteCapVal [ /caps-man/remote-cap/get $RemoteCap ]; :local RemoteCapVal [ /interface/wifi/capsman/remote-cap/get $RemoteCap ]; - :local RemoteCapVal [ /interface/wifiwave2/capsman/remote-cap/get $RemoteCap ]; :if ([ :len $RemoteCapVal ] > 1) do={ # NOT /caps-man/ # :set ($RemoteCapVal->"name") ($RemoteCapVal->"common-name"); @@ -48,7 +45,6 @@ " (" . $RemoteCapVal->"identity" . ")...") false; /caps-man/remote-cap/upgrade $RemoteCap; /interface/wifi/capsman/remote-cap/upgrade $RemoteCap; - /interface/wifiwave2/capsman/remote-cap/upgrade $RemoteCap; } else={ $LogPrintExit2 warning $ScriptName ("Remote CAP vanished, skipping upgrade.") false; } diff --git a/capsman-rolling-upgrade.wifiwave2.rsc b/capsman-rolling-upgrade.wifiwave2.rsc deleted file mode 100644 index 4b3aba4..0000000 --- a/capsman-rolling-upgrade.wifiwave2.rsc +++ /dev/null @@ -1,49 +0,0 @@ -#!rsc by RouterOS -# RouterOS script: capsman-rolling-upgrade.wifiwave2 -# Copyright (c) 2018-2024 Christian Hesse -# Michael Gisbers -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md -# -# provides: capsman-rolling-upgrade -# requires RouterOS, version=7.12 -# -# upgrade CAPs one after another -# https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-rolling-upgrade.md -# -# !! Do not edit this file, it is generated from template! - -:global GlobalFunctionsReady; -:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } - -:local Main do={ - :local ScriptName [ :tostr $1 ]; - - :global LogPrintExit2; - :global ScriptLock; - - :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; - } - - :local InstalledVersion [ /system/package/update/get installed-version ]; - - :local RemoteCapCount [ :len [ /interface/wifiwave2/capsman/remote-cap/find ] ]; - :if ($RemoteCapCount > 0) do={ - :local Delay (600 / $RemoteCapCount); - :if ($Delay > 120) do={ :set Delay 120; } - :foreach RemoteCap in=[ /interface/wifiwave2/capsman/remote-cap/find where version!=$InstalledVersion ] do={ - :local RemoteCapVal [ /interface/wifiwave2/capsman/remote-cap/get $RemoteCap ]; - :if ([ :len $RemoteCapVal ] > 1) do={ - :set ($RemoteCapVal->"name") ($RemoteCapVal->"common-name"); - $LogPrintExit2 info $ScriptName ("Starting upgrade for " . $RemoteCapVal->"name" . \ - " (" . $RemoteCapVal->"identity" . ")...") false; - /interface/wifiwave2/capsman/remote-cap/upgrade $RemoteCap; - } else={ - $LogPrintExit2 warning $ScriptName ("Remote CAP vanished, skipping upgrade.") false; - } - :delay ($Delay . "s"); - } - } -} - -$Main [ :jobname ]; diff --git a/doc/capsman-rolling-upgrade.md b/doc/capsman-rolling-upgrade.md index bbc8e14..b4e342d 100644 --- a/doc/capsman-rolling-upgrade.md +++ b/doc/capsman-rolling-upgrade.md @@ -21,18 +21,13 @@ Requirements and installation ----------------------------- Just install the script on CAPsMAN device. -Depending on whether you use `wifi` package (`/interface/wifi`), `wifiwave2` -package (`/interface/wifiwave2`) or legacy wifi with CAPsMAN (`/caps-man`) -you need to install a different script. +Depending on whether you use `wifi` package (`/interface/wifi`) or legacy +wifi with CAPsMAN (`/caps-man`) you need to install a different script. -For `wifi` (RouterOS 7.13 and later): +For `wifi`: $ScriptInstallUpdate capsman-rolling-upgrade.wifi; -For `wifiwave2` (up to RouterOS 7.12): - - $ScriptInstallUpdate capsman-rolling-upgrade.wifiwave2; - For legacy CAPsMAN: $ScriptInstallUpdate capsman-rolling-upgrade.capsman; From 4dd6bdef3185d154c5b28efa7075f50cdb990682 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 312/908] mode-button: drop main function, use :do with on-error --- mode-button.rsc | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/mode-button.rsc b/mode-button.rsc index 0cd9167..07788cb 100644 --- a/mode-button.rsc +++ b/mode-button.rsc @@ -11,8 +11,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global ModeButton; @@ -78,6 +78,4 @@ $LogPrintExit2 debug $ScriptName ("Updating scheduler _ModeButtonScheduler...") false; /system/scheduler/set $Scheduler start-time=[ /system/clock/get time ]; } -} - -$Main [ :jobname ]; +} on-error={ } From 4ff543e6296c5bf9998c32a94905d47935a93d2c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 313/908] doc/packages-update: add badges --- doc/packages-update.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/packages-update.md b/doc/packages-update.md index b3acf89..86eae0d 100644 --- a/doc/packages-update.md +++ b/doc/packages-update.md @@ -1,6 +1,13 @@ Manage system update ==================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From b4146083296884be88ed73652dc1ee5f3ccf0c63 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 5 Mar 2024 11:09:06 +0100 Subject: [PATCH 314/908] collect-wireless-mac: drop support for wifiwave2 --- collect-wireless-mac.template.rsc | 8 --- collect-wireless-mac.wifiwave2.rsc | 98 ------------------------------ doc/collect-wireless-mac.md | 13 ++-- 3 files changed, 4 insertions(+), 115 deletions(-) delete mode 100644 collect-wireless-mac.wifiwave2.rsc diff --git a/collect-wireless-mac.template.rsc b/collect-wireless-mac.template.rsc index d046fbe..e633e03 100644 --- a/collect-wireless-mac.template.rsc +++ b/collect-wireless-mac.template.rsc @@ -35,28 +35,23 @@ :if ([ :len [ /caps-man/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ :if ([ :len [ /interface/wifi/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ - :if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ :if ([ :len [ /interface/wireless/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ /caps-man/access-list/add comment="--- collected above ---" disabled=yes; /interface/wifi/access-list/add comment="--- collected above ---" disabled=yes; - /interface/wifiwave2/access-list/add comment="--- collected above ---" disabled=yes; /interface/wireless/access-list/add comment="--- collected above ---" disabled=yes; $LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- collected above ---'.") false; } :local PlaceBefore ([ /caps-man/access-list/find where comment="--- collected above ---" disabled ]->0); :local PlaceBefore ([ /interface/wifi/access-list/find where comment="--- collected above ---" disabled ]->0); - :local PlaceBefore ([ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ]->0); :local PlaceBefore ([ /interface/wireless/access-list/find where comment="--- collected above ---" disabled ]->0); :foreach Reg in=[ /caps-man/registration-table/find ] do={ :foreach Reg in=[ /interface/wifi/registration-table/find ] do={ - :foreach Reg in=[ /interface/wifiwave2/registration-table/find ] do={ :foreach Reg in=[ /interface/wireless/registration-table/find where ap=no ] do={ :local RegVal; :do { :set RegVal [ /caps-man/registration-table/get $Reg ]; :set RegVal [ /interface/wifi/registration-table/get $Reg ]; - :set RegVal [ /interface/wifiwave2/registration-table/get $Reg ]; :set RegVal [ /interface/wireless/registration-table/get $Reg ]; } on-error={ $LogPrintExit2 debug $ScriptName ("Device already gone... Ignoring.") false; @@ -65,13 +60,11 @@ :if ([ :len ($RegVal->"mac-address") ] > 0) do={ :local AccessList ([ /caps-man/access-list/find where mac-address=($RegVal->"mac-address") ]->0); :local AccessList ([ /interface/wifi/access-list/find where mac-address=($RegVal->"mac-address") ]->0); - :local AccessList ([ /interface/wifiwave2/access-list/find where mac-address=($RegVal->"mac-address") ]->0); :local AccessList ([ /interface/wireless/access-list/find where mac-address=($RegVal->"mac-address") ]->0); :if ([ :len $AccessList ] > 0) do={ $LogPrintExit2 debug $ScriptName ("MAC address " . $RegVal->"mac-address" . " already known: " . \ [ /caps-man/access-list/get $AccessList comment ]) false; [ /interface/wifi/access-list/get $AccessList comment ]) false; - [ /interface/wifiwave2/access-list/get $AccessList comment ]) false; [ /interface/wireless/access-list/get $AccessList comment ]) false; } @@ -100,7 +93,6 @@ $LogPrintExit2 info $ScriptName $Message false; /caps-man/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; /interface/wifi/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; - /interface/wifiwave2/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; /interface/wireless/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; $SendNotification2 ({ origin=$ScriptName; \ subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \ diff --git a/collect-wireless-mac.wifiwave2.rsc b/collect-wireless-mac.wifiwave2.rsc deleted file mode 100644 index de8cdab..0000000 --- a/collect-wireless-mac.wifiwave2.rsc +++ /dev/null @@ -1,98 +0,0 @@ -#!rsc by RouterOS -# RouterOS script: collect-wireless-mac.wifiwave2 -# Copyright (c) 2013-2024 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md -# -# provides: lease-script, order=40 -# requires RouterOS, version=7.12 -# -# collect wireless mac adresses in access list -# https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md -# -# !! Do not edit this file, it is generated from template! - -:global GlobalFunctionsReady; -:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } - -:local Main do={ - :local ScriptName [ :tostr $1 ]; - - :global Identity; - - :global EitherOr; - :global FormatLine; - :global FormatMultiLines; - :global GetMacVendor; - :global LogPrintExit2; - :global ScriptLock; - :global SendNotification2; - :global SymbolForNotification; - - :if ([ $ScriptLock $ScriptName 10 ] = false) do={ - :return false; - } - - :if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ - /interface/wifiwave2/access-list/add comment="--- collected above ---" disabled=yes; - $LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- collected above ---'.") false; - } - :local PlaceBefore ([ /interface/wifiwave2/access-list/find where comment="--- collected above ---" disabled ]->0); - - :foreach Reg in=[ /interface/wifiwave2/registration-table/find ] do={ - :local RegVal; - :do { - :set RegVal [ /interface/wifiwave2/registration-table/get $Reg ]; - } on-error={ - $LogPrintExit2 debug $ScriptName ("Device already gone... Ignoring.") false; - } - - :if ([ :len ($RegVal->"mac-address") ] > 0) do={ - :local AccessList ([ /interface/wifiwave2/access-list/find where mac-address=($RegVal->"mac-address") ]->0); - :if ([ :len $AccessList ] > 0) do={ - $LogPrintExit2 debug $ScriptName ("MAC address " . $RegVal->"mac-address" . " already known: " . \ - [ /interface/wifiwave2/access-list/get $AccessList comment ]) false; - } - - :if ([ :len $AccessList ] = 0) do={ - :local Address "no dhcp lease"; - :local DnsName "no dhcp lease"; - :local HostName "no dhcp lease"; - :local Lease ([ /ip/dhcp-server/lease/find where active-mac-address=($RegVal->"mac-address") dynamic=yes status=bound ]->0); - :if ([ :len $Lease ] > 0) do={ - :set Address [ /ip/dhcp-server/lease/get $Lease active-address ]; - :set HostName [ $EitherOr [ /ip/dhcp-server/lease/get $Lease host-name ] "no hostname" ]; - :set DnsName "no dns name"; - :local DnsRec ([ /ip/dns/static/find where address=$Address ]->0); - :if ([ :len $DnsRec ] > 0) do={ - :set DnsName ({ [ /ip/dns/static/get $DnsRec name ] }); - :foreach CName in=[ /ip/dns/static/find where type=CNAME cname=($DnsName->0) ] do={ - :set DnsName ($DnsName, [ /ip/dns/static/get $CName name ]); - } - } - } - :local DateTime ([ /system/clock/get date ] . " " . [ /system/clock/get time ]); - :local Vendor [ $GetMacVendor ($RegVal->"mac-address") ]; - :local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \ - "first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface"); - $LogPrintExit2 info $ScriptName $Message false; - /interface/wifiwave2/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; - $SendNotification2 ({ origin=$ScriptName; \ - subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \ - message=("A device with unknown MAC address connected to " . $RegVal->"ssid" . " on " . $Identity . ".\n\n" . \ - [ $FormatLine "Controller" $Identity ] . "\n" . \ - [ $FormatLine "Interface" ($RegVal->"interface") ] . "\n" . \ - [ $FormatLine "SSID" ($RegVal->"ssid") ] . "\n" . \ - [ $FormatLine "MAC" ($RegVal->"mac-address") ] . "\n" . \ - [ $FormatLine "Vendor" $Vendor ] . "\n" . \ - [ $FormatLine "Hostname" $HostName ] . "\n" . \ - [ $FormatLine "Address" $Address ] . "\n" . \ - [ $FormatMultiLines "DNS name" $DnsName ] . "\n" . \ - [ $FormatLine "Date" $DateTime ]) }); - } - } else={ - $LogPrintExit2 debug $ScriptName ("No mac address available... Ignoring.") false; - } - } -} - -$Main [ :jobname ]; diff --git a/doc/collect-wireless-mac.md b/doc/collect-wireless-mac.md index e73cf58..49772e9 100644 --- a/doc/collect-wireless-mac.md +++ b/doc/collect-wireless-mac.md @@ -22,19 +22,14 @@ and modify it to your needs. Requirements and installation ----------------------------- -Depending on whether you use `wifi` package (`/interface/wifi`), `wifiwave2` -package (`/interface/wifiwave2`), legacy wifi with CAPsMAN (`/caps-man`) -or local wireless interface (`/interface/wireless`) you need to install a -different script. +Depending on whether you use `wifi` package (`/interface/wifi`), legacy +wifi with CAPsMAN (`/caps-man`) or local wireless interface +(`/interface/wireless`) you need to install a different script. -For `wifi` (RouterOS 7.13 and later): +For `wifi`: $ScriptInstallUpdate collect-wireless-mac.wifi; -For `wifiwave2` (up to RouterOS 7.12): - - $ScriptInstallUpdate collect-wireless-mac.wifiwave2; - For legacy CAPsMAN: $ScriptInstallUpdate collect-wireless-mac.capsman; From 0d35a18c7166ce85efebc6966435ce72826744ad Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 16:45:01 +0100 Subject: [PATCH 315/908] global-wait: drop unused variable --- global-wait.rsc | 1 - 1 file changed, 1 deletion(-) diff --git a/global-wait.rsc b/global-wait.rsc index 9564a12..f8c767b 100644 --- a/global-wait.rsc +++ b/global-wait.rsc @@ -8,6 +8,5 @@ # wait for global-functions to finish # https://git.eworm.de/cgit/routeros-scripts/about/doc/global-wait.md -:local 0 [ :jobname ]; :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 8fcb8efbea2b377f12038f983d751c99aad07fb7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 316/908] netwatch-dns: drop main function, use :do with on-error --- netwatch-dns.rsc | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/netwatch-dns.rsc b/netwatch-dns.rsc index 2468d35..76f2685 100644 --- a/netwatch-dns.rsc +++ b/netwatch-dns.rsc @@ -11,8 +11,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global CertificateAvailable; :global EitherOr; @@ -21,13 +21,13 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } :local SettleTime (5m30s - [ /system/resource/get uptime ]); :if ($SettleTime > 0s) do={ $LogPrintExit2 info $ScriptName ("System just booted, giving netwatch " . $SettleTime . " to settle.") false; - :return true; + :error true; } :local DnsServers ({}); @@ -84,7 +84,7 @@ :if ($DohCurrent = $HostInfo->"doh-url") do={ $LogPrintExit2 debug $ScriptName ("Current DoH server is still up: " . $DohCurrent) false; - :return true; + :error true; } :set ($DohServers->[ :len $DohServers ]) $HostInfo; @@ -121,13 +121,11 @@ /ip/dns/set use-doh-server=($DohServer->"doh-url") verify-doh-cert=yes; /ip/dns/cache/flush; $LogPrintExit2 info $ScriptName ("Setting DoH server: " . ($DohServer->"doh-url")) false; - :return true; + :error true; } else={ $LogPrintExit2 warning $ScriptName ("Received unexpected response from DoH server: " . \ ($DohServer->"doh-url")) false; } } } -} - -$Main [ :jobname ]; +} on-error={ } From 2038480b00fb503d4e851877e420795d323e5a35 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:18 +0100 Subject: [PATCH 317/908] doc/ppp-on-up: add badges --- doc/ppp-on-up.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/ppp-on-up.md b/doc/ppp-on-up.md index d5d0ae5..418f05e 100644 --- a/doc/ppp-on-up.md +++ b/doc/ppp-on-up.md @@ -1,6 +1,13 @@ Run scripts on ppp connection ============================= +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From decb8fb17a8530765aec82f5b5df1bffa5407024 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 5 Mar 2024 11:10:24 +0100 Subject: [PATCH 318/908] daily-psk: drop support for wifiwave2 --- daily-psk.template.rsc | 9 +--- daily-psk.wifiwave2.rsc | 94 ----------------------------------------- doc/daily-psk.md | 22 +++------- 3 files changed, 7 insertions(+), 118 deletions(-) delete mode 100644 daily-psk.wifiwave2.rsc diff --git a/daily-psk.template.rsc b/daily-psk.template.rsc index 93cefeb..c45f34a 100644 --- a/daily-psk.template.rsc +++ b/daily-psk.template.rsc @@ -63,21 +63,16 @@ :foreach AccList in=[ /caps-man/access-list/find where comment~$DailyPskMatchComment ] do={ :foreach AccList in=[ /interface/wifi/access-list/find where comment~$DailyPskMatchComment ] do={ - :foreach AccList in=[ /interface/wifiwave2/access-list/find where comment~$DailyPskMatchComment ] do={ :foreach AccList in=[ /interface/wireless/access-list/find where comment~$DailyPskMatchComment ] do={ :local SsidRegExp [ /caps-man/access-list/get $AccList ssid-regexp ]; :local SsidRegExp [ /interface/wifi/access-list/get $AccList ssid-regexp ]; - :local SsidRegExp [ /interface/wifiwave2/access-list/get $AccList ssid-regexp ]; :local Configuration ([ /caps-man/configuration/find where ssid~$SsidRegExp ]->0); :local Configuration ([ /interface/wifi/configuration/find where ssid~$SsidRegExp ]->0); - :local Configuration ([ /interface/wifiwave2/configuration/find where ssid~$SsidRegExp ]->0); :local Ssid [ /caps-man/configuration/get $Configuration ssid ]; :local Ssid [ /interface/wifi/configuration/get $Configuration ssid ]; - :local Ssid [ /interface/wifiwave2/configuration/get $Configuration ssid ]; :local OldPsk [ /caps-man/access-list/get $AccList private-passphrase ]; :local OldPsk [ /interface/wifi/access-list/get $AccList passphrase ]; - :local OldPsk [ /interface/wifiwave2/access-list/get $AccList passphrase ]; - # /caps-man/ /interface/wifi/ /interface/wifiwave2/ above - /interface/wireless/ below + # /caps-man/ /interface/wifi/ above - /interface/wireless/ below :local IntName [ /interface/wireless/access-list/get $AccList interface ]; :local Ssid [ /interface/wireless/get $IntName ssid ]; :local OldPsk [ /interface/wireless/access-list/get $AccList private-pre-shared-key ]; @@ -87,12 +82,10 @@ $LogPrintExit2 info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false; /caps-man/access-list/set $AccList private-passphrase=$NewPsk; /interface/wifi/access-list/set $AccList passphrase=$NewPsk; - /interface/wifiwave2/access-list/set $AccList passphrase=$NewPsk; /interface/wireless/access-list/set $AccList private-pre-shared-key=$NewPsk; :if ([ :len [ /caps-man/actual-interface-configuration/find where configuration.ssid=$Ssid !disabled ] ] > 0) do={ :if ([ :len [ /interface/wifi/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={ - :if ([ :len [ /interface/wifiwave2/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={ :if ([ :len [ /interface/wireless/find where name=$IntName !disabled ] ] = 1) do={ :if ($Seen->$Ssid = 1) do={ $LogPrintExit2 debug $ScriptName ("Already sent a mail for SSID " . $Ssid . ", skipping.") false; diff --git a/daily-psk.wifiwave2.rsc b/daily-psk.wifiwave2.rsc deleted file mode 100644 index 4e71489..0000000 --- a/daily-psk.wifiwave2.rsc +++ /dev/null @@ -1,94 +0,0 @@ -#!rsc by RouterOS -# RouterOS script: daily-psk.wifiwave2 -# Copyright (c) 2013-2024 Christian Hesse -# Michael Gisbers -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md -# -# requires RouterOS, version=7.12 -# -# update daily PSK (pre shared key) -# https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md -# -# !! Do not edit this file, it is generated from template! - -:global GlobalFunctionsReady; -:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } - -:local Main do={ - :local ScriptName [ :tostr $1 ]; - - :global DailyPskMatchComment; - :global DailyPskQrCodeUrl; - :global Identity; - - :global FormatLine; - :global LogPrintExit2; - :global ScriptLock; - :global SendNotification2; - :global SymbolForNotification; - :global UrlEncode; - :global WaitForFile; - :global WaitFullyConnected; - - :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; - } - $WaitFullyConnected; - - # return pseudo-random string for PSK - :local GeneratePSK do={ - :local Date [ :tostr $1 ]; - - :global DailyPskSecrets; - - :global ParseDate; - - :set Date [ $ParseDate $Date ]; - - :local A ((14 - ($Date->"month")) / 12); - :local B (($Date->"year") - $A); - :local C (($Date->"month") + 12 * $A - 2); - :local WeekDay (7000 + ($Date->"day") + $B + ($B / 4) - ($B / 100) + ($B / 400) + ((31 * $C) / 12)); - :set WeekDay ($WeekDay - (($WeekDay / 7) * 7)); - - :return (($DailyPskSecrets->0->(($Date->"day") - 1)) . \ - ($DailyPskSecrets->1->(($Date->"month") - 1)) . \ - ($DailyPskSecrets->2->$WeekDay)); - } - - :local Seen ({}); - :local Date [ /system/clock/get date ]; - :local NewPsk [ $GeneratePSK $Date ]; - - :foreach AccList in=[ /interface/wifiwave2/access-list/find where comment~$DailyPskMatchComment ] do={ - :local SsidRegExp [ /interface/wifiwave2/access-list/get $AccList ssid-regexp ]; - :local Configuration ([ /interface/wifiwave2/configuration/find where ssid~$SsidRegExp ]->0); - :local Ssid [ /interface/wifiwave2/configuration/get $Configuration ssid ]; - :local OldPsk [ /interface/wifiwave2/access-list/get $AccList passphrase ]; - :local Skip 0; - - :if ($NewPsk != $OldPsk) do={ - $LogPrintExit2 info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false; - /interface/wifiwave2/access-list/set $AccList passphrase=$NewPsk; - - :if ([ :len [ /interface/wifiwave2/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={ - :if ($Seen->$Ssid = 1) do={ - $LogPrintExit2 debug $ScriptName ("Already sent a mail for SSID " . $Ssid . ", skipping.") false; - } else={ - :local Link ($DailyPskQrCodeUrl . \ - "?scale=8&level=1&ssid=" . [ $UrlEncode $Ssid ] . "&pass=" . [ $UrlEncode $NewPsk ]); - $SendNotification2 ({ origin=$ScriptName; \ - subject=([ $SymbolForNotification "calendar" ] . "daily PSK " . $Ssid); \ - message=("This is the daily PSK on " . $Identity . ":\n\n" . \ - [ $FormatLine "SSID" $Ssid ] . "\n" . \ - [ $FormatLine "PSK" $NewPsk ] . "\n" . \ - [ $FormatLine "Date" $Date ] . "\n\n" . \ - "A client device specific rule must not exist!"); link=$Link }); - :set ($Seen->$Ssid) 1; - } - } - } - } -} - -$Main [ :jobname ]; diff --git a/doc/daily-psk.md b/doc/daily-psk.md index 6eb656c..01fb9f6 100644 --- a/doc/daily-psk.md +++ b/doc/daily-psk.md @@ -21,23 +21,17 @@ Requirements and installation Just install this script. -Depending on whether you use `wifi` package (`/interface/wifi`), `wifiwave2` -package (`/interface/wifiwave2`), legacy wifi with CAPsMAN (`/caps-man`) -or local wireless interface (`/interface/wireless`) you need to install a -different script and add schedulers to run the script: +Depending on whether you use `wifi` package (`/interface/wifi`), legacy +wifi with CAPsMAN (`/caps-man`) or local wireless interface +(`/interface/wireless`) you need to install a different script and add +schedulers to run the script: -For `wifi` (RouterOS 7.13 and later): +For `wifi`: $ScriptInstallUpdate daily-psk.wifi; /system/scheduler/add interval=1d name=daily-psk on-event="/system/script/run daily-psk.wifi;" start-time=03:00:00; /system/scheduler/add name=daily-psk@startup on-event="/system/script/run daily-psk.wifi;" start-time=startup; -For `wifiwave2` (up to RouterOS 7.12): - - $ScriptInstallUpdate daily-psk.wifiwave2; - /system/scheduler/add interval=1d name=daily-psk on-event="/system/script/run daily-psk.wifiwave2;" start-time=03:00:00; - /system/scheduler/add name=daily-psk@startup on-event="/system/script/run daily-psk.wifiwave2;" start-time=startup; - For legacy CAPsMAN: $ScriptInstallUpdate daily-psk.capsman; @@ -64,14 +58,10 @@ The configuration goes to `global-config-overlay`, these are the parameters: > [`global-config`](../global-config.rsc) (the one without `-overlay`) to > your local `global-config-overlay` and modify it to your specific needs. -Then add an access list entry. For `wifi` (RouterOS 7.13 and later): +Then add an access list entry. For `wifi`: /interface/wifi/access-list/add comment="Daily PSK" ssid-regexp="-guest\$" passphrase="ToBeChangedDaily"; -For `wifiwave2` (up to RouterOS 7.12): - - /interface/wifiwave2/access-list/add comment="Daily PSK" ssid-regexp="-guest\$" passphrase="ToBeChangedDaily"; - For legacy CAPsMAN: /caps-man/access-list/add comment="Daily PSK" ssid-regexp="-guest\$" private-passphrase="ToBeChangedDaily"; From 4e1362aacc103c2aa6de86eebf7aa4fc9317c624 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 20:40:35 +0100 Subject: [PATCH 319/908] mod/inspectvar: remove extra spaces --- mod/inspectvar.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mod/inspectvar.rsc b/mod/inspectvar.rsc index c6c8bdd..577abf3 100644 --- a/mod/inspectvar.rsc +++ b/mod/inspectvar.rsc @@ -39,7 +39,7 @@ :local TypeOf [ :typeof $Input ]; :local Return [ $IndentReturn "type" $TypeOf $Level ]; - + :if ($TypeOf = "array") do={ :foreach Key,Value in=$Input do={ :set $Return ($Return . "\n" . \ From 18ed12e3f7ced88d30b53ab1e4c557d25a2df755 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 320/908] netwatch-notify: drop main function, use :do with on-error --- netwatch-notify.rsc | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index ce74ffa..90d26f1 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -11,8 +11,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global NetwatchNotify; @@ -76,7 +76,7 @@ } :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } :local ScriptFromTerminalCached [ $ScriptFromTerminal $ScriptName ]; @@ -217,6 +217,4 @@ "since"=($Metric->"since") }; } } -} - -$Main [ :jobname ]; +} on-error={ } From 42d8fed577a41bbf6cbf837e1bc751784b1d5ae0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:19 +0100 Subject: [PATCH 321/908] doc/sms-action: add badges --- doc/sms-action.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/sms-action.md b/doc/sms-action.md index 3391902..18ca574 100644 --- a/doc/sms-action.md +++ b/doc/sms-action.md @@ -1,6 +1,13 @@ Act on received SMS =================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From 074e70ee51ede8f5344f2750405d0502f78b0b50 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 5 Mar 2024 11:11:15 +0100 Subject: [PATCH 322/908] dhcp-lease-comment: drop support for wifiwave2 --- dhcp-lease-comment.template.rsc | 2 -- dhcp-lease-comment.wifiwave2.rsc | 41 -------------------------------- doc/dhcp-lease-comment.md | 13 ++++------ 3 files changed, 4 insertions(+), 52 deletions(-) delete mode 100644 dhcp-lease-comment.wifiwave2.rsc diff --git a/dhcp-lease-comment.template.rsc b/dhcp-lease-comment.template.rsc index d0133c8..d7f36a3 100644 --- a/dhcp-lease-comment.template.rsc +++ b/dhcp-lease-comment.template.rsc @@ -30,12 +30,10 @@ :local NewComment; :local AccessList ([ /caps-man/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); :local AccessList ([ /interface/wifi/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); - :local AccessList ([ /interface/wifiwave2/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); :local AccessList ([ /interface/wireless/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); :if ([ :len $AccessList ] > 0) do={ :set NewComment [ /caps-man/access-list/get $AccessList comment ]; :set NewComment [ /interface/wifi/access-list/get $AccessList comment ]; - :set NewComment [ /interface/wifiwave2/access-list/get $AccessList comment ]; :set NewComment [ /interface/wireless/access-list/get $AccessList comment ]; } :if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={ diff --git a/dhcp-lease-comment.wifiwave2.rsc b/dhcp-lease-comment.wifiwave2.rsc deleted file mode 100644 index 7cc29da..0000000 --- a/dhcp-lease-comment.wifiwave2.rsc +++ /dev/null @@ -1,41 +0,0 @@ -#!rsc by RouterOS -# RouterOS script: dhcp-lease-comment.wifiwave2 -# Copyright (c) 2013-2024 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md -# -# provides: lease-script, order=60 -# requires RouterOS, version=7.12 -# -# update dhcp-server lease comment with infos from access-list -# https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md -# -# !! Do not edit this file, it is generated from template! - -:global GlobalFunctionsReady; -:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } - -:local Main do={ - :local ScriptName [ :tostr $1 ]; - - :global LogPrintExit2; - :global ScriptLock; - - :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; - } - - :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic=yes status=bound ] do={ - :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; - :local NewComment; - :local AccessList ([ /interface/wifiwave2/access-list/find where mac-address=($LeaseVal->"active-mac-address") ]->0); - :if ([ :len $AccessList ] > 0) do={ - :set NewComment [ /interface/wifiwave2/access-list/get $AccessList comment ]; - } - :if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={ - $LogPrintExit2 info $ScriptName ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment) false; - /ip/dhcp-server/lease/set comment=$NewComment $Lease; - } - } -} - -$Main [ :jobname ]; diff --git a/doc/dhcp-lease-comment.md b/doc/dhcp-lease-comment.md index ae0edfb..d98f3fc 100644 --- a/doc/dhcp-lease-comment.md +++ b/doc/dhcp-lease-comment.md @@ -15,19 +15,14 @@ from wireless access list. Requirements and installation ----------------------------- -Depending on whether you use `wifi` package (`/interface/wifi`), `wifiwave2` -package (`/interface/wifiwave2`), legacy wifi with CAPsMAN (`/caps-man`) -or local wireless interface (`/interface/wireless`) you need to install a -different script. +Depending on whether you use `wifi` package (`/interface/wifi`), legacy +wifi with CAPsMAN (`/caps-man`) or local wireless interface +(`/interface/wireless`) you need to install a different script. -For `wifi` (RouterOS 7.13 and later): +For `wifi`: $ScriptInstallUpdate dhcp-lease-comment.wifi; -For `wifiwave2` (up to RouterOS 7.12): - - $ScriptInstallUpdate dhcp-lease-comment.wifiwave2; - For legacy CAPsMAN: $ScriptInstallUpdate dhcp-lease-comment.capsman; From ed790dea6e7ac48f6f0901b44f7137cc3874403d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 20:40:53 +0100 Subject: [PATCH 323/908] mod/notification-email: remove extra spaces --- mod/notification-email.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index 16d2b86..88bfdac 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -29,7 +29,7 @@ :local AllDone true; :local QueueLen [ :len $EmailQueue ]; :local Scheduler [ /system/scheduler/find where name="_FlushEmailQueue" ]; - + :if ([ :len $Scheduler ] > 0 && [ /system/scheduler/get $Scheduler interval ] < 1m) do={ /system/scheduler/set interval=1m comment="Doing initial checks..." $Scheduler; } From 850e8db9752aa62746183a639da60a0a26b66217 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 324/908] ospf-to-leds: drop main function, use :do with on-error --- ospf-to-leds.rsc | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/ospf-to-leds.rsc b/ospf-to-leds.rsc index 3ca16db..73c9922 100644 --- a/ospf-to-leds.rsc +++ b/ospf-to-leds.rsc @@ -11,15 +11,15 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global LogPrintExit2; :global ParseKeyValueStore; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } :foreach Instance in=[ /routing/ospf/instance/find where comment~"^ospf-to-leds," ] do={ @@ -42,6 +42,4 @@ /system/leds/set type=off [ find where leds=$LED ]; } } -} - -$Main [ :jobname ]; +} on-error={ } From 3995e85ccf4f032d538305db4a095003f713e3cf Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:19 +0100 Subject: [PATCH 325/908] doc/sms-forward: add badges --- doc/sms-forward.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/sms-forward.md b/doc/sms-forward.md index 823805e..2fe9486 100644 --- a/doc/sms-forward.md +++ b/doc/sms-forward.md @@ -1,6 +1,13 @@ Forward received SMS ==================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From 0385c032e270a581a999657919e159a8d58c802e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 5 Mar 2024 11:20:06 +0100 Subject: [PATCH 326/908] hotspot-to-wpa: drop support for wifiwave2 --- doc/hotspot-to-wpa.md | 22 +++------ hotspot-to-wpa.template.rsc | 16 ------ hotspot-to-wpa.wifiwave2.rsc | 95 ------------------------------------ 3 files changed, 6 insertions(+), 127 deletions(-) delete mode 100644 hotspot-to-wpa.wifiwave2.rsc diff --git a/doc/hotspot-to-wpa.md b/doc/hotspot-to-wpa.md index c35bef7..c2a5cc6 100644 --- a/doc/hotspot-to-wpa.md +++ b/doc/hotspot-to-wpa.md @@ -20,21 +20,15 @@ You need a properly configured hotspot on one (open) SSID and a WPA enabled SSID with suffix "`-wpa`". Then install the script. -Depending on whether you use `wifi` package (`/interface/wifi`), `wifiwave2` -package (`/interface/wifiwave2`) or legacy wifi with CAPsMAN (`/caps-man`) -you need to install a different script and set it as `on-login` script in -hotspot. +Depending on whether you use `wifi` package (`/interface/wifi`)or legacy +wifi with CAPsMAN (`/caps-man`) you need to install a different script and +set it as `on-login` script in hotspot. -For `wifi` (RouterOS 7.13 and later): +For `wifi`: $ScriptInstallUpdate hotspot-to-wpa.wifi; /ip/hotspot/user/profile/set on-login="hotspot-to-wpa.wifi" [ find ]; -For `wifiwave2` (up to RouterOS 7.12): - - $ScriptInstallUpdate hotspot-to-wpa.wifiwave2; - /ip/hotspot/user/profile/set on-login="hotspot-to-wpa.wifiwave2" [ find ]; - For legacy CAPsMAN: $ScriptInstallUpdate hotspot-to-wpa.capsman; @@ -97,15 +91,11 @@ Additionally templates can be created to give more options for access list: * `vlan-id`: connect device to specific VLAN * `vlan-mode`: set the VLAN mode for device -For a hotspot called `example` the template could look like this. For -`wifi` (RouterOS 7.13 and later): +For a hotspot called `example` the template could look like this. +For `wifi`: /interface/wifi/access-list/add comment="hotspot-to-wpa template example" disabled=yes passphrase="ignore" ssid-regexp="^example\$" vlan-id=10; -For `wifiwave2` (up to RouterOS 7.12): - - /interface/wifiwave2/access-list/add comment="hotspot-to-wpa template example" disabled=yes passphrase="ignore" ssid-regexp="^example\$" vlan-id=10; - For legacy CAPsMAN: /caps-man/access-list/add comment="hotspot-to-wpa template example" disabled=yes private-passphrase="ignore" ssid-regexp="^example\$" vlan-id=10 vlan-mode=use-tag; diff --git a/hotspot-to-wpa.template.rsc b/hotspot-to-wpa.template.rsc index 9038d82..c96096c 100644 --- a/hotspot-to-wpa.template.rsc +++ b/hotspot-to-wpa.template.rsc @@ -42,28 +42,22 @@ :if ([ :len [ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ :if ([ :len [ /interface/wifi/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ - :if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ /caps-man/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; /interface/wifi/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; - /interface/wifiwave2/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; $LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'.") false; } :local PlaceBefore ([ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); :local PlaceBefore ([ /interface/wifi/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); - :local PlaceBefore ([ /interface/wifiwave2/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); :if ([ :len [ /caps-man/access-list/find where \ :if ([ :len [ /interface/wifi/access-list/find where \ - :if ([ :len [ /interface/wifiwave2/access-list/find where \ comment=("hotspot-to-wpa template " . $Hotspot) disabled ] ] = 0) do={ /caps-man/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; /interface/wifi/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; - /interface/wifiwave2/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; $LogPrintExit2 warning $ScriptName ("Added template in access-list for hotspot '" . $Hotspot . "'.") false; } :local Template [ /caps-man/access-list/get ([ find where \ :local Template [ /interface/wifi/access-list/get ([ find where \ - :local Template [ /interface/wifiwave2/access-list/get ([ find where \ comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ]; :if ($Template->"action" = "reject") do={ @@ -78,16 +72,13 @@ " (user " . $UserName . ").") false; /caps-man/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; /interface/wifi/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; - /interface/wifiwave2/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; /caps-man/access-list/add private-passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ /interface/wifi/access-list/add passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ - /interface/wifiwave2/access-list/add passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ mac-address=$MacAddress comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \ action=reject place-before=$PlaceBefore; :local Entry [ /caps-man/access-list/find where mac-address=$MacAddress \ :local Entry [ /interface/wifi/access-list/find where mac-address=$MacAddress \ - :local Entry [ /interface/wifiwave2/access-list/find where mac-address=$MacAddress \ comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) ]; # NOT /caps-man/ # :set ($Template->"private-passphrase") ($Template->"passphrase"); @@ -97,38 +88,31 @@ :if ($PrivatePassphrase = "ignore") do={ /caps-man/access-list/set $Entry !private-passphrase; /interface/wifi/access-list/set $Entry !passphrase; - /interface/wifiwave2/access-list/set $Entry !passphrase; } else={ /caps-man/access-list/set $Entry private-passphrase=$PrivatePassphrase; /interface/wifi/access-list/set $Entry passphrase=$PrivatePassphrase; - /interface/wifiwave2/access-list/set $Entry passphrase=$PrivatePassphrase; } } :local SsidRegexp [ $EitherOr ($UserInfo->"ssid-regexp") ($Template->"ssid-regexp") ]; :if ([ :len $SsidRegexp ] > 0) do={ /caps-man/access-list/set $Entry ssid-regexp=$SsidRegexp; /interface/wifi/access-list/set $Entry ssid-regexp=$SsidRegexp; - /interface/wifiwave2/access-list/set $Entry ssid-regexp=$SsidRegexp; } :local VlanId [ $EitherOr ($UserInfo->"vlan-id") ($Template->"vlan-id") ]; :if ([ :len $VlanId ] > 0) do={ /caps-man/access-list/set $Entry vlan-id=$VlanId; /interface/wifi/access-list/set $Entry vlan-id=$VlanId; - /interface/wifiwave2/access-list/set $Entry vlan-id=$VlanId; } # NOT /interface/wifi/ # -# NOT /interface/wifiwave2/ # :local VlanMode [ $EitherOr ($UserInfo->"vlan-mode") ($Template->"vlan-mode") ]; :if ([ :len $VlanMode] > 0) do={ /caps-man/access-list/set $Entry vlan-mode=$VlanMode; } -# NOT /interface/wifiwave2/ # # NOT /interface/wifi/ # :delay 2s; /caps-man/access-list/set $Entry action=accept; /interface/wifi/access-list/set $Entry action=accept; - /interface/wifiwave2/access-list/set $Entry action=accept; } $Main [ :jobname ] $"mac-address" $username; diff --git a/hotspot-to-wpa.wifiwave2.rsc b/hotspot-to-wpa.wifiwave2.rsc deleted file mode 100644 index 519f81f..0000000 --- a/hotspot-to-wpa.wifiwave2.rsc +++ /dev/null @@ -1,95 +0,0 @@ -#!rsc by RouterOS -# RouterOS script: hotspot-to-wpa.wifiwave2 -# Copyright (c) 2019-2024 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md -# -# requires RouterOS, version=7.12 -# -# add private WPA passphrase after hotspot login -# https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md -# -# !! Do not edit this file, it is generated from template! - -:global GlobalFunctionsReady; -:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } - -:local Main do={ - :local ScriptName [ :tostr $1 ]; - :local MacAddress [ :tostr $2 ]; - :local UserName [ :tostr $3 ]; - - :global EitherOr; - :global LogPrintExit2; - :global ParseKeyValueStore; - :global ScriptLock; - - :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; - } - - :if ([ :len $MacAddress ] = 0 || [ :len $UserName ] = 0) do={ - $LogPrintExit2 error $ScriptName ("This script is supposed to run from hotspot on login.") true; - } - - :local Date [ /system/clock/get date ]; - :local UserVal ({}); - :if ([ :len [ /ip/hotspot/user/find where name=$UserName ] ] > 0) do={ - :set UserVal [ /ip/hotspot/user/get [ find where name=$UserName ] ]; - } - :local UserInfo [ $ParseKeyValueStore ($UserVal->"comment") ]; - :local Hotspot [ /ip/hotspot/host/get [ find where mac-address=$MacAddress authorized ] server ]; - - :if ([ :len [ /interface/wifiwave2/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ - /interface/wifiwave2/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; - $LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'.") false; - } - :local PlaceBefore ([ /interface/wifiwave2/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); - - :if ([ :len [ /interface/wifiwave2/access-list/find where \ - comment=("hotspot-to-wpa template " . $Hotspot) disabled ] ] = 0) do={ - /interface/wifiwave2/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; - $LogPrintExit2 warning $ScriptName ("Added template in access-list for hotspot '" . $Hotspot . "'.") false; - } - :local Template [ /interface/wifiwave2/access-list/get ([ find where \ - comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ]; - - :if ($Template->"action" = "reject") do={ - $LogPrintExit2 info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'.") false; - :return true; - } - - # allow login page to load - :delay 1s; - - $LogPrintExit2 info $ScriptName ("Adding/updating access-list entry for mac address " . $MacAddress . \ - " (user " . $UserName . ").") false; - /interface/wifiwave2/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; - /interface/wifiwave2/access-list/add passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ - mac-address=$MacAddress comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \ - action=reject place-before=$PlaceBefore; - - :local Entry [ /interface/wifiwave2/access-list/find where mac-address=$MacAddress \ - comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) ]; - :set ($Template->"private-passphrase") ($Template->"passphrase"); - :local PrivatePassphrase [ $EitherOr ($UserInfo->"private-passphrase") ($Template->"private-passphrase") ]; - :if ([ :len $PrivatePassphrase ] > 0) do={ - :if ($PrivatePassphrase = "ignore") do={ - /interface/wifiwave2/access-list/set $Entry !passphrase; - } else={ - /interface/wifiwave2/access-list/set $Entry passphrase=$PrivatePassphrase; - } - } - :local SsidRegexp [ $EitherOr ($UserInfo->"ssid-regexp") ($Template->"ssid-regexp") ]; - :if ([ :len $SsidRegexp ] > 0) do={ - /interface/wifiwave2/access-list/set $Entry ssid-regexp=$SsidRegexp; - } - :local VlanId [ $EitherOr ($UserInfo->"vlan-id") ($Template->"vlan-id") ]; - :if ([ :len $VlanId ] > 0) do={ - /interface/wifiwave2/access-list/set $Entry vlan-id=$VlanId; - } - - :delay 2s; - /interface/wifiwave2/access-list/set $Entry action=accept; -} - -$Main [ :jobname ] $"mac-address" $username; From 010bea56dca6b501978f57ef4a830a7dad497833 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 20:49:44 +0100 Subject: [PATCH 327/908] telegram-chat: error when making directory fails --- telegram-chat.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/telegram-chat.rsc b/telegram-chat.rsc index bb12042..528d99c 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -126,7 +126,9 @@ :if ([ $ValidateSyntax ($Message->"text") ] = true) do={ :local State ""; :local File ("tmpfs/telegram-chat/" . [ $GetRandom20CharAlNum 6 ]); - $MkDir "tmpfs/telegram-chat"; + :if ([ $MkDir "tmpfs/telegram-chat" ] = false) do={ + $LogPrintExit2 error $ScriptName ("Failed creating directory!") true; + } $LogPrintExit2 info $ScriptName ("Running command from update " . $UpdateID . ": " . $Message->"text") false; :execute script=(":do {\n" . $Message->"text" . "\n} on-error={ /file/add name=\"" . $File . ".failed\" };" . \ "/file/add name=\"" . $File . ".done\"") file=($File . "\00"); From 1012d9fc51973adefff4b72885e828f2cd04149a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 328/908] packages-update: drop main function, use :do with on-error --- packages-update.rsc | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/packages-update.rsc b/packages-update.rsc index 5b6d158..abcbfd8 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -11,8 +11,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global DownloadPackage; :global Grep; @@ -44,7 +44,7 @@ } :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } :local Update [ /system/package/update/get ]; @@ -55,7 +55,7 @@ :if ($Update->"installed-version" = $Update->"latest-version") do={ $LogPrintExit2 info $ScriptName ("Version " . $Update->"latest-version" . " is already installed.") false; - :return true; + :error true; } :local NumInstalled [ $VersionToNum ($Update->"installed-version") ]; @@ -134,6 +134,4 @@ $LogPrintExit2 info $ScriptName ("Rebooting for update.") false; :delay 1s; /system/reboot; -} - -$Main [ :jobname ]; +} on-error={ } From 8a439ea15c340c5e8b84012512178303405eacd8 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:19 +0100 Subject: [PATCH 329/908] doc/super-mario-theme: add badges --- doc/super-mario-theme.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/super-mario-theme.md b/doc/super-mario-theme.md index b3100e8..ec59b39 100644 --- a/doc/super-mario-theme.md +++ b/doc/super-mario-theme.md @@ -1,6 +1,13 @@ Play Super Mario theme ====================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) Description From d513ea61cf07e282903cda0685da59ee569ad2a1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 5 Mar 2024 11:21:05 +0100 Subject: [PATCH 330/908] hotspot-to-wpa-cleanup: drop support for wifiwave2 --- doc/hotspot-to-wpa.md | 7 +-- hotspot-to-wpa-cleanup.template.rsc | 6 --- hotspot-to-wpa-cleanup.wifiwave2.rsc | 76 ---------------------------- 3 files changed, 1 insertion(+), 88 deletions(-) delete mode 100644 hotspot-to-wpa-cleanup.wifiwave2.rsc diff --git a/doc/hotspot-to-wpa.md b/doc/hotspot-to-wpa.md index c2a5cc6..fc784dd 100644 --- a/doc/hotspot-to-wpa.md +++ b/doc/hotspot-to-wpa.md @@ -40,16 +40,11 @@ With just `hotspot-to-wpa` installed the mac addresses will last in the access list forever. Install the optional script for automatic cleanup and add a scheduler. -For `wifi` (RouterOS 7.13 and later): +For `wifi`: $ScriptInstallUpdate hotspot-to-wpa-cleanup.wifi,lease-script; /system/scheduler/add interval=1d name=hotspot-to-wpa-cleanup on-event="/system/script/run hotspot-to-wpa-cleanup.wifi;" start-time=startup; -For `wifiwave2` (up to RouterOS 7.12): - - $ScriptInstallUpdate hotspot-to-wpa-cleanup.wifiwave2,lease-script; - /system/scheduler/add interval=1d name=hotspot-to-wpa-cleanup on-event="/system/script/run hotspot-to-wpa-cleanup.wifiwave2;" start-time=startup; - For legacy CAPsMAN: $ScriptInstallUpdate hotspot-to-wpa-cleanup.capsman,lease-script; diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc index c393888..bba9f0e 100644 --- a/hotspot-to-wpa-cleanup.template.rsc +++ b/hotspot-to-wpa-cleanup.template.rsc @@ -39,10 +39,8 @@ :foreach Client in=[ /caps-man/registration-table/find where comment~"^hotspot-to-wpa:" ] do={ :foreach Client in=[ /interface/wifi/registration-table/find where comment~"^hotspot-to-wpa:" ] do={ - :foreach Client in=[ /interface/wifiwave2/registration-table/find where comment~"^hotspot-to-wpa:" ] do={ :local ClientVal [ /caps-man/registration-table/get $Client ]; :local ClientVal [ /interface/wifi/registration-table/get $Client ]; - :local ClientVal [ /interface/wifiwave2/registration-table/get $Client ]; :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \ mac-address=($ClientVal->"mac-address") ] do={ :if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) > 0s) do={ @@ -56,18 +54,15 @@ :foreach Client in=[ /caps-man/access-list/find where comment~"^hotspot-to-wpa:" \ :foreach Client in=[ /interface/wifi/access-list/find where comment~"^hotspot-to-wpa:" \ - :foreach Client in=[ /interface/wifiwave2/access-list/find where comment~"^hotspot-to-wpa:" \ !(comment~[ /system/clock/get date ]) ] do={ :local ClientVal [ /caps-man/access-list/get $Client ]; :local ClientVal [ /interface/wifi/access-list/get $Client ]; - :local ClientVal [ /interface/wifiwave2/access-list/get $Client ]; :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \ mac-address=($ClientVal->"mac-address") ] ] = 0) do={ $LogPrintExit2 info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ " did not connect to WPA, removing from access list.") false; /caps-man/access-list/remove $Client; /interface/wifi/access-list/remove $Client; - /interface/wifiwave2/access-list/remove $Client; } } @@ -79,7 +74,6 @@ " was not seen for " . ($LeaseVal->"last-seen") . ", removing.") false; /caps-man/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ /interface/wifi/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ - /interface/wifiwave2/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ mac-address=($LeaseVal->"mac-address") ]; /ip/dhcp-server/lease/remove $Lease; } diff --git a/hotspot-to-wpa-cleanup.wifiwave2.rsc b/hotspot-to-wpa-cleanup.wifiwave2.rsc deleted file mode 100644 index e5a0cf5..0000000 --- a/hotspot-to-wpa-cleanup.wifiwave2.rsc +++ /dev/null @@ -1,76 +0,0 @@ -#!rsc by RouterOS -# RouterOS script: hotspot-to-wpa-cleanup.wifiwave2 -# Copyright (c) 2021-2024 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md -# -# provides: lease-script, order=80 -# requires RouterOS, version=7.12 -# -# manage and clean up private WPA passphrase after hotspot login -# https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md -# -# !! Do not edit this file, it is generated from template! - -:global GlobalFunctionsReady; -:while ($GlobalFunctionsReady != true) do={ :delay 500ms; } - -:local Main do={ - :local ScriptName [ :tostr $1 ]; - - :global EitherOr; - :global LogPrintExit2; - :global ParseKeyValueStore; - :global ScriptLock; - - :if ([ $ScriptLock $ScriptName 10 ] = false) do={ - :return false; - } - - :local DHCPServers ({}); - :foreach Server in=[ /ip/dhcp-server/find where comment~"hotspot-to-wpa" ] do={ - :local ServerVal [ /ip/dhcp-server/get $Server ] - :local ServerInfo [ $ParseKeyValueStore ($ServerVal->"comment") ]; - :if (($ServerInfo->"hotspot-to-wpa") = "wpa") do={ - :set ($DHCPServers->($ServerVal->"name")) \ - [ :totime [ $EitherOr ($ServerInfo->"timeout") 4w ] ]; - } - } - - :foreach Client in=[ /interface/wifiwave2/registration-table/find where comment~"^hotspot-to-wpa:" ] do={ - :local ClientVal [ /interface/wifiwave2/registration-table/get $Client ]; - :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \ - mac-address=($ClientVal->"mac-address") ] do={ - :if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) > 0s) do={ - $LogPrintExit2 info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ - " connected to WPA, making lease static.") false; - /ip/dhcp-server/lease/make-static $Lease; - /ip/dhcp-server/lease/set comment=($ClientVal->"comment") $Lease; - } - } - } - - :foreach Client in=[ /interface/wifiwave2/access-list/find where comment~"^hotspot-to-wpa:" \ - !(comment~[ /system/clock/get date ]) ] do={ - :local ClientVal [ /interface/wifiwave2/access-list/get $Client ]; - :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \ - mac-address=($ClientVal->"mac-address") ] ] = 0) do={ - $LogPrintExit2 info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ - " did not connect to WPA, removing from access list.") false; - /interface/wifiwave2/access-list/remove $Client; - } - } - - :foreach Server,Timeout in=$DHCPServers do={ - :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \ - server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={ - :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; - $LogPrintExit2 info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ - " was not seen for " . ($LeaseVal->"last-seen") . ", removing.") false; - /interface/wifiwave2/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ - mac-address=($LeaseVal->"mac-address") ]; - /ip/dhcp-server/lease/remove $Lease; - } - } -} - -$Main [ :jobname ]; From 955ee8499b9fe63c332431c2a7fc0488bd2ac315 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 4 Mar 2024 20:57:34 +0100 Subject: [PATCH 331/908] backup-cloud: catch error with :execute workaround Catching a runtime error here fails... So let's try a workaround with :execute... --- backup-cloud.rsc | 17 ++++++++++++++--- doc/backup-cloud.md | 8 ++++---- global-functions.rsc | 2 +- news-and-changes.rsc | 1 + 4 files changed, 20 insertions(+), 8 deletions(-) diff --git a/backup-cloud.rsc b/backup-cloud.rsc index 418e68d..5dd4bf1 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -15,7 +15,6 @@ :local Main do={ :local ScriptName [ :tostr $1 ]; - :global BackupPassword; :global BackupRandomDelay; :global Identity; @@ -23,11 +22,13 @@ :global FormatLine; :global HumanReadableNum; :global LogPrintExit2; + :global MkDir; :global RandomDelay; :global ScriptFromTerminal; :global ScriptLock; :global SendNotification2; :global SymbolForNotification; + :global WaitForFile; :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ @@ -39,7 +40,12 @@ $RandomDelay $BackupRandomDelay; } - :do { + :if ([ $MkDir ("tmpfs/backup-cloud") ] = false) do={ + $LogPrintExit2 error $ScriptName ("Failed creating directory!") true; + } + + :execute { + :global BackupPassword; # we are not interested in output, but print is # required to fetch information from cloud /system/backup/cloud/print as-value; @@ -50,6 +56,10 @@ /system/backup/cloud/upload-file action=create-and-upload \ password=$BackupPassword; } + /file/add name="tmpfs/backup-cloud/done"; + } as-string; + + :if ([ $WaitForFile "tmpfs/backup-cloud/done" ] = true) do={ :local Cloud [ /system/backup/cloud/get ([ find ]->0) ]; $SendNotification2 ({ origin=$ScriptName; \ @@ -59,12 +69,13 @@ [ $FormatLine "Name" ($Cloud->"name") ] . "\n" . \ [ $FormatLine "Size" ([ $HumanReadableNum ($Cloud->"size") 1024 ] . "iB") ] . "\n" . \ [ $FormatLine "Download key" ($Cloud->"secret-download-key") ]); silent=true }); - } on-error={ + } else={ $SendNotification2 ({ origin=$ScriptName; \ subject=([ $SymbolForNotification "floppy-disk,warning-sign" ] . "Cloud backup failed"); \ message=("Failed uploading backup for " . $Identity . " to cloud!\n\n" . [ $DeviceInfo ]) }); $LogPrintExit2 error $ScriptName ("Failed uploading backup for " . $Identity . " to cloud!") true; } + /file/remove "tmpfs/backup-cloud"; } $Main [ :jobname ]; diff --git a/doc/backup-cloud.md b/doc/backup-cloud.md index f084d5b..ac7edb7 100644 --- a/doc/backup-cloud.md +++ b/doc/backup-cloud.md @@ -12,10 +12,10 @@ Description This script uploads [binary backup to Mikrotik cloud](https://wiki.mikrotik.com/wiki/Manual:IP/Cloud#Backup). -> ⚠️ **Warning**: The used command can hit errors that a script can not handle. -> This may result in script termination (where no notification is sent) or -> malfunction of fetch command (where all up- and downloads break) for some -> time. Failed notifications are queued then. +> ⚠️ **Warning**: The used command can hit errors that a script can with +> workaround only. A notification *should* be sent anyway. But it can result +> in malfunction of fetch command (where all up- and downloads break) for +> some time. Failed notifications are queued then. ### Sample notification diff --git a/global-functions.rsc b/global-functions.rsc index 6ddcbd3..9b5b0b0 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -12,7 +12,7 @@ :local ScriptName [ :jobname ]; # expected configuration version -:global ExpectedConfigVersion 119; +:global ExpectedConfigVersion 120; # global variables not to be changed by user :global GlobalFunctionsReady false; diff --git a/news-and-changes.rsc b/news-and-changes.rsc index d0e9938..c260427 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -44,6 +44,7 @@ [ $IfThenElse ($Resource->"free-hdd-space" > 4000000) ("(Your " . $Resource->"board-name" . " does not suffer this issue.) ") ] ] . \ "Huge configuration and lots of scripts give an extra risk. Take care!"); 119="Added support for IPv6 to script 'fw-addr-lists'."; + 120="Implemented a workaround in 'backup-cloud'. Now script should no longer just crash, but send notification with error."; }; # Migration steps to be applied on script updates From 1db1a943e2c802e9e869fa9222998b16d14cedba Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 332/908] ppp-on-up: drop main function, use :do with on-error --- ppp-on-up.rsc | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/ppp-on-up.rsc b/ppp-on-up.rsc index ae259d7..0cc2405 100644 --- a/ppp-on-up.rsc +++ b/ppp-on-up.rsc @@ -11,12 +11,13 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; - :local Interface $2; +:do { + :local ScriptName [ :jobname ]; :global LogPrintExit2; + :local Interface $interface; + :if ([ :typeof $Interface ] = "nothing") do={ $LogPrintExit2 error $ScriptName ("This script is supposed to run from ppp on-up script hook.") true; } @@ -35,6 +36,4 @@ $LogPrintExit2 warning $ScriptName ("Running script '" . $ScriptName . "' failed!") false; } } -} - -$Main [ :jobname ] $interface; +} on-error={ } From 2ac18b1cdfb8e56a5c6441bfb956e29e9df226cd Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:19 +0100 Subject: [PATCH 333/908] doc/telegram-chat: add badges --- doc/telegram-chat.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/telegram-chat.md b/doc/telegram-chat.md index 397920a..c750042 100644 --- a/doc/telegram-chat.md +++ b/doc/telegram-chat.md @@ -1,6 +1,13 @@ Chat with your router and send commands via Telegram bot ======================================================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From 83dbcfecd58e9f60b8d8b97a635a46cf851ae259 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 11 Mar 2024 16:32:49 +0100 Subject: [PATCH 334/908] news on wifiwave2 EOL --- global-functions.rsc | 2 +- news-and-changes.rsc | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 9b5b0b0..7f5ba9f 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -12,7 +12,7 @@ :local ScriptName [ :jobname ]; # expected configuration version -:global ExpectedConfigVersion 120; +:global ExpectedConfigVersion 121; # global variables not to be changed by user :global GlobalFunctionsReady false; diff --git a/news-and-changes.rsc b/news-and-changes.rsc index c260427..c5117ca 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -45,6 +45,7 @@ "Huge configuration and lots of scripts give an extra risk. Take care!"); 119="Added support for IPv6 to script 'fw-addr-lists'."; 120="Implemented a workaround in 'backup-cloud'. Now script should no longer just crash, but send notification with error."; + 121="The 'wifiwave2' scripts are finally gone. Development continues with 'wifi' in RouterOS 7.13 and later."; }; # Migration steps to be applied on script updates From 050ccd490e423a641907065bb8711c7090898d10 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 5 Mar 2024 10:31:33 +0100 Subject: [PATCH 335/908] backup-cloud: add a short delay Not sure it helps, but chances are... --- backup-cloud.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/backup-cloud.rsc b/backup-cloud.rsc index 5dd4bf1..2846d75 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -49,6 +49,7 @@ # we are not interested in output, but print is # required to fetch information from cloud /system/backup/cloud/print as-value; + :delay 20ms; :if ([ :len [ /system/backup/cloud/find ] ] > 0) do={ /system/backup/cloud/upload-file action=create-and-upload \ password=$BackupPassword replace=[ get ([ find ]->0) name ]; From e19a48682e6d3675da75b391ef7678286177e69d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 336/908] sms-action: drop main function, use :do with on-error --- sms-action.rsc | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/sms-action.rsc b/sms-action.rsc index b78a2b2..11d3523 100644 --- a/sms-action.rsc +++ b/sms-action.rsc @@ -11,16 +11,17 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; - :local Action [ :tostr $2 ]; +:do { + :local ScriptName [ :jobname ]; :global SmsAction; :global LogPrintExit2; :global ValidateSyntax; - :if ([ :len $Action ] = 0) do={ + :local Action $action; + + :if ([ :typeof $Action ] = "nothing") do={ $LogPrintExit2 error $ScriptName ("This script is supposed to run from SMS hook with action=...") true; } @@ -32,6 +33,4 @@ } else={ $LogPrintExit2 warning $ScriptName ("The code for action '" . $Action . "' failed syntax validation!") false; } -} - -$Main [ :jobname ] $action; +} on-error={ } From 11832a7651d4bcd118420c6a0a89afe313c99430 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:19 +0100 Subject: [PATCH 337/908] doc/unattended-lte-firmware-upgrade: add badges --- doc/unattended-lte-firmware-upgrade.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/unattended-lte-firmware-upgrade.md b/doc/unattended-lte-firmware-upgrade.md index a9c9b7c..a6bf994 100644 --- a/doc/unattended-lte-firmware-upgrade.md +++ b/doc/unattended-lte-firmware-upgrade.md @@ -1,6 +1,13 @@ Install LTE firmware upgrade ============================ +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) Description From ac38e1694435c3fb070dabcf8e8325d931b3eb27 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 338/908] sms-forward: drop main function, use :do with on-error --- sms-forward.rsc | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/sms-forward.rsc b/sms-forward.rsc index 7c4488a..2f549b1 100644 --- a/sms-forward.rsc +++ b/sms-forward.rsc @@ -12,8 +12,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global Identity; :global SmsForwardHooks; @@ -28,7 +28,7 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } :if ([ /tool/sms/get receive-enabled ] = false) do={ @@ -41,7 +41,7 @@ :if ([ /interface/lte/get ($Settings->"port") running ] != true) do={ $LogPrintExit2 info $ScriptName ("The LTE interface is not in running state, skipping.") false; - :return true; + :error true; } # forward SMS in a loop @@ -95,6 +95,4 @@ } } } -} - -$Main [ :jobname ]; +} on-error={ } From a0a964fa185bc867047b5b61f033d6c36a180ea2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:19 +0100 Subject: [PATCH 339/908] doc/update-gre-address: add badges --- doc/update-gre-address.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/update-gre-address.md b/doc/update-gre-address.md index 5bf95bd..fba2a65 100644 --- a/doc/update-gre-address.md +++ b/doc/update-gre-address.md @@ -1,6 +1,13 @@ Update GRE configuration with dynamic addresses =============================================== +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From 53ff8fbf97afa63192dbc43cc3900bfd84069af0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 11:37:50 +0100 Subject: [PATCH 340/908] check-certificates: exit block on failed import --- check-certificates.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/check-certificates.rsc b/check-certificates.rsc index 69d9097..1968641 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -152,6 +152,7 @@ :set ImportSuccess [ $CheckCertificatesDownloadImport $LastName ]; } } + :if ($ImportSuccess = false) do={ :error false; } :if ([ :len ($CertVal->"fingerprint") ] > 0 && $CertVal->"fingerprint" != [ /certificate/get $Cert fingerprint ]) do={ $LogPrintExit2 debug $ScriptName ("Certificate '" . $CertVal->"name" . "' was updated in place.") false; From 738dd119293efe0f16235e2bcce241314393da5d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 341/908] telegram-chat: drop main function, use :do with on-error --- telegram-chat.rsc | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/telegram-chat.rsc b/telegram-chat.rsc index 528d99c..799569f 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -11,8 +11,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global Identity; :global TelegramChatActive; @@ -44,7 +44,7 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } $WaitFullyConnected; @@ -171,6 +171,4 @@ } :set TelegramChatOffset ([ :pick $TelegramChatOffset 1 3 ], \ [ $IfThenElse ($UpdateID >= $TelegramChatOffset->2) ($UpdateID + 1) ($TelegramChatOffset->2) ]); -} - -$Main [ :jobname ]; +} on-error={ } From 4061661a2027a94b791760ff8b59b136d391aeb5 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:30:19 +0100 Subject: [PATCH 342/908] doc/update-tunnelbroker: add badges --- doc/update-tunnelbroker.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/update-tunnelbroker.md b/doc/update-tunnelbroker.md index 4d6f1ba..5aca581 100644 --- a/doc/update-tunnelbroker.md +++ b/doc/update-tunnelbroker.md @@ -1,6 +1,13 @@ Update tunnelbroker configuration ================================= +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + [⬅️ Go back to main README](../README.md) > ℹ️ **Info**: This script can not be used on its own but requires the base From 09393d3ef5c0b140ce5f1ddc2c3cae5b95119072 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 12:13:15 +0100 Subject: [PATCH 343/908] check-certificates: handle formatting of self signed cert --- check-certificates.rsc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index 1968641..e470b59 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -98,8 +98,12 @@ :global ParseKeyValueStore; :local CertVal [ /certificate/get $Cert ]; - :local Return ""; + :if ([ :typeof ($CertVal->"issuer") ] = "nothing") do={ + :return "self-signed"; + } + + :local Return ""; :for I from=0 to=5 do={ :set Return ($Return . [ $EitherOr ([ $ParseKeyValueStore ($CertVal->"issuer") ]->"CN") \ ([ $ParseKeyValueStore (($CertVal->"issuer")->0) ]->"CN") ]); From febd13af13c3bd0fff3d702364a3979d3e4221a3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 344/908] update-gre-address: drop main function, use :do with on-error --- update-gre-address.rsc | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/update-gre-address.rsc b/update-gre-address.rsc index d9a7a55..78705c5 100644 --- a/update-gre-address.rsc +++ b/update-gre-address.rsc @@ -12,15 +12,15 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global CharacterReplace; :global LogPrintExit2; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } /interface/gre/set remote-address=0.0.0.0 disabled=yes [ find where !running !disabled ]; @@ -39,6 +39,4 @@ } } } -} - -$Main [ :jobname ]; +} on-error={ } From f0856c264e07804a229668268a457f2154cb373a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 15:28:55 +0100 Subject: [PATCH 345/908] update-tunnelbroker: drop main function, use :do with on-error --- update-tunnelbroker.rsc | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/update-tunnelbroker.rsc b/update-tunnelbroker.rsc index 90e3f24..9f316e3 100644 --- a/update-tunnelbroker.rsc +++ b/update-tunnelbroker.rsc @@ -13,8 +13,8 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } -:local Main do={ - :local ScriptName [ :tostr $1 ]; +:do { + :local ScriptName [ :jobname ]; :global CertificateAvailable; :global LogPrintExit2; @@ -22,7 +22,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ - :return false; + :error false; } :if ([ $CertificateAvailable "Starfield Secure Certificate Authority - G2" ] = false) do={ @@ -62,6 +62,4 @@ /interface/6to4/set $Interface local-address=$PublicAddress; } } -} - -$Main [ :jobname ]; +} on-error={ } From b86d6314868596dacdf422db80ef0ff27c61c644 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Mar 2024 14:38:11 +0100 Subject: [PATCH 346/908] doc/telegram-chat: show usage of persistent ids --- doc/telegram-chat.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/doc/telegram-chat.md b/doc/telegram-chat.md index c750042..2a4af99 100644 --- a/doc/telegram-chat.md +++ b/doc/telegram-chat.md @@ -107,6 +107,14 @@ scripting capabilities. Try to print what you want to act on... /ip/address/remove [ find where interface=eth ]; +What does work is using the persistent ids: + + /ip/address/print show-ids; + +The output contains an id starting with asterisk that can be used: + + /ip/address/remove *E; + ### Mind command runtime The command is run in background while the script waits for it - about From ffa31c7ad797eb63a896d241651773423c7126aa Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 10:14:26 +0100 Subject: [PATCH 347/908] packages-update: increate log severity on canceled non-interactive update --- packages-update.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages-update.rsc b/packages-update.rsc index abcbfd8..e0e1f6d 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -109,7 +109,7 @@ $LogPrintExit2 info $ScriptName ("Canceled update...") true; } } else={ - $LogPrintExit2 info $ScriptName ("Canceled non-interactive update.") true; + $LogPrintExit2 warning $ScriptName ("Canceled non-interactive update.") true; } } } From 3fcdd395fe93a501de297f7678d57b5c1064b05d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 09:19:43 +0100 Subject: [PATCH 348/908] packages-update: support passing backup failure --- packages-update.rsc | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/packages-update.rsc b/packages-update.rsc index e0e1f6d..634b7bb 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -23,6 +23,7 @@ :global VersionToNum; :global PackagesUpdateDeferReboot; + :global PackagesUpdateBackupFailure; :local Schedule do={ :local ScriptName [ :tostr $1 ]; @@ -96,10 +97,15 @@ } :foreach Order,Script in=$RunOrder do={ + :set PackagesUpdateBackupFailure false; :do { $LogPrintExit2 info $ScriptName ("Running backup script " . $Script . " before update.") false; /system/script/run $Script; } on-error={ + :set PackagesUpdateBackupFailure true; + } + + :if ($PackagesUpdateBackupFailure = true) do={ $LogPrintExit2 warning $ScriptName ("Running backup script " . $Script . " before update failed!") false; :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ :put "Do you want to continue anyway? [y/N]"; From c82f7766326f5e24ea81c2fe4a2a745075c86984 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 09:25:56 +0100 Subject: [PATCH 349/908] backup-cloud: pass failure to packages-update --- backup-cloud.rsc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/backup-cloud.rsc b/backup-cloud.rsc index a3dfe0c..14af776 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -17,6 +17,7 @@ :global BackupRandomDelay; :global Identity; + :global PackagesUpdateBackupFailure; :global DeviceInfo; :global FormatLine; @@ -32,6 +33,7 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set PackagesUpdateBackupFailure true; :error false; } $WaitFullyConnected; @@ -74,7 +76,9 @@ $SendNotification2 ({ origin=$ScriptName; \ subject=([ $SymbolForNotification "floppy-disk,warning-sign" ] . "Cloud backup failed"); \ message=("Failed uploading backup for " . $Identity . " to cloud!\n\n" . [ $DeviceInfo ]) }); - $LogPrintExit2 error $ScriptName ("Failed uploading backup for " . $Identity . " to cloud!") true; + $LogPrintExit2 error $ScriptName ("Failed uploading backup for " . $Identity . " to cloud!") false; + :set PackagesUpdateBackupFailure true; + :error false; } /file/remove "tmpfs/backup-cloud"; } on-error={ } From 5f41bd1c1ec98bea8d7cc1760ff740ded20aa4d1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 09:26:24 +0100 Subject: [PATCH 350/908] backup-email: pass failure to packages-update --- backup-email.rsc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/backup-email.rsc b/backup-email.rsc index 9f6e31a..e4dec3b 100644 --- a/backup-email.rsc +++ b/backup-email.rsc @@ -22,6 +22,7 @@ :global BackupSendGlobalConfig; :global Domain; :global Identity; + :global PackagesUpdateBackupFailure; :global CleanName; :global DeviceInfo; @@ -46,6 +47,7 @@ } :if ([ $ScriptLock $ScriptName ] = false) do={ + :set PackagesUpdateBackupFailure true; :error false; } $WaitFullyConnected; @@ -109,7 +111,9 @@ :local I 0; :while ([ :len [ /file/find where name ~ ($FilePath . "\\.(backup|rsc)\$") ] ] > 0) do={ :if ($I >= 120) do={ - $LogPrintExit2 warning $ScriptName ("Files are still available, sending e-mail failed.") true; + $LogPrintExit2 warning $ScriptName ("Files are still available, sending e-mail failed.") false; + :set PackagesUpdateBackupFailure true; + :error false; } :delay 1s; :set I ($I + 1); From 51b00181cf6524f173f0464a237bdb63c3f0734a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 09:26:39 +0100 Subject: [PATCH 351/908] backup-partition: pass failure to packages-update --- backup-partition.rsc | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/backup-partition.rsc b/backup-partition.rsc index 1238fab..13ed8b9 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -15,21 +15,28 @@ :do { :local ScriptName [ :jobname ]; + :global PackagesUpdateBackupFailure; + :global LogPrintExit2; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set PackagesUpdateBackupFailure true; :error false; } :if ([ :len [ /partitions/find ] ] < 2) do={ - $LogPrintExit2 error $ScriptName ("Device does not have a fallback partition.") true; + $LogPrintExit2 error $ScriptName ("Device does not have a fallback partition.") false; + :set PackagesUpdateBackupFailure true; + :error false; } :local ActiveRunning [ /partitions/find where active running ]; :if ([ :len $ActiveRunning ] < 1) do={ - $LogPrintExit2 error $ScriptName ("Device is not running from active partition.") true; + $LogPrintExit2 error $ScriptName ("Device is not running from active partition.") false; + :set PackagesUpdateBackupFailure true; + :error false; } :local FallbackTo [ /partitions/get $ActiveRunning fallback-to ]; @@ -45,6 +52,8 @@ } on-error={ /system/scheduler/remove [ find where name="running-from-backup-partition" ]; $LogPrintExit2 error $ScriptName ("Failed saving configuration to partition '" . \ - $FallbackTo . "'!") true; + $FallbackTo . "'!") false; + :set PackagesUpdateBackupFailure true; + :error false; } } on-error={ } From e39e8a00834192211999b89f5f163a35c2214707 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 09:26:53 +0100 Subject: [PATCH 352/908] backup-upload: pass failure to packages-update --- backup-upload.rsc | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/backup-upload.rsc b/backup-upload.rsc index 2b42730..769972b 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -25,6 +25,7 @@ :global BackupUploadUser; :global Domain; :global Identity; + :global PackagesUpdateBackupFailure; :global CleanName; :global DeviceInfo; @@ -45,6 +46,7 @@ } :if ([ $ScriptLock $ScriptName ] = false) do={ + :set PackagesUpdateBackupFailure true; :error false; } $WaitFullyConnected; @@ -151,6 +153,7 @@ [ $FileInfo "Config file" $ConfigFile ]); silent=true }); :if ($Failed = 1) do={ - :error "An error occured!"; + :set PackagesUpdateBackupFailure true; + :error false; } } on-error={ } From a7cb3e520a86b44cb6e1bdfdf6df24856274e0e3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 09:33:17 +0100 Subject: [PATCH 353/908] global-config: support loading snippets This adds support for loading snippets, which need a name starting with "global-config-overlay.d/". This allows to split off configuration if desired. --- README.md | 5 +++++ global-config.rsc | 10 ++++++++++ global-functions.rsc | 2 +- news-and-changes.rsc | 1 + 4 files changed, 17 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 1af718c..61b1725 100644 --- a/README.md +++ b/README.md @@ -139,6 +139,11 @@ Save changes and exit with `Ctrl-o`. ![screenshot: edit global-config-overlay](README.d/07-edit-global-config-overlay.avif) +Additionally creating configuration snippets is supported. The script name +of these snippets has to start with `global-config-overlay.d/` to make them +being loaded automatically. This allows to split off parts of the +configuration. + To apply your changes run `global-config`, which will automatically load the overlay as well: diff --git a/global-config.rsc b/global-config.rsc index 983eedb..85731c3 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -250,3 +250,13 @@ } on-error={ :log error ("Loading configuration from overlay failed!"); } + +# configuration overlay snippets +:foreach Script in=[ /system/script/find where name ~ "^global-config-overlay.d/" ] do={ + :do { + /system/script/run $Script; + } on-error={ + :log error ("Loading configuration from overlay snippet " . \ + [ /system/script/get $Script name ] . " failed!"); + } +} diff --git a/global-functions.rsc b/global-functions.rsc index 7f5ba9f..d2386f4 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -12,7 +12,7 @@ :local ScriptName [ :jobname ]; # expected configuration version -:global ExpectedConfigVersion 121; +:global ExpectedConfigVersion 122; # global variables not to be changed by user :global GlobalFunctionsReady false; diff --git a/news-and-changes.rsc b/news-and-changes.rsc index c5117ca..46b777a 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -46,6 +46,7 @@ 119="Added support for IPv6 to script 'fw-addr-lists'."; 120="Implemented a workaround in 'backup-cloud'. Now script should no longer just crash, but send notification with error."; 121="The 'wifiwave2' scripts are finally gone. Development continues with 'wifi' in RouterOS 7.13 and later."; + 122="The global configuration was enhanced to support loading snippets. Configuration can be split off to scripts where name starts with 'global-config-overlay.d/'."; }; # Migration steps to be applied on script updates From 1feeed145d6b63ef60fc3c0abbe0703b7bd73837 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 10:38:09 +0100 Subject: [PATCH 354/908] global-functions: introduce $LogPrint, deprecate $LogPrintExit2 --- global-functions.rsc | 21 +++++++++++++++++---- news-and-changes.rsc | 1 + 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index aca4cd8..1220eca 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -12,7 +12,7 @@ :local ScriptName [ :jobname ]; # expected configuration version -:global ExpectedConfigVersion 122; +:global ExpectedConfigVersion 123; # global variables not to be changed by user :global GlobalFunctionsReady false; @@ -53,6 +53,7 @@ :global IsFullyConnected; :global IsMacLocallyAdministered; :global IsTimeSync; +:global LogPrint; :global LogPrintExit2; :global LogPrintOnce; :global MAX; @@ -654,12 +655,11 @@ :return true; } -# log and print with same text, optionally exit -:set LogPrintExit2 do={ +# log and print with same text +:set LogPrint do={ :local Severity [ :tostr $1 ]; :local Name [ :tostr $2 ]; :local Message [ :tostr $3 ]; - :local Exit [ :tostr $4 ]; :global PrintDebug; :global PrintDebugOverride; @@ -692,6 +692,19 @@ :if ($Severity != "debug" || $Debug = true) do={ :put ([ $PrintSeverity $Severity ] . ": " . $Message); } +} + +# log and print with same text, optionally exit +# Deprectated! - TODO: remove later +:set LogPrintExit2 do={ + :local Severity [ :tostr $1 ]; + :local Name [ :tostr $2 ]; + :local Message [ :tostr $3 ]; + :local Exit [ :tostr $4 ]; + + :global LogPrint; + + $LogPrint $1 $2 $3; :if ($Exit = "true") do={ :error ("Hard error to exit."); diff --git a/news-and-changes.rsc b/news-and-changes.rsc index 46b777a..6b0a538 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -47,6 +47,7 @@ 120="Implemented a workaround in 'backup-cloud'. Now script should no longer just crash, but send notification with error."; 121="The 'wifiwave2' scripts are finally gone. Development continues with 'wifi' in RouterOS 7.13 and later."; 122="The global configuration was enhanced to support loading snippets. Configuration can be split off to scripts where name starts with 'global-config-overlay.d/'."; + 123="Introduced new function '\$LogPrint', and deprecated '\$LogPrintExit2'. Please update custom scripts if you use it."; }; # Migration steps to be applied on script updates From ac3b755fdc630d4daa40a9ba5254d92f8a91b03f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:37 +0100 Subject: [PATCH 355/908] backup-cloud: switch to $LogPrint --- backup-cloud.rsc | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/backup-cloud.rsc b/backup-cloud.rsc index 14af776..cccb41b 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -22,7 +22,7 @@ :global DeviceInfo; :global FormatLine; :global HumanReadableNum; - :global LogPrintExit2; + :global LogPrint; :global MkDir; :global RandomDelay; :global ScriptFromTerminal; @@ -43,7 +43,8 @@ } :if ([ $MkDir ("tmpfs/backup-cloud") ] = false) do={ - $LogPrintExit2 error $ScriptName ("Failed creating directory!") true; + $LogPrint error $ScriptName ("Failed creating directory!"); + :error false; } :execute { @@ -76,7 +77,7 @@ $SendNotification2 ({ origin=$ScriptName; \ subject=([ $SymbolForNotification "floppy-disk,warning-sign" ] . "Cloud backup failed"); \ message=("Failed uploading backup for " . $Identity . " to cloud!\n\n" . [ $DeviceInfo ]) }); - $LogPrintExit2 error $ScriptName ("Failed uploading backup for " . $Identity . " to cloud!") false; + $LogPrint error $ScriptName ("Failed uploading backup for " . $Identity . " to cloud!"); :set PackagesUpdateBackupFailure true; :error false; } From 4b69144ee476ada47c640f1e5a65952bce7241ec Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:37 +0100 Subject: [PATCH 356/908] backup-email: switch to $LogPrint --- backup-email.rsc | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/backup-email.rsc b/backup-email.rsc index e4dec3b..64ca69c 100644 --- a/backup-email.rsc +++ b/backup-email.rsc @@ -27,7 +27,7 @@ :global CleanName; :global DeviceInfo; :global FormatLine; - :global LogPrintExit2; + :global LogPrint; :global MkDir; :global RandomDelay; :global ScriptFromTerminal; @@ -38,12 +38,14 @@ :global WaitFullyConnected; :if ([ :typeof $SendEMail2 ] = "nothing") do={ - $LogPrintExit2 error $ScriptName ("The module for sending notifications via e-mail is not installed.") true; + $LogPrint error $ScriptName ("The module for sending notifications via e-mail is not installed."); + :error false; } :if ($BackupSendBinary != true && \ $BackupSendExport != true) do={ - $LogPrintExit2 error $ScriptName ("Configured to send neither backup nor config export.") true; + $LogPrint error $ScriptName ("Configured to send neither backup nor config export."); + :error false; } :if ([ $ScriptLock $ScriptName ] = false) do={ @@ -66,7 +68,8 @@ :local Attach ({}); :if ([ $MkDir $DirName ] = false) do={ - $LogPrintExit2 error $ScriptName ("Failed creating directory!") true; + $LogPrint error $ScriptName ("Failed creating directory!"); + :error false; } # binary backup @@ -111,7 +114,7 @@ :local I 0; :while ([ :len [ /file/find where name ~ ($FilePath . "\\.(backup|rsc)\$") ] ] > 0) do={ :if ($I >= 120) do={ - $LogPrintExit2 warning $ScriptName ("Files are still available, sending e-mail failed.") false; + $LogPrint warning $ScriptName ("Files are still available, sending e-mail failed."); :set PackagesUpdateBackupFailure true; :error false; } From b879f8fef2fac123d3929f2964c9528465ce7a42 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:37 +0100 Subject: [PATCH 357/908] backup-partition: switch to $LogPrint --- backup-partition.rsc | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/backup-partition.rsc b/backup-partition.rsc index 13ed8b9..503d382 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -17,7 +17,7 @@ :global PackagesUpdateBackupFailure; - :global LogPrintExit2; + :global LogPrint; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ @@ -26,7 +26,7 @@ } :if ([ :len [ /partitions/find ] ] < 2) do={ - $LogPrintExit2 error $ScriptName ("Device does not have a fallback partition.") false; + $LogPrint error $ScriptName ("Device does not have a fallback partition."); :set PackagesUpdateBackupFailure true; :error false; } @@ -34,7 +34,7 @@ :local ActiveRunning [ /partitions/find where active running ]; :if ([ :len $ActiveRunning ] < 1) do={ - $LogPrintExit2 error $ScriptName ("Device is not running from active partition.") false; + $LogPrint error $ScriptName ("Device is not running from active partition."); :set PackagesUpdateBackupFailure true; :error false; } @@ -47,12 +47,10 @@ "[ /partitions/get [ find where running ] name ] . \"'!\")"); /partitions/save-config-to $FallbackTo; /system/scheduler/remove "running-from-backup-partition"; - $LogPrintExit2 info $ScriptName ("Saved configuration to partition '" . \ - $FallbackTo . "'.") false; + $LogPrint info $ScriptName ("Saved configuration to partition '" . $FallbackTo . "'."); } on-error={ /system/scheduler/remove [ find where name="running-from-backup-partition" ]; - $LogPrintExit2 error $ScriptName ("Failed saving configuration to partition '" . \ - $FallbackTo . "'!") false; + $LogPrint error $ScriptName ("Failed saving configuration to partition '" . $FallbackTo . "'!"); :set PackagesUpdateBackupFailure true; :error false; } From ca822e1358d59f43d2ef359e2ec3cde44c589f46 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:37 +0100 Subject: [PATCH 358/908] backup-upload: switch to $LogPrint --- backup-upload.rsc | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/backup-upload.rsc b/backup-upload.rsc index 769972b..ef5b7c7 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -30,7 +30,7 @@ :global CleanName; :global DeviceInfo; :global IfThenElse; - :global LogPrintExit2; + :global LogPrint; :global MkDir; :global RandomDelay; :global ScriptFromTerminal; @@ -42,7 +42,8 @@ :if ($BackupSendBinary != true && \ $BackupSendExport != true) do={ - $LogPrintExit2 error $ScriptName ("Configured to send neither backup nor config export.") true; + $LogPrint error $ScriptName ("Configured to send neither backup nor config export."); + :error false; } :if ([ $ScriptLock $ScriptName ] = false) do={ @@ -65,7 +66,8 @@ :local Failed 0; :if ([ $MkDir $DirName ] = false) do={ - $LogPrintExit2 error $ScriptName ("Failed creating directory!") true; + $LogPrint error $ScriptName ("Failed creating directory!"); + :error false; } # binary backup @@ -79,7 +81,7 @@ :set BackupFile [ /file/get ($FilePath . ".backup") ]; :set ($BackupFile->"name") ($FileName . ".backup"); } on-error={ - $LogPrintExit2 error $ScriptName ("Uploading backup file failed!") false; + $LogPrint error $ScriptName ("Uploading backup file failed!"); :set BackupFile "failed"; :set Failed 1; } @@ -98,7 +100,7 @@ :set ExportFile [ /file/get ($FilePath . ".rsc") ]; :set ($ExportFile->"name") ($FileName . ".rsc"); } on-error={ - $LogPrintExit2 error $ScriptName ("Uploading configuration export failed!") false; + $LogPrint error $ScriptName ("Uploading configuration export failed!"); :set ExportFile "failed"; :set Failed 1; } @@ -119,7 +121,7 @@ :set ConfigFile [ /file/get ($FilePath . ".conf") ]; :set ($ConfigFile->"name") ($FileName . ".conf"); } on-error={ - $LogPrintExit2 error $ScriptName ("Uploading global-config-overlay failed!") false; + $LogPrint error $ScriptName ("Uploading global-config-overlay failed!"); :set ConfigFile "failed"; :set Failed 1; } From e40da1e7e483a07592477ef82c4a665f6b2a7bde Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:37 +0100 Subject: [PATCH 359/908] capsman-download-packages: switch to $LogPrint --- capsman-download-packages.capsman.rsc | 16 +++++++++------- capsman-download-packages.template.rsc | 16 +++++++++------- capsman-download-packages.wifi.rsc | 16 +++++++++------- 3 files changed, 27 insertions(+), 21 deletions(-) diff --git a/capsman-download-packages.capsman.rsc b/capsman-download-packages.capsman.rsc index d4e900d..a3bd4a5 100644 --- a/capsman-download-packages.capsman.rsc +++ b/capsman-download-packages.capsman.rsc @@ -19,7 +19,7 @@ :global CleanFilePath; :global DownloadPackage; - :global LogPrintExit2; + :global LogPrint; :global MkDir; :global ScriptLock; :global WaitFullyConnected; @@ -34,16 +34,18 @@ :local Updated false; :if ([ :len $PackagePath ] = 0) do={ - $LogPrintExit2 warning $ScriptName ("The CAPsMAN package path is not defined, can not download packages.") true; + $LogPrint warning $ScriptName ("The CAPsMAN package path is not defined, can not download packages."); + :error false; } :if ([ :len [ /file/find where name=$PackagePath type="directory" ] ] = 0) do={ :if ([ $MkDir $PackagePath ] = false) do={ - $LogPrintExit2 warning $ScriptName ("Creating directory at CAPsMAN package path (" . \ - $PackagePath . ") failed!") true; + $LogPrint warning $ScriptName ("Creating directory at CAPsMAN package path (" . \ + $PackagePath . ") failed!"); + :error false; } - $LogPrintExit2 info $ScriptName ("Created directory at CAPsMAN package path (" . $PackagePath . \ - "). Please place your packages!") false; + $LogPrint info $ScriptName ("Created directory at CAPsMAN package path (" . $PackagePath . \ + "). Please place your packages!"); } :foreach Package in=[ /file/find where type=package \ @@ -60,7 +62,7 @@ } :if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={ - $LogPrintExit2 info $ScriptName ("No packages available, downloading default set.") false; + $LogPrint info $ScriptName ("No packages available, downloading default set."); :foreach Arch in={ "arm"; "mipsbe" } do={ :foreach Package in={ "routeros"; "wireless" } do={ :if ([ $DownloadPackage $Package $InstalledVersion $Arch $PackagePath ] = true) do={ diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index cd4a83b..cad3bcb 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -20,7 +20,7 @@ :global CleanFilePath; :global DownloadPackage; - :global LogPrintExit2; + :global LogPrint; :global MkDir; :global ScriptLock; :global WaitFullyConnected; @@ -36,16 +36,18 @@ :local Updated false; :if ([ :len $PackagePath ] = 0) do={ - $LogPrintExit2 warning $ScriptName ("The CAPsMAN package path is not defined, can not download packages.") true; + $LogPrint warning $ScriptName ("The CAPsMAN package path is not defined, can not download packages."); + :error false; } :if ([ :len [ /file/find where name=$PackagePath type="directory" ] ] = 0) do={ :if ([ $MkDir $PackagePath ] = false) do={ - $LogPrintExit2 warning $ScriptName ("Creating directory at CAPsMAN package path (" . \ - $PackagePath . ") failed!") true; + $LogPrint warning $ScriptName ("Creating directory at CAPsMAN package path (" . \ + $PackagePath . ") failed!"); + :error false; } - $LogPrintExit2 info $ScriptName ("Created directory at CAPsMAN package path (" . $PackagePath . \ - "). Please place your packages!") false; + $LogPrint info $ScriptName ("Created directory at CAPsMAN package path (" . $PackagePath . \ + "). Please place your packages!"); } :foreach Package in=[ /file/find where type=package \ @@ -62,7 +64,7 @@ } :if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={ - $LogPrintExit2 info $ScriptName ("No packages available, downloading default set.") false; + $LogPrint info $ScriptName ("No packages available, downloading default set."); # NOT /interface/wifi/ # :foreach Arch in={ "arm"; "mipsbe" } do={ :foreach Package in={ "routeros"; "wireless" } do={ diff --git a/capsman-download-packages.wifi.rsc b/capsman-download-packages.wifi.rsc index 633830a..909688f 100644 --- a/capsman-download-packages.wifi.rsc +++ b/capsman-download-packages.wifi.rsc @@ -19,7 +19,7 @@ :global CleanFilePath; :global DownloadPackage; - :global LogPrintExit2; + :global LogPrint; :global MkDir; :global ScriptLock; :global WaitFullyConnected; @@ -34,16 +34,18 @@ :local Updated false; :if ([ :len $PackagePath ] = 0) do={ - $LogPrintExit2 warning $ScriptName ("The CAPsMAN package path is not defined, can not download packages.") true; + $LogPrint warning $ScriptName ("The CAPsMAN package path is not defined, can not download packages."); + :error false; } :if ([ :len [ /file/find where name=$PackagePath type="directory" ] ] = 0) do={ :if ([ $MkDir $PackagePath ] = false) do={ - $LogPrintExit2 warning $ScriptName ("Creating directory at CAPsMAN package path (" . \ - $PackagePath . ") failed!") true; + $LogPrint warning $ScriptName ("Creating directory at CAPsMAN package path (" . \ + $PackagePath . ") failed!"); + :error false; } - $LogPrintExit2 info $ScriptName ("Created directory at CAPsMAN package path (" . $PackagePath . \ - "). Please place your packages!") false; + $LogPrint info $ScriptName ("Created directory at CAPsMAN package path (" . $PackagePath . \ + "). Please place your packages!"); } :foreach Package in=[ /file/find where type=package \ @@ -60,7 +62,7 @@ } :if ([ :len [ /file/find where type=package name~("^" . $PackagePath) ] ] = 0) do={ - $LogPrintExit2 info $ScriptName ("No packages available, downloading default set.") false; + $LogPrint info $ScriptName ("No packages available, downloading default set."); :foreach Arch in={ "arm"; "arm64" } do={ :local Packages { "arm"={ "routeros"; "wifi-qcom"; "wifi-qcom-ac" }; "arm64"={ "routeros"; "wifi-qcom" } }; From 12435ff1c53e7ef3b8b63b28860a3f35f8146184 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:37 +0100 Subject: [PATCH 360/908] capsman-rolling-upgrade: switch to $LogPrint --- capsman-rolling-upgrade.capsman.rsc | 8 ++++---- capsman-rolling-upgrade.template.rsc | 8 ++++---- capsman-rolling-upgrade.wifi.rsc | 8 ++++---- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/capsman-rolling-upgrade.capsman.rsc b/capsman-rolling-upgrade.capsman.rsc index 16a3498..11bfd69 100644 --- a/capsman-rolling-upgrade.capsman.rsc +++ b/capsman-rolling-upgrade.capsman.rsc @@ -18,7 +18,7 @@ :do { :local ScriptName [ :jobname ]; - :global LogPrintExit2; + :global LogPrint; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ @@ -34,11 +34,11 @@ :foreach RemoteCap in=[ /caps-man/remote-cap/find where version!=$InstalledVersion ] do={ :local RemoteCapVal [ /caps-man/remote-cap/get $RemoteCap ]; :if ([ :len $RemoteCapVal ] > 1) do={ - $LogPrintExit2 info $ScriptName ("Starting upgrade for " . $RemoteCapVal->"name" . \ - " (" . $RemoteCapVal->"identity" . ")...") false; + $LogPrint info $ScriptName ("Starting upgrade for " . $RemoteCapVal->"name" . \ + " (" . $RemoteCapVal->"identity" . ")..."); /caps-man/remote-cap/upgrade $RemoteCap; } else={ - $LogPrintExit2 warning $ScriptName ("Remote CAP vanished, skipping upgrade.") false; + $LogPrint warning $ScriptName ("Remote CAP vanished, skipping upgrade."); } :delay ($Delay . "s"); } diff --git a/capsman-rolling-upgrade.template.rsc b/capsman-rolling-upgrade.template.rsc index 45a5f8e..e0effd4 100644 --- a/capsman-rolling-upgrade.template.rsc +++ b/capsman-rolling-upgrade.template.rsc @@ -19,7 +19,7 @@ :do { :local ScriptName [ :jobname ]; - :global LogPrintExit2; + :global LogPrint; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ @@ -41,12 +41,12 @@ # NOT /caps-man/ # :set ($RemoteCapVal->"name") ($RemoteCapVal->"common-name"); # NOT /caps-man/ # - $LogPrintExit2 info $ScriptName ("Starting upgrade for " . $RemoteCapVal->"name" . \ - " (" . $RemoteCapVal->"identity" . ")...") false; + $LogPrint info $ScriptName ("Starting upgrade for " . $RemoteCapVal->"name" . \ + " (" . $RemoteCapVal->"identity" . ")..."); /caps-man/remote-cap/upgrade $RemoteCap; /interface/wifi/capsman/remote-cap/upgrade $RemoteCap; } else={ - $LogPrintExit2 warning $ScriptName ("Remote CAP vanished, skipping upgrade.") false; + $LogPrint warning $ScriptName ("Remote CAP vanished, skipping upgrade."); } :delay ($Delay . "s"); } diff --git a/capsman-rolling-upgrade.wifi.rsc b/capsman-rolling-upgrade.wifi.rsc index 63245dc..8ec6f26 100644 --- a/capsman-rolling-upgrade.wifi.rsc +++ b/capsman-rolling-upgrade.wifi.rsc @@ -18,7 +18,7 @@ :do { :local ScriptName [ :jobname ]; - :global LogPrintExit2; + :global LogPrint; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ @@ -35,11 +35,11 @@ :local RemoteCapVal [ /interface/wifi/capsman/remote-cap/get $RemoteCap ]; :if ([ :len $RemoteCapVal ] > 1) do={ :set ($RemoteCapVal->"name") ($RemoteCapVal->"common-name"); - $LogPrintExit2 info $ScriptName ("Starting upgrade for " . $RemoteCapVal->"name" . \ - " (" . $RemoteCapVal->"identity" . ")...") false; + $LogPrint info $ScriptName ("Starting upgrade for " . $RemoteCapVal->"name" . \ + " (" . $RemoteCapVal->"identity" . ")..."); /interface/wifi/capsman/remote-cap/upgrade $RemoteCap; } else={ - $LogPrintExit2 warning $ScriptName ("Remote CAP vanished, skipping upgrade.") false; + $LogPrint warning $ScriptName ("Remote CAP vanished, skipping upgrade."); } :delay ($Delay . "s"); } From 7c38b9a35c972a9b65c16c581c8da1b4d456b0fe Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:37 +0100 Subject: [PATCH 361/908] certificate-renew-issued: switch to $LogPrint --- certificate-renew-issued.rsc | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/certificate-renew-issued.rsc b/certificate-renew-issued.rsc index a360a3f..45805c5 100644 --- a/certificate-renew-issued.rsc +++ b/certificate-renew-issued.rsc @@ -16,7 +16,7 @@ :global CertIssuedExportPass; - :global LogPrintExit2; + :global LogPrint; :global MkDir; :global ScriptLock; @@ -36,13 +36,13 @@ /certificate/export-certificate ($CertVal->"name") type=pkcs12 \ file-name=("cert-issued/" . $CertVal->"common-name") \ export-passphrase=($CertIssuedExportPass->($CertVal->"common-name")); - $LogPrintExit2 info $ScriptName ("Issued a new certificate for \"" . $CertVal->"common-name" . \ - "\", exported to \"cert-issued/" . $CertVal->"common-name" . ".p12\".") false; + $LogPrint info $ScriptName ("Issued a new certificate for \"" . $CertVal->"common-name" . \ + "\", exported to \"cert-issued/" . $CertVal->"common-name" . ".p12\"."); } else={ - $LogPrintExit2 warning $ScriptName ("Failed creating directory, not exporting certificate.") false; + $LogPrint warning $ScriptName ("Failed creating directory, not exporting certificate."); } } else={ - $LogPrintExit2 info $ScriptName ("Issued a new certificate for \"" . $CertVal->"common-name" . "\".") false; + $LogPrint info $ScriptName ("Issued a new certificate for \"" . $CertVal->"common-name" . "\"."); } } } on-error={ } From 36258087497df000a69cd9544595ba87d216077f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:37 +0100 Subject: [PATCH 362/908] check-certificates: switch to $LogPrint --- check-certificates.rsc | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index edde7f3..7504955 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -22,7 +22,7 @@ :global CertificateAvailable :global EscapeForRegEx; :global IfThenElse; - :global LogPrintExit2; + :global LogPrint; :global ParseKeyValueStore; :global ScriptLock; :global SendNotification2; @@ -39,7 +39,7 @@ :global CertificateNameByCN; :global EscapeForRegEx; :global FetchUserAgent; - :global LogPrintExit2; + :global LogPrint; :global UrlEncode; :global WaitForFile; @@ -62,7 +62,7 @@ /file/remove [ find where name=$CertFileName ]; :if ($DecryptionFailed = true) do={ - $LogPrintExit2 warning $0 ("Decryption failed for certificate file '" . $CertFileName . "'.") false; + $LogPrint warning $0 ("Decryption failed for certificate file '" . $CertFileName . "'."); } :foreach CertInChain in=[ /certificate/find where name~("^" . [ $EscapeForRegEx $CertFileName ] . "_[0-9]+\$") \ @@ -72,7 +72,7 @@ :set Return true; } on-error={ - $LogPrintExit2 debug $0 ("Could not download certificate file '" . $CertFileName . "'.") false; + $LogPrint debug $0 ("Could not download certificate file '" . $CertFileName . "'."); } } @@ -143,9 +143,10 @@ :do { :if ([ :len $CertRenewUrl ] = 0) do={ - $LogPrintExit2 info $ScriptName ("No CertRenewUrl given.") true; + $LogPrint info $ScriptName ("No CertRenewUrl given."); + :error false; } - $LogPrintExit2 info $ScriptName ("Attempting to renew certificate '" . ($CertVal->"name") . "'.") false; + $LogPrint info $ScriptName ("Attempting to renew certificate '" . ($CertVal->"name") . "'."); :local ImportSuccess false; :set LastName ($CertVal->"common-name"); @@ -159,10 +160,10 @@ :if ($ImportSuccess = false) do={ :error false; } :if ([ :len ($CertVal->"fingerprint") ] > 0 && $CertVal->"fingerprint" != [ /certificate/get $Cert fingerprint ]) do={ - $LogPrintExit2 debug $ScriptName ("Certificate '" . $CertVal->"name" . "' was updated in place.") false; + $LogPrint debug $ScriptName ("Certificate '" . $CertVal->"name" . "' was updated in place."); :set CertVal [ /certificate/get $Cert ]; } else={ - $LogPrintExit2 debug $ScriptName ("Certificate '" . $CertVal->"name" . "' was not updated, but replaced.") false; + $LogPrint debug $ScriptName ("Certificate '" . $CertVal->"name" . "' was not updated, but replaced."); :set CertNew [ /certificate/find where name~("^" . [ $EscapeForRegEx [ $UrlEncode $LastName ] ] . "\\.(p12|pem)_[0-9]+\$") \ (common-name=($CertVal->"common-name") or subject-alt-name~("(^|\\W)(DNS|IP):" . [ $EscapeForRegEx $LastName ] . "(\\W|\$)")) \ @@ -170,12 +171,13 @@ :local CertNewVal [ /certificate/get $CertNew ]; :if ([ $CertificateAvailable ([ $ParseKeyValueStore ($CertNewVal->"issuer") ]->"CN") ] = false) do={ - $LogPrintExit2 warning $ScriptName ("The certificate chain is not available!") false; + $LogPrint warning $ScriptName ("The certificate chain is not available!"); } :if (($CertVal->"private-key") = true && ($CertVal->"private-key") != ($CertNewVal->"private-key")) do={ /certificate/remove $CertNew; - $LogPrintExit2 warning $ScriptName ("Old certificate '" . ($CertVal->"name") . "' has a private key, new certificate does not. Aborting renew.") true; + $LogPrint warning $ScriptName ("Old certificate '" . ($CertVal->"name") . "' has a private key, new certificate does not. Aborting renew."); + :error false; } /ip/service/set certificate=($CertNewVal->"name") [ find where certificate=($CertVal->"name") ]; @@ -194,9 +196,9 @@ $SendNotification2 ({ origin=$ScriptName; silent=true; \ subject=([ $SymbolForNotification "lock-with-ink-pen" ] . "Certificate renewed: " . ($CertVal->"name")); \ message=("A certificate on " . $Identity . " has been renewed.\n\n" . [ $FormatInfo $CertNew ]) }); - $LogPrintExit2 info $ScriptName ("The certificate '" . ($CertVal->"name") . "' has been renewed.") false; + $LogPrint info $ScriptName ("The certificate '" . ($CertVal->"name") . "' has been renewed."); } on-error={ - $LogPrintExit2 debug $ScriptName ("Could not renew certificate '" . ($CertVal->"name") . "'.") false; + $LogPrint debug $ScriptName ("Could not renew certificate '" . ($CertVal->"name") . "'."); } } @@ -205,15 +207,15 @@ :local CertVal [ /certificate/get $Cert ]; :if ([ :len [ /certificate/scep-server/find where ca-cert=($CertVal->"ca") ] ] > 0) do={ - $LogPrintExit2 debug $ScriptName ("Certificate '" . ($CertVal->"name") . "' is handled by SCEP, skipping.") false; + $LogPrint debug $ScriptName ("Certificate '" . ($CertVal->"name") . "' is handled by SCEP, skipping."); } else={ :local State [ $IfThenElse (($CertVal->"expired") = true) "expired" "is about to expire" ]; $SendNotification2 ({ origin=$ScriptName; \ subject=([ $SymbolForNotification "warning-sign" ] . "Certificate warning: " . ($CertVal->"name")); \ message=("A certificate on " . $Identity . " " . $State . ".\n\n" . [ $FormatInfo $Cert ]) }); - $LogPrintExit2 info $ScriptName ("The certificate '" . ($CertVal->"name") . "' " . $State . \ - ", it is invalid after " . ($CertVal->"invalid-after") . ".") false; + $LogPrint info $ScriptName ("The certificate '" . ($CertVal->"name") . "' " . $State . \ + ", it is invalid after " . ($CertVal->"invalid-after") . "."); } } } on-error={ } From 463393647fc5c28faad5e9c671af8e9b441478c7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:37 +0100 Subject: [PATCH 363/908] check-health: switch to $LogPrint --- check-health.rsc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/check-health.rsc b/check-health.rsc index 91330fc..2a97ad6 100644 --- a/check-health.rsc +++ b/check-health.rsc @@ -28,7 +28,7 @@ :global FormatLine; :global HumanReadableNum; :global IfThenElse; - :global LogPrintExit2; + :global LogPrint; :global ScriptLock; :global SendNotification2; :global SymbolForNotification; @@ -77,7 +77,7 @@ } :if ([ :len [ /system/health/find ] ] = 0) do={ - $LogPrintExit2 debug $ScriptName ("Your device does not provide any health values.") false; + $LogPrint debug $ScriptName ("Your device does not provide any health values."); :error true; } @@ -148,7 +148,7 @@ :if ([ :typeof ($CheckHealthLast->$Name) ] != "nothing") do={ :if ([ :typeof ($CheckHealthTemperature->$Name) ] != "num" ) do={ - $LogPrintExit2 info $ScriptName ("No threshold given for " . $Name . ", assuming 50C.") false; + $LogPrint info $ScriptName ("No threshold given for " . $Name . ", assuming 50C."); :set ($CheckHealthTemperature->$Name) 50; } :local Validate [ /system/health/get [ find where name=$Name ] value ]; From 7f154a178bf41a6d053cd86e339d8533c0028a51 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:37 +0100 Subject: [PATCH 364/908] check-lte-firmware-upgrade: switch to $LogPrint --- check-lte-firmware-upgrade.rsc | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/check-lte-firmware-upgrade.rsc b/check-lte-firmware-upgrade.rsc index f2a6e37..e7f06f3 100644 --- a/check-lte-firmware-upgrade.rsc +++ b/check-lte-firmware-upgrade.rsc @@ -35,7 +35,7 @@ :global FormatLine; :global IfThenElse; - :global LogPrintExit2; + :global LogPrint; :global ScriptFromTerminal; :global SendNotification2; :global SymbolForNotification; @@ -47,19 +47,19 @@ :set Firmware [ /interface/lte/firmware-upgrade $Interface once as-value ]; :set Info [ /interface/lte/monitor $Interface once as-value ]; } on-error={ - $LogPrintExit2 debug $ScriptName ("Could not get latest LTE firmware version for interface " . \ - $IntName . ".") false; + $LogPrint debug $ScriptName ("Could not get latest LTE firmware version for interface " . \ + $IntName . "."); :return false; } :if ([ :len ($Firmware->"latest") ] = 0) do={ - $LogPrintExit2 info $ScriptName ("An empty string is not a valid version.") false; + $LogPrint info $ScriptName ("An empty string is not a valid version."); :return false; } :if (($Firmware->"installed") = ($Firmware->"latest")) do={ :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ - $LogPrintExit2 info $ScriptName ("No firmware upgrade available for LTE interface " . $IntName . ".") false; + $LogPrint info $ScriptName ("No firmware upgrade available for LTE interface " . $IntName . "."); } :return true; } @@ -69,7 +69,7 @@ :put ("Do you want to start unattended lte firmware upgrade for interface " . $IntName . "? [y/N]"); :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ /system/script/run unattended-lte-firmware-upgrade; - $LogPrintExit2 info $ScriptName ("Scheduled lte firmware upgrade for interface " . $IntName . "...") false; + $LogPrint info $ScriptName ("Scheduled lte firmware upgrade for interface " . $IntName . "..."); :return true; } else={ :put "Canceled..."; @@ -77,13 +77,13 @@ } :if (($SentLteFirmwareUpgradeNotification->$IntName) = ($Firmware->"latest")) do={ - $LogPrintExit2 debug $ScriptName ("Already sent the LTE firmware upgrade notification for version " . \ - ($Firmware->"latest") . ".") false; + $LogPrint debug $ScriptName ("Already sent the LTE firmware upgrade notification for version " . \ + ($Firmware->"latest") . "."); :return false; } - $LogPrintExit2 info $ScriptName ("A new firmware version " . ($Firmware->"latest") . " is available for " . \ - "LTE interface " . $IntName . ".") false; + $LogPrint info $ScriptName ("A new firmware version " . ($Firmware->"latest") . " is available for " . \ + "LTE interface " . $IntName . "."); $SendNotification2 ({ origin=$ScriptName; \ subject=([ $SymbolForNotification "sparkles" ] . "LTE firmware upgrade"); \ message=("A new firmware version " . ($Firmware->"latest") . " is available for " . \ From a996bdac2aa42728676fe2acc1f0b589aae6673c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:37 +0100 Subject: [PATCH 365/908] check-routeros-update: switch to $LogPrint --- check-routeros-update.rsc | 35 ++++++++++++++++++----------------- 1 file changed, 18 insertions(+), 17 deletions(-) diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index a68762b..e209610 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -24,7 +24,7 @@ :global DeviceInfo; :global EscapeForRegEx; - :global LogPrintExit2; + :global LogPrint; :global ScriptFromTerminal; :global ScriptLock; :global SendNotification2; @@ -50,12 +50,12 @@ :error "A reboot for update is already scheduled."; } - $LogPrintExit2 debug $ScriptName ("Checking for updates...") false; + $LogPrint debug $ScriptName ("Checking for updates..."); /system/package/update/check-for-updates without-paging as-value; :local Update [ /system/package/update/get ]; :if ([ $ScriptFromTerminal $ScriptName ] = true && ($Update->"installed-version") = ($Update->"latest-version")) do={ - $LogPrintExit2 info $ScriptName ("System is already up to date.") false; + $LogPrint info $ScriptName ("System is already up to date."); :error true; } @@ -64,13 +64,14 @@ :local Link ("https://mikrotik.com/download/changelogs/" . $Update->"channel" . "-release-tree"); :if ($NumLatest < 117505792) do={ - $LogPrintExit2 info $ScriptName ("The version '" . ($Update->"latest-version") . "' is not a valid version.") true; + $LogPrint info $ScriptName ("The version '" . ($Update->"latest-version") . "' is not a valid version."); + :error false; } :if ($NumInstalled < $NumLatest) do={ :if ($SafeUpdateAll ~ "^YES,? ?PLEASE!?\$") do={ - $LogPrintExit2 info $ScriptName ("Installing ALL versions automatically, including " . \ - $Update->"latest-version" . "...") false; + $LogPrint info $ScriptName ("Installing ALL versions automatically, including " . \ + $Update->"latest-version" . "..."); $SendNotification2 ({ origin=$ScriptName; \ subject=([ $SymbolForNotification "sparkles" ] . "RouterOS update: " . $Update->"latest-version"); \ message=("Installing ALL versions automatically, including " . $Update->"latest-version" . \ @@ -79,7 +80,7 @@ } :if ($SafeUpdatePatch = true && ($NumInstalled & 0xffff0000) = ($NumLatest & 0xffff0000)) do={ - $LogPrintExit2 info $ScriptName ("Version " . $Update->"latest-version" . " is a patch release, updating...") false; + $LogPrint info $ScriptName ("Version " . $Update->"latest-version" . " is a patch release, updating..."); $SendNotification2 ({ origin=$ScriptName; \ subject=([ $SymbolForNotification "sparkles" ] . "RouterOS update: " . $Update->"latest-version"); \ message=("Version " . $Update->"latest-version" . " is a patch update for " . $Update->"channel" . \ @@ -92,8 +93,8 @@ version~("^" . [ $EscapeForRegEx ($Update->"latest-version") ] . "\\b") ]; :if ([ :len $Neighbors ] > 0) do={ :local Neighbor [ /ip/neighbor/get ($Neighbors->0) identity ]; - $LogPrintExit2 info $ScriptName ("Seen a neighbor (" . $Neighbor . ") running version " . \ - $Update->"latest-version" . " from " . $Update->"channel" . ", updating...") false; + $LogPrint info $ScriptName ("Seen a neighbor (" . $Neighbor . ") running version " . \ + $Update->"latest-version" . " from " . $Update->"channel" . ", updating..."); $SendNotification2 ({ origin=$ScriptName; \ subject=([ $SymbolForNotification "sparkles" ] . "RouterOS update: " . $Update->"latest-version"); \ message=("Seen a neighbor (" . $Neighbor . ") running version " . $Update->"latest-version" . \ @@ -109,10 +110,10 @@ ($SafeUpdateUrl . $Update->"channel" . "?installed=" . $Update->"installed-version" . \ "&latest=" . $Update->"latest-version") output=user as-value ]; } on-error={ - $LogPrintExit2 warning $ScriptName ("Failed receiving safe version for " . $Update->"channel" . ".") false; + $LogPrint warning $ScriptName ("Failed receiving safe version for " . $Update->"channel" . "."); } :if ($Result->"status" = "finished" && $Result->"data" = $Update->"latest-version") do={ - $LogPrintExit2 info $ScriptName ("Version " . $Update->"latest-version" . " is considered safe, updating...") false; + $LogPrint info $ScriptName ("Version " . $Update->"latest-version" . " is considered safe, updating..."); $SendNotification2 ({ origin=$ScriptName; \ subject=([ $SymbolForNotification "sparkles" ] . "RouterOS update: " . $Update->"latest-version"); \ message=("Version " . $Update->"latest-version" . " is considered safe for " . $Update->"channel" . \ @@ -131,8 +132,8 @@ } :if ($SentRouterosUpdateNotification = $Update->"latest-version") do={ - $LogPrintExit2 info $ScriptName ("Already sent the RouterOS update notification for version " . \ - $Update->"latest-version" . ".") false; + $LogPrint info $ScriptName ("Already sent the RouterOS update notification for version " . \ + $Update->"latest-version" . "."); :error true; } @@ -146,8 +147,8 @@ :if ($NumInstalled > $NumLatest) do={ :if ($SentRouterosUpdateNotification = $Update->"latest-version") do={ - $LogPrintExit2 info $ScriptName ("Already sent the RouterOS downgrade notification for version " . \ - $Update->"latest-version" . ".") false; + $LogPrint info $ScriptName ("Already sent the RouterOS downgrade notification for version " . \ + $Update->"latest-version" . "."); :error true; } @@ -156,8 +157,8 @@ message=("A different RouterOS version " . ($Update->"latest-version") . \ " is available for " . $Identity . ", but it is a downgrade.\n\n" . \ [ $DeviceInfo ]); link=$Link; silent=true }); - $LogPrintExit2 info $ScriptName ("A different RouterOS version " . ($Update->"latest-version") . \ - " is available for downgrade.") false; + $LogPrint info $ScriptName ("A different RouterOS version " . ($Update->"latest-version") . \ + " is available for downgrade."); :set SentRouterosUpdateNotification ($Update->"latest-version"); } } on-error={ } From 5016f4d28ccef4d3b0b1ab55cacb8cf3ee9d0cea Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:37 +0100 Subject: [PATCH 366/908] collect-wireless-mac: switch to $LogPrint --- collect-wireless-mac.capsman.rsc | 14 +++++++------- collect-wireless-mac.local.rsc | 14 +++++++------- collect-wireless-mac.template.rsc | 18 +++++++++--------- collect-wireless-mac.wifi.rsc | 14 +++++++------- 4 files changed, 30 insertions(+), 30 deletions(-) diff --git a/collect-wireless-mac.capsman.rsc b/collect-wireless-mac.capsman.rsc index 5423624..dcb303c 100644 --- a/collect-wireless-mac.capsman.rsc +++ b/collect-wireless-mac.capsman.rsc @@ -23,7 +23,7 @@ :global FormatLine; :global FormatMultiLines; :global GetMacVendor; - :global LogPrintExit2; + :global LogPrint; :global ScriptLock; :global SendNotification2; :global SymbolForNotification; @@ -34,7 +34,7 @@ :if ([ :len [ /caps-man/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ /caps-man/access-list/add comment="--- collected above ---" disabled=yes; - $LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- collected above ---'.") false; + $LogPrint warning $ScriptName ("Added disabled access-list entry with comment '--- collected above ---'."); } :local PlaceBefore ([ /caps-man/access-list/find where comment="--- collected above ---" disabled ]->0); @@ -43,14 +43,14 @@ :do { :set RegVal [ /caps-man/registration-table/get $Reg ]; } on-error={ - $LogPrintExit2 debug $ScriptName ("Device already gone... Ignoring.") false; + $LogPrint debug $ScriptName ("Device already gone... Ignoring."); } :if ([ :len ($RegVal->"mac-address") ] > 0) do={ :local AccessList ([ /caps-man/access-list/find where mac-address=($RegVal->"mac-address") ]->0); :if ([ :len $AccessList ] > 0) do={ - $LogPrintExit2 debug $ScriptName ("MAC address " . $RegVal->"mac-address" . " already known: " . \ - [ /caps-man/access-list/get $AccessList comment ]) false; + $LogPrint debug $ScriptName ("MAC address " . $RegVal->"mac-address" . " already known: " . \ + [ /caps-man/access-list/get $AccessList comment ]); } :if ([ :len $AccessList ] = 0) do={ @@ -74,7 +74,7 @@ :local Vendor [ $GetMacVendor ($RegVal->"mac-address") ]; :local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \ "first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface"); - $LogPrintExit2 info $ScriptName $Message false; + $LogPrint info $ScriptName $Message; /caps-man/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; $SendNotification2 ({ origin=$ScriptName; \ subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \ @@ -90,7 +90,7 @@ [ $FormatLine "Date" $DateTime ]) }); } } else={ - $LogPrintExit2 debug $ScriptName ("No mac address available... Ignoring.") false; + $LogPrint debug $ScriptName ("No mac address available... Ignoring."); } } } on-error={ } diff --git a/collect-wireless-mac.local.rsc b/collect-wireless-mac.local.rsc index a4e81a3..7c1122c 100644 --- a/collect-wireless-mac.local.rsc +++ b/collect-wireless-mac.local.rsc @@ -23,7 +23,7 @@ :global FormatLine; :global FormatMultiLines; :global GetMacVendor; - :global LogPrintExit2; + :global LogPrint; :global ScriptLock; :global SendNotification2; :global SymbolForNotification; @@ -34,7 +34,7 @@ :if ([ :len [ /interface/wireless/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ /interface/wireless/access-list/add comment="--- collected above ---" disabled=yes; - $LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- collected above ---'.") false; + $LogPrint warning $ScriptName ("Added disabled access-list entry with comment '--- collected above ---'."); } :local PlaceBefore ([ /interface/wireless/access-list/find where comment="--- collected above ---" disabled ]->0); @@ -43,14 +43,14 @@ :do { :set RegVal [ /interface/wireless/registration-table/get $Reg ]; } on-error={ - $LogPrintExit2 debug $ScriptName ("Device already gone... Ignoring.") false; + $LogPrint debug $ScriptName ("Device already gone... Ignoring."); } :if ([ :len ($RegVal->"mac-address") ] > 0) do={ :local AccessList ([ /interface/wireless/access-list/find where mac-address=($RegVal->"mac-address") ]->0); :if ([ :len $AccessList ] > 0) do={ - $LogPrintExit2 debug $ScriptName ("MAC address " . $RegVal->"mac-address" . " already known: " . \ - [ /interface/wireless/access-list/get $AccessList comment ]) false; + $LogPrint debug $ScriptName ("MAC address " . $RegVal->"mac-address" . " already known: " . \ + [ /interface/wireless/access-list/get $AccessList comment ]); } :if ([ :len $AccessList ] = 0) do={ @@ -75,7 +75,7 @@ :local Vendor [ $GetMacVendor ($RegVal->"mac-address") ]; :local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \ "first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface"); - $LogPrintExit2 info $ScriptName $Message false; + $LogPrint info $ScriptName $Message; /interface/wireless/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; $SendNotification2 ({ origin=$ScriptName; \ subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \ @@ -91,7 +91,7 @@ [ $FormatLine "Date" $DateTime ]) }); } } else={ - $LogPrintExit2 debug $ScriptName ("No mac address available... Ignoring.") false; + $LogPrint debug $ScriptName ("No mac address available... Ignoring."); } } } on-error={ } diff --git a/collect-wireless-mac.template.rsc b/collect-wireless-mac.template.rsc index f647eb3..b8c5ff8 100644 --- a/collect-wireless-mac.template.rsc +++ b/collect-wireless-mac.template.rsc @@ -24,7 +24,7 @@ :global FormatLine; :global FormatMultiLines; :global GetMacVendor; - :global LogPrintExit2; + :global LogPrint; :global ScriptLock; :global SendNotification2; :global SymbolForNotification; @@ -39,7 +39,7 @@ /caps-man/access-list/add comment="--- collected above ---" disabled=yes; /interface/wifi/access-list/add comment="--- collected above ---" disabled=yes; /interface/wireless/access-list/add comment="--- collected above ---" disabled=yes; - $LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- collected above ---'.") false; + $LogPrint warning $ScriptName ("Added disabled access-list entry with comment '--- collected above ---'."); } :local PlaceBefore ([ /caps-man/access-list/find where comment="--- collected above ---" disabled ]->0); :local PlaceBefore ([ /interface/wifi/access-list/find where comment="--- collected above ---" disabled ]->0); @@ -54,7 +54,7 @@ :set RegVal [ /interface/wifi/registration-table/get $Reg ]; :set RegVal [ /interface/wireless/registration-table/get $Reg ]; } on-error={ - $LogPrintExit2 debug $ScriptName ("Device already gone... Ignoring.") false; + $LogPrint debug $ScriptName ("Device already gone... Ignoring."); } :if ([ :len ($RegVal->"mac-address") ] > 0) do={ @@ -62,10 +62,10 @@ :local AccessList ([ /interface/wifi/access-list/find where mac-address=($RegVal->"mac-address") ]->0); :local AccessList ([ /interface/wireless/access-list/find where mac-address=($RegVal->"mac-address") ]->0); :if ([ :len $AccessList ] > 0) do={ - $LogPrintExit2 debug $ScriptName ("MAC address " . $RegVal->"mac-address" . " already known: " . \ - [ /caps-man/access-list/get $AccessList comment ]) false; - [ /interface/wifi/access-list/get $AccessList comment ]) false; - [ /interface/wireless/access-list/get $AccessList comment ]) false; + $LogPrint debug $ScriptName ("MAC address " . $RegVal->"mac-address" . " already known: " . \ + [ /caps-man/access-list/get $AccessList comment ]); + [ /interface/wifi/access-list/get $AccessList comment ]); + [ /interface/wireless/access-list/get $AccessList comment ]); } :if ([ :len $AccessList ] = 0) do={ @@ -90,7 +90,7 @@ :local Vendor [ $GetMacVendor ($RegVal->"mac-address") ]; :local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \ "first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface"); - $LogPrintExit2 info $ScriptName $Message false; + $LogPrint info $ScriptName $Message; /caps-man/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; /interface/wifi/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; /interface/wireless/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; @@ -108,7 +108,7 @@ [ $FormatLine "Date" $DateTime ]) }); } } else={ - $LogPrintExit2 debug $ScriptName ("No mac address available... Ignoring.") false; + $LogPrint debug $ScriptName ("No mac address available... Ignoring."); } } } on-error={ } diff --git a/collect-wireless-mac.wifi.rsc b/collect-wireless-mac.wifi.rsc index 063d6dc..b8ad939 100644 --- a/collect-wireless-mac.wifi.rsc +++ b/collect-wireless-mac.wifi.rsc @@ -23,7 +23,7 @@ :global FormatLine; :global FormatMultiLines; :global GetMacVendor; - :global LogPrintExit2; + :global LogPrint; :global ScriptLock; :global SendNotification2; :global SymbolForNotification; @@ -34,7 +34,7 @@ :if ([ :len [ /interface/wifi/access-list/find where comment="--- collected above ---" disabled ] ] = 0) do={ /interface/wifi/access-list/add comment="--- collected above ---" disabled=yes; - $LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- collected above ---'.") false; + $LogPrint warning $ScriptName ("Added disabled access-list entry with comment '--- collected above ---'."); } :local PlaceBefore ([ /interface/wifi/access-list/find where comment="--- collected above ---" disabled ]->0); @@ -43,14 +43,14 @@ :do { :set RegVal [ /interface/wifi/registration-table/get $Reg ]; } on-error={ - $LogPrintExit2 debug $ScriptName ("Device already gone... Ignoring.") false; + $LogPrint debug $ScriptName ("Device already gone... Ignoring."); } :if ([ :len ($RegVal->"mac-address") ] > 0) do={ :local AccessList ([ /interface/wifi/access-list/find where mac-address=($RegVal->"mac-address") ]->0); :if ([ :len $AccessList ] > 0) do={ - $LogPrintExit2 debug $ScriptName ("MAC address " . $RegVal->"mac-address" . " already known: " . \ - [ /interface/wifi/access-list/get $AccessList comment ]) false; + $LogPrint debug $ScriptName ("MAC address " . $RegVal->"mac-address" . " already known: " . \ + [ /interface/wifi/access-list/get $AccessList comment ]); } :if ([ :len $AccessList ] = 0) do={ @@ -74,7 +74,7 @@ :local Vendor [ $GetMacVendor ($RegVal->"mac-address") ]; :local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \ "first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface"); - $LogPrintExit2 info $ScriptName $Message false; + $LogPrint info $ScriptName $Message; /interface/wifi/access-list/add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes; $SendNotification2 ({ origin=$ScriptName; \ subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \ @@ -90,7 +90,7 @@ [ $FormatLine "Date" $DateTime ]) }); } } else={ - $LogPrintExit2 debug $ScriptName ("No mac address available... Ignoring.") false; + $LogPrint debug $ScriptName ("No mac address available... Ignoring."); } } } on-error={ } From 4ab8dbd774f6d024db493359a7cb345f3bd76c8b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 367/908] daily-psk: switch to $LogPrint --- daily-psk.capsman.rsc | 6 +++--- daily-psk.local.rsc | 6 +++--- daily-psk.template.rsc | 6 +++--- daily-psk.wifi.rsc | 6 +++--- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/daily-psk.capsman.rsc b/daily-psk.capsman.rsc index c9c0186..43651d0 100644 --- a/daily-psk.capsman.rsc +++ b/daily-psk.capsman.rsc @@ -22,7 +22,7 @@ :global Identity; :global FormatLine; - :global LogPrintExit2; + :global LogPrint; :global ScriptLock; :global SendNotification2; :global SymbolForNotification; @@ -68,12 +68,12 @@ :local Skip 0; :if ($NewPsk != $OldPsk) do={ - $LogPrintExit2 info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false; + $LogPrint info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")"); /caps-man/access-list/set $AccList private-passphrase=$NewPsk; :if ([ :len [ /caps-man/actual-interface-configuration/find where configuration.ssid=$Ssid !disabled ] ] > 0) do={ :if ($Seen->$Ssid = 1) do={ - $LogPrintExit2 debug $ScriptName ("Already sent a mail for SSID " . $Ssid . ", skipping.") false; + $LogPrint debug $ScriptName ("Already sent a mail for SSID " . $Ssid . ", skipping."); } else={ :local Link ($DailyPskQrCodeUrl . \ "?scale=8&level=1&ssid=" . [ $UrlEncode $Ssid ] . "&pass=" . [ $UrlEncode $NewPsk ]); diff --git a/daily-psk.local.rsc b/daily-psk.local.rsc index 228efc8..2dbc61b 100644 --- a/daily-psk.local.rsc +++ b/daily-psk.local.rsc @@ -22,7 +22,7 @@ :global Identity; :global FormatLine; - :global LogPrintExit2; + :global LogPrint; :global ScriptLock; :global SendNotification2; :global SymbolForNotification; @@ -67,12 +67,12 @@ :local Skip 0; :if ($NewPsk != $OldPsk) do={ - $LogPrintExit2 info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false; + $LogPrint info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")"); /interface/wireless/access-list/set $AccList private-pre-shared-key=$NewPsk; :if ([ :len [ /interface/wireless/find where name=$IntName !disabled ] ] = 1) do={ :if ($Seen->$Ssid = 1) do={ - $LogPrintExit2 debug $ScriptName ("Already sent a mail for SSID " . $Ssid . ", skipping.") false; + $LogPrint debug $ScriptName ("Already sent a mail for SSID " . $Ssid . ", skipping."); } else={ :local Link ($DailyPskQrCodeUrl . \ "?scale=8&level=1&ssid=" . [ $UrlEncode $Ssid ] . "&pass=" . [ $UrlEncode $NewPsk ]); diff --git a/daily-psk.template.rsc b/daily-psk.template.rsc index 4403fe6..e190ffb 100644 --- a/daily-psk.template.rsc +++ b/daily-psk.template.rsc @@ -23,7 +23,7 @@ :global Identity; :global FormatLine; - :global LogPrintExit2; + :global LogPrint; :global ScriptLock; :global SendNotification2; :global SymbolForNotification; @@ -79,7 +79,7 @@ :local Skip 0; :if ($NewPsk != $OldPsk) do={ - $LogPrintExit2 info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false; + $LogPrint info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")"); /caps-man/access-list/set $AccList private-passphrase=$NewPsk; /interface/wifi/access-list/set $AccList passphrase=$NewPsk; /interface/wireless/access-list/set $AccList private-pre-shared-key=$NewPsk; @@ -88,7 +88,7 @@ :if ([ :len [ /interface/wifi/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={ :if ([ :len [ /interface/wireless/find where name=$IntName !disabled ] ] = 1) do={ :if ($Seen->$Ssid = 1) do={ - $LogPrintExit2 debug $ScriptName ("Already sent a mail for SSID " . $Ssid . ", skipping.") false; + $LogPrint debug $ScriptName ("Already sent a mail for SSID " . $Ssid . ", skipping."); } else={ :local Link ($DailyPskQrCodeUrl . \ "?scale=8&level=1&ssid=" . [ $UrlEncode $Ssid ] . "&pass=" . [ $UrlEncode $NewPsk ]); diff --git a/daily-psk.wifi.rsc b/daily-psk.wifi.rsc index e9b5199..ee3e1b0 100644 --- a/daily-psk.wifi.rsc +++ b/daily-psk.wifi.rsc @@ -22,7 +22,7 @@ :global Identity; :global FormatLine; - :global LogPrintExit2; + :global LogPrint; :global ScriptLock; :global SendNotification2; :global SymbolForNotification; @@ -68,12 +68,12 @@ :local Skip 0; :if ($NewPsk != $OldPsk) do={ - $LogPrintExit2 info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false; + $LogPrint info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")"); /interface/wifi/access-list/set $AccList passphrase=$NewPsk; :if ([ :len [ /interface/wifi/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={ :if ($Seen->$Ssid = 1) do={ - $LogPrintExit2 debug $ScriptName ("Already sent a mail for SSID " . $Ssid . ", skipping.") false; + $LogPrint debug $ScriptName ("Already sent a mail for SSID " . $Ssid . ", skipping."); } else={ :local Link ($DailyPskQrCodeUrl . \ "?scale=8&level=1&ssid=" . [ $UrlEncode $Ssid ] . "&pass=" . [ $UrlEncode $NewPsk ]); From 5638bdcc2d6a6c333c5a11df4946ff88cb3ecb43 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 368/908] dhcp-lease-comment: switch to $LogPrint --- dhcp-lease-comment.capsman.rsc | 4 ++-- dhcp-lease-comment.local.rsc | 4 ++-- dhcp-lease-comment.template.rsc | 4 ++-- dhcp-lease-comment.wifi.rsc | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/dhcp-lease-comment.capsman.rsc b/dhcp-lease-comment.capsman.rsc index 1b61167..4ac228b 100644 --- a/dhcp-lease-comment.capsman.rsc +++ b/dhcp-lease-comment.capsman.rsc @@ -17,7 +17,7 @@ :do { :local ScriptName [ :jobname ]; - :global LogPrintExit2; + :global LogPrint; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ @@ -32,7 +32,7 @@ :set NewComment [ /caps-man/access-list/get $AccessList comment ]; } :if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={ - $LogPrintExit2 info $ScriptName ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment) false; + $LogPrint info $ScriptName ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment); /ip/dhcp-server/lease/set comment=$NewComment $Lease; } } diff --git a/dhcp-lease-comment.local.rsc b/dhcp-lease-comment.local.rsc index 5401a77..a49f74f 100644 --- a/dhcp-lease-comment.local.rsc +++ b/dhcp-lease-comment.local.rsc @@ -17,7 +17,7 @@ :do { :local ScriptName [ :jobname ]; - :global LogPrintExit2; + :global LogPrint; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ @@ -32,7 +32,7 @@ :set NewComment [ /interface/wireless/access-list/get $AccessList comment ]; } :if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={ - $LogPrintExit2 info $ScriptName ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment) false; + $LogPrint info $ScriptName ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment); /ip/dhcp-server/lease/set comment=$NewComment $Lease; } } diff --git a/dhcp-lease-comment.template.rsc b/dhcp-lease-comment.template.rsc index 6ed8fc3..0f0975b 100644 --- a/dhcp-lease-comment.template.rsc +++ b/dhcp-lease-comment.template.rsc @@ -18,7 +18,7 @@ :do { :local ScriptName [ :jobname ]; - :global LogPrintExit2; + :global LogPrint; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ @@ -37,7 +37,7 @@ :set NewComment [ /interface/wireless/access-list/get $AccessList comment ]; } :if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={ - $LogPrintExit2 info $ScriptName ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment) false; + $LogPrint info $ScriptName ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment); /ip/dhcp-server/lease/set comment=$NewComment $Lease; } } diff --git a/dhcp-lease-comment.wifi.rsc b/dhcp-lease-comment.wifi.rsc index 62ed03d..c9c091b 100644 --- a/dhcp-lease-comment.wifi.rsc +++ b/dhcp-lease-comment.wifi.rsc @@ -17,7 +17,7 @@ :do { :local ScriptName [ :jobname ]; - :global LogPrintExit2; + :global LogPrint; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ @@ -32,7 +32,7 @@ :set NewComment [ /interface/wifi/access-list/get $AccessList comment ]; } :if ([ :len $NewComment ] != 0 && $LeaseVal->"comment" != $NewComment) do={ - $LogPrintExit2 info $ScriptName ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment) false; + $LogPrint info $ScriptName ("Updating comment for DHCP lease " . $LeaseVal->"active-mac-address" . ": " . $NewComment); /ip/dhcp-server/lease/set comment=$NewComment $Lease; } } From 5c775fdb3f28aaa2f354db3dca8ae3abd29c3d9d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 369/908] dhcp-to-dns: switch to $LogPrint --- dhcp-to-dns.rsc | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/dhcp-to-dns.rsc b/dhcp-to-dns.rsc index d0638c7..5b6e64a 100644 --- a/dhcp-to-dns.rsc +++ b/dhcp-to-dns.rsc @@ -21,7 +21,7 @@ :global CleanName; :global EitherOr; :global IfThenElse; - :global LogPrintExit2; + :global LogPrint; :global LogPrintOnce; :global ParseKeyValueStore; :global ScriptLock; @@ -36,7 +36,7 @@ :if ([ :len [ /ip/dns/static/find where (name=$CommentString or (comment=$CommentString and name=-)) type=NXDOMAIN disabled ] ] = 0) do={ /ip/dns/static/add name=$CommentString type=NXDOMAIN disabled=yes; - $LogPrintExit2 warning $ScriptName ("Added disabled static dns record with name '" . $CommentString . "'.") false; + $LogPrint warning $ScriptName ("Added disabled static dns record with name '" . $CommentString . "'."); } :local PlaceBefore ([ /ip/dns/static/find where (name=$CommentString or (comment=$CommentString and name=-)) type=NXDOMAIN disabled ]->0); @@ -47,10 +47,10 @@ :if ([ :len [ /ip/dhcp-server/lease/find where active-mac-address=($DnsRecordInfo->"macaddress") \ active-address=($DnsRecordVal->"address") server=($DnsRecordInfo->"server") status=bound ] ] > 0) do={ - $LogPrintExit2 debug $ScriptName ("Lease for " . $MacInServer . " (" . $DnsRecordVal->"name" . ") still exists. Not deleting record.") false; + $LogPrint debug $ScriptName ("Lease for " . $MacInServer . " (" . $DnsRecordVal->"name" . ") still exists. Not deleting record."); } else={ :local Found false; - $LogPrintExit2 info $ScriptName ("Lease expired for " . $MacInServer . ", deleting record (" . $DnsRecordVal->"name" . ").") false; + $LogPrint info $ScriptName ("Lease expired for " . $MacInServer . ", deleting record (" . $DnsRecordVal->"name" . ")."); /ip/dns/static/remove $DnsRecord; /ip/dns/static/remove [ find where type=CNAME comment=($DnsRecordVal->"comment") ]; } @@ -64,7 +64,7 @@ $LogPrintOnce info $ScriptName ("Multiple bound leases found for mac-address " . ($LeaseVal->"active-mac-address") . "!"); } } on-error={ - $LogPrintExit2 debug $ScriptName ("A lease just vanished, ignoring.") false; + $LogPrint debug $ScriptName ("A lease just vanished, ignoring."); } :if ([ :len ($LeaseVal->"active-address") ] > 0) do={ @@ -88,9 +88,9 @@ :local DnsRecordVal [ /ip/dns/static/get $DnsRecord ]; :if ($DnsRecordVal->"address" = $LeaseVal->"active-address" && $DnsRecordVal->"name" = $FullA) do={ - $LogPrintExit2 debug $ScriptName ("The A record for " . $MacInServer . " (" . $FullA . ") does not need updating.") false; + $LogPrint debug $ScriptName ("The A record for " . $MacInServer . " (" . $FullA . ") does not need updating."); } else={ - $LogPrintExit2 info $ScriptName ("Updating A record for " . $MacInServer . " (" . $FullA . " -> " . $LeaseVal->"active-address" . ").") false; + $LogPrint info $ScriptName ("Updating A record for " . $MacInServer . " (" . $FullA . " -> " . $LeaseVal->"active-address" . ")."); /ip/dns/static/set address=($LeaseVal->"active-address") name=$FullA $DnsRecord; } @@ -98,20 +98,20 @@ :if ([ :len $CName ] > 0) do={ :local CNameVal [ /ip/dns/static/get $CName ]; :if ($CNameVal->"name" != $FullCN || $CNameVal->"cname" != $FullA) do={ - $LogPrintExit2 info $ScriptName ("Deleting CNAME record with wrong data for " . $MacInServer . ".") false; + $LogPrint info $ScriptName ("Deleting CNAME record with wrong data for " . $MacInServer . "."); /ip/dns/static/remove $CName; } } :if ([ :len $HostName ] > 0 && [ :len [ /ip/dns/static/find where name=$FullCN type=CNAME ] ] = 0) do={ - $LogPrintExit2 info $ScriptName ("Adding CNAME record for " . $MacInServer . " (" . $FullCN . " -> " . $FullA . ").") false; + $LogPrint info $ScriptName ("Adding CNAME record for " . $MacInServer . " (" . $FullCN . " -> " . $FullA . ")."); /ip/dns/static/add name=$FullCN type=CNAME cname=$FullA ttl=$Ttl comment=$Comment place-before=$PlaceBefore; } } else={ - $LogPrintExit2 info $ScriptName ("Adding A record for " . $MacInServer . " (" . $FullA . " -> " . $LeaseVal->"active-address" . ").") false; + $LogPrint info $ScriptName ("Adding A record for " . $MacInServer . " (" . $FullA . " -> " . $LeaseVal->"active-address" . ")."); /ip/dns/static/add name=$FullA type=A address=($LeaseVal->"active-address") ttl=$Ttl comment=$Comment place-before=$PlaceBefore; :if ([ :len $HostName ] > 0 && [ :len [ /ip/dns/static/find where name=$FullCN type=CNAME ] ] = 0) do={ - $LogPrintExit2 info $ScriptName ("Adding CNAME record for " . $MacInServer . " (" . $FullCN . " -> " . $FullA . ").") false; + $LogPrint info $ScriptName ("Adding CNAME record for " . $MacInServer . " (" . $FullCN . " -> " . $FullA . ")."); /ip/dns/static/add name=$FullCN type=CNAME cname=$FullA ttl=$Ttl comment=$Comment place-before=$PlaceBefore; } } @@ -120,7 +120,7 @@ $LogPrintOnce warning $ScriptName ("The name '" . $FullA . "' appeared in more than one A record!"); } } else={ - $LogPrintExit2 debug $ScriptName ("No address available... Ignoring.") false; + $LogPrint debug $ScriptName ("No address available... Ignoring."); } } } on-error={ } From c8e4cb05267f50ebc06d5cebc30186f0a5618252 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 370/908] firmware-upgrade-reboot: switch to $LogPrint --- firmware-upgrade-reboot.rsc | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/firmware-upgrade-reboot.rsc b/firmware-upgrade-reboot.rsc index 6499d27..038f74e 100644 --- a/firmware-upgrade-reboot.rsc +++ b/firmware-upgrade-reboot.rsc @@ -14,7 +14,7 @@ :do { :local ScriptName [ :jobname ]; - :global LogPrintExit2; + :global LogPrint; :global ScriptLock; :global VersionToNum; @@ -24,18 +24,18 @@ :local RouterBoard [ /system/routerboard/get ]; :if ($RouterBoard->"current-firmware" = $RouterBoard->"upgrade-firmware") do={ - $LogPrintExit2 info $ScriptName ("Current and upgrade firmware match with version " . \ - $RouterBoard->"current-firmware" . ".") false; + $LogPrint info $ScriptName ("Current and upgrade firmware match with version " . \ + $RouterBoard->"current-firmware" . "."); :error true; } :if ([ $VersionToNum ($RouterBoard->"current-firmware") ] > [ $VersionToNum ($RouterBoard->"upgrade-firmware") ]) do={ - $LogPrintExit2 info $ScriptName ("Different firmware version is available, but it is a downgrade. Ignoring.") false; + $LogPrint info $ScriptName ("Different firmware version is available, but it is a downgrade. Ignoring."); :error true; } :if ([ /system/routerboard/settings/get auto-upgrade ] = false) do={ - $LogPrintExit2 info $ScriptName ("Firmware version " . $RouterBoard->"upgrade-firmware" . \ - " is available, upgrading.") false; + $LogPrint info $ScriptName ("Firmware version " . $RouterBoard->"upgrade-firmware" . \ + " is available, upgrading."); /system/routerboard/upgrade; } @@ -49,6 +49,6 @@ :delay $Uptime; } - $LogPrintExit2 info $ScriptName ("Firmware upgrade successful, rebooting.") false; + $LogPrint info $ScriptName ("Firmware upgrade successful, rebooting."); /system/reboot; } on-error={ } From 6715696ba1a4239b626e19a466cafae9e698c807 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 371/908] fw-addr-lists: switch to $LogPrint --- fw-addr-lists.rsc | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 4ec4105..64233ac 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -20,7 +20,7 @@ :global CertificateAvailable; :global EitherOr; - :global LogPrintExit2; + :global LogPrint; :global LogPrintOnce; :global ScriptLock; :global WaitFullyConnected; @@ -57,7 +57,7 @@ :if ([ :len ($List->"cert") ] > 0) do={ :set CheckCertificate "yes-without-crl"; :if ([ $CertificateAvailable ($List->"cert") ] = false) do={ - $LogPrintExit2 warning $ScriptName ("Downloading required certificate failed, trying anyway.") false; + $LogPrint warning $ScriptName ("Downloading required certificate failed, trying anyway."); } } @@ -68,7 +68,7 @@ http-header-field=({ $FetchUserAgent }) ($List->"url") as-value ]->"data"); } on-error={ :if ($I < 4) do={ - $LogPrintExit2 debug $ScriptName ("Failed downloading, " . $I . ". try: " . $List->"url") false; + $LogPrint debug $ScriptName ("Failed downloading, " . $I . ". try: " . $List->"url"); :delay (($I * $I) . "s"); } } @@ -78,7 +78,7 @@ :if ($Data = false) do={ :set Data ""; :set Failure true; - $LogPrintExit2 warning $ScriptName ("Failed downloading list from: " . $List->"url") false; + $LogPrint warning $ScriptName ("Failed downloading list from: " . $List->"url"); } :if ([ :len $Data ] > 63000) do={ @@ -103,13 +103,13 @@ :foreach Entry in=[ /ip/firewall/address-list/find where list=$FwListName comment=$ListComment ] do={ :local Address [ /ip/firewall/address-list/get $Entry address ]; :if ([ :typeof ($IPv4Addresses->$Address) ] = "time") do={ - $LogPrintExit2 debug $ScriptName ("Renewing IPv4 address for " . ($IPv4Addresses->$Address) . ": " . $Address) false; + $LogPrint debug $ScriptName ("Renewing IPv4 address for " . ($IPv4Addresses->$Address) . ": " . $Address); /ip/firewall/address-list/set $Entry timeout=($IPv4Addresses->$Address); :set ($IPv4Addresses->$Address); :set CntRenew ($CntRenew + 1); } else={ :if ($Failure = false) do={ - $LogPrintExit2 debug $ScriptName ("Removing IPv4 address: " . $Address) false; + $LogPrint debug $ScriptName ("Removing IPv4 address: " . $Address); /ip/firewall/address-list/remove $Entry; :set CntRemove ($CntRemove + 1); } @@ -119,13 +119,13 @@ :foreach Entry in=[ /ipv6/firewall/address-list/find where list=$FwListName comment=$ListComment ] do={ :local Address [ /ipv6/firewall/address-list/get $Entry address ]; :if ([ :typeof ($IPv6Addresses->$Address) ] = "time") do={ - $LogPrintExit2 debug $ScriptName ("Renewing IPv6 address for " . ($IPv6Addresses->$Address) . ": " . $Address) false; + $LogPrint debug $ScriptName ("Renewing IPv6 address for " . ($IPv6Addresses->$Address) . ": " . $Address); /ipv6/firewall/address-list/set $Entry timeout=($IPv6Addresses->$Address); :set ($IPv6Addresses->$Address); :set CntRenew ($CntRenew + 1); } else={ :if ($Failure = false) do={ - $LogPrintExit2 debug $ScriptName ("Removing: " . $Address) false; + $LogPrint debug $ScriptName ("Removing: " . $Address); /ipv6/firewall/address-list/remove $Entry; :set CntRemove ($CntRemove + 1); } @@ -133,27 +133,27 @@ } :foreach Address,Timeout in=$IPv4Addresses do={ - $LogPrintExit2 debug $ScriptName ("Adding IPv4 address for " . $Timeout . ": " . $Address) false; + $LogPrint debug $ScriptName ("Adding IPv4 address for " . $Timeout . ": " . $Address); :do { /ip/firewall/address-list/add list=$FwListName comment=$ListComment address=$Address timeout=$Timeout; :set ($IPv4Addresses->$Address); :set CntAdd ($CntAdd + 1); } on-error={ - $LogPrintExit2 warning $ScriptName ("Failed to add IPv4 address " . $Address . " to list '" . $FwListName . "'.") false; + $LogPrint warning $ScriptName ("Failed to add IPv4 address " . $Address . " to list '" . $FwListName . "'."); } } :foreach Address,Timeout in=$IPv6Addresses do={ - $LogPrintExit2 debug $ScriptName ("Adding IPv6 address for " . $Timeout . ": " . $Address) false; + $LogPrint debug $ScriptName ("Adding IPv6 address for " . $Timeout . ": " . $Address); :do { /ipv6/firewall/address-list/add list=$FwListName comment=$ListComment address=$Address timeout=$Timeout; :set ($IPv6Addresses->$Address); :set CntAdd ($CntAdd + 1); } on-error={ - $LogPrintExit2 warning $ScriptName ("Failed to add IPv6 address " . $Address . " to list '" . $FwListName . "'.") false; + $LogPrint warning $ScriptName ("Failed to add IPv6 address " . $Address . " to list '" . $FwListName . "'."); } } - $LogPrintExit2 info $ScriptName ("list: " . $FwListName . " -- added: " . $CntAdd . " - renewed: " . $CntRenew . " - removed: " . $CntRemove) false; + $LogPrint info $ScriptName ("list: " . $FwListName . " -- added: " . $CntAdd . " - renewed: " . $CntRenew . " - removed: " . $CntRemove); } } on-error={ } From 9dd1b768ee533545042b6e46fc9710bd39cc48d2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 372/908] global-functions: switch to $LogPrint --- global-functions.rsc | 162 ++++++++++++++++++++++--------------------- 1 file changed, 82 insertions(+), 80 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 1220eca..d33e3e2 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -102,18 +102,18 @@ :local CommonName [ :tostr $1 ]; :global CertificateDownload; - :global LogPrintExit2; + :global LogPrint; :global ParseKeyValueStore; :if ([ /system/resource/get free-hdd-space ] < 8388608 && \ [ /certificate/settings/get crl-download ] = true && \ [ /certificate/settings/get crl-store ] = "system") do={ - $LogPrintExit2 warning $0 ("This system has low free flash space but " . \ - "is configured to download certificate CRLs to system!") false; + $LogPrint warning $0 ("This system has low free flash space but " . \ + "is configured to download certificate CRLs to system!"); } :if ([ :len [ /certificate/find where common-name=$CommonName ] ] = 0) do={ - $LogPrintExit2 info $0 ("Certificate with CommonName \"" . $CommonName . "\" not available.") false; + $LogPrint info $0 ("Certificate with CommonName \"" . $CommonName . "\" not available."); :if ([ $CertificateDownload $CommonName ] = false) do={ :return false; } @@ -122,8 +122,8 @@ :local CertVal [ /certificate/get [ find where common-name=$CommonName ] ]; :while (($CertVal->"akid") != "" && ($CertVal->"akid") != ($CertVal->"skid")) do={ :if ([ :len [ /certificate/find where skid=($CertVal->"akid") ] ] = 0) do={ - $LogPrintExit2 info $0 ("Certificate chain for \"" . $CommonName . \ - "\" is incomplete, missing \"" . ([ $ParseKeyValueStore ($CertVal->"issuer") ]->"CN") . "\".") false; + $LogPrint info $0 ("Certificate chain for \"" . $CommonName . \ + "\" is incomplete, missing \"" . ([ $ParseKeyValueStore ($CertVal->"issuer") ]->"CN") . "\"."); :if ([ $CertificateDownload $CommonName ] = false) do={ :return false; } @@ -142,12 +142,12 @@ :global ScriptUpdatesUrlSuffix; :global CertificateNameByCN; - :global LogPrintExit2; + :global LogPrint; :global UrlEncode; :global WaitForFile; - $LogPrintExit2 info $0 ("Downloading and importing certificate with " . \ - "CommonName \"" . $CommonName . "\".") false; + $LogPrint info $0 ("Downloading and importing certificate with " . \ + "CommonName \"" . $CommonName . "\"."); :do { :local LocalFileName ($CommonName . ".pem"); :local UrlFileName ([ $UrlEncode $CommonName ] . ".pem"); @@ -163,8 +163,7 @@ $CertificateNameByCN [ /certificate/get $Cert common-name ]; } } on-error={ - $LogPrintExit2 warning $0 ("Failed importing certificate with " . \ - "CommonName \"" . $CommonName . "\"!") false; + $LogPrint warning $0 ("Failed importing certificate with CommonName \"" . $CommonName . "\"!"); :return false; } :return true; @@ -309,7 +308,7 @@ :global CertificateAvailable; :global CleanFilePath; - :global LogPrintExit2; + :global LogPrint; :global MkDir; :global WaitForFile; @@ -324,23 +323,23 @@ :local PkgDest [ $CleanFilePath ($PkgDir . "/" . $PkgFile) ]; :if ([ $MkDir $PkgDir ] = false) do={ - $LogPrintExit2 warning $0 ("Failed creating directory, not downloading package.") false; + $LogPrint warning $0 ("Failed creating directory, not downloading package."); :return false; } :if ([ :len [ /file/find where name=$PkgDest type="package" ] ] > 0) do={ - $LogPrintExit2 info $0 ("Package file " . $PkgName . " already exists.") false; + $LogPrint info $0 ("Package file " . $PkgName . " already exists."); :return true; } :if ([ $CertificateAvailable "R3" ] = false) do={ - $LogPrintExit2 error $0 ("Downloading required certificate failed.") false; + $LogPrint error $0 ("Downloading required certificate failed."); :return false; } :local Url ("https://upgrade.mikrotik.com/routeros/" . $PkgVer . "/" . $PkgFile); - $LogPrintExit2 info $0 ("Downloading package file '" . $PkgName . "'...") false; - $LogPrintExit2 debug $0 ("... from url: " . $Url) false; + $LogPrint info $0 ("Downloading package file '" . $PkgName . "'..."); + $LogPrint debug $0 ("... from url: " . $Url); :local Retry 3; :while ($Retry > 0) do={ :do { @@ -351,14 +350,14 @@ :return true; } } on-error={ - $LogPrintExit2 debug $0 ("Downloading package file failed.") false; + $LogPrint debug $0 ("Downloading package file failed."); } /file/remove [ find where name=$PkgDest ]; :set Retry ($Retry - 1); } - $LogPrintExit2 warning $0 ("Downloading package file '" . $PkgName . "' failed.") false; + $LogPrint warning $0 ("Downloading package file '" . $PkgName . "' failed."); :return false; } @@ -444,7 +443,7 @@ :global CertificateAvailable; :global IsMacLocallyAdministered; - :global LogPrintExit2; + :global LogPrint; :if ([ $IsMacLocallyAdministered $Mac ] = true) do={ :return "locally administered"; @@ -452,7 +451,8 @@ :do { :if ([ $CertificateAvailable "GTS CA 1P5" ] = false) do={ - $LogPrintExit2 warning $0 ("Downloading required certificate failed.") true; + $LogPrint warning $0 ("Downloading required certificate failed."); + :error false; } :local Vendor ([ /tool/fetch check-certificate=yes-without-crl \ ("https://api.macvendors.com/" . [ :pick $Mac 0 8 ]) output=user as-value ]->"data"); @@ -461,9 +461,9 @@ :do { /tool/fetch check-certificate=yes-without-crl ("https://api.macvendors.com/") \ output=none as-value; - $LogPrintExit2 debug $0 ("The mac vendor is not known in database.") false; + $LogPrint debug $0 ("The mac vendor is not known in database."); } on-error={ - $LogPrintExit2 warning $0 ("Failed getting mac vendor.") false; + $LogPrint warning $0 ("Failed getting mac vendor."); } :return "unknown vendor"; } @@ -610,7 +610,7 @@ :global IsTimeSyncCached; :global IsTimeSyncResetNtp; - :global LogPrintExit2; + :global LogPrint; :if ($IsTimeSyncCached = true) do={ :return true; @@ -639,7 +639,7 @@ :if ([ /system/license/get ]->"level" = "free" || \ [ /system/resource/get ]->"board-name" = "x86") do={ - $LogPrintExit2 debug $0 ("No ntp client configured, relying on RTC for CHR free license and x86.") false; + $LogPrint debug $0 ("No ntp client configured, relying on RTC for CHR free license and x86."); :return true; } @@ -651,7 +651,7 @@ :return false; } - $LogPrintExit2 debug $0 ("No time source configured! Returning gracefully...") false; + $LogPrint debug $0 ("No time source configured! Returning gracefully..."); :return true; } @@ -717,7 +717,7 @@ :local Name [ :tostr $2 ]; :local Message [ :tostr $3 ]; - :global LogPrintExit2; + :global LogPrint; :global LogPrintOnceMessages; @@ -730,7 +730,7 @@ } :set ($LogPrintOnceMessages->$Message) 1; - $LogPrintExit2 $Severity $Name $Message false; + $LogPrint $Severity $Name $Message; } # get max value @@ -750,24 +750,24 @@ :local Path [ :tostr $1 ]; :global CleanFilePath; - :global LogPrintExit2; + :global LogPrint; :global WaitForFile; :local MkTmpfs do={ - :global LogPrintExit2; + :global LogPrint; :global WaitForFile; :if ([ :len [ /disk/find where slot=tmpfs type=tmpfs ] ] = 1) do={ :return true; } - $LogPrintExit2 info $0 ("Creating disk of type tmpfs.") false; + $LogPrint info $0 ("Creating disk of type tmpfs."); /file/remove [ find where name="tmpfs" type="directory" ]; :do { /disk/add slot=tmpfs type=tmpfs tmpfs-max-size=([ /system/resource/get total-memory ] / 3); $WaitForFile "tmpfs"; } on-error={ - $LogPrintExit2 warning $0 ("Creating disk of type tmpfs failed!") false; + $LogPrint warning $0 ("Creating disk of type tmpfs failed!"); :return false; } :return true; @@ -795,7 +795,7 @@ $WaitForFile $File; /file/remove $File; } on-error={ - $LogPrintExit2 warning $0 ("Making directory '" . $Path . "' failed!") false; + $LogPrint warning $0 ("Making directory '" . $Path . "' failed!"); :return false; } @@ -926,18 +926,18 @@ :local Warn [ :tostr $3 ]; :global IfThenElse; - :global LogPrintExit2; + :global LogPrint; :global VersionToNum; :if (!($Required ~ "^\\d+\\.\\d+((alpha|beta|rc|\\.)\\d+|)\$")) do={ - $LogPrintExit2 error $0 ("No valid RouterOS version: " . $Required) false; + $LogPrint error $0 ("No valid RouterOS version: " . $Required); :return false; } :if ([ $VersionToNum $Required ] > [ $VersionToNum [ /system/package/update/get installed-version ] ]) do={ :if ($Warn = "true") do={ - $LogPrintExit2 warning $0 ("This " . [ $IfThenElse ([ :pick $Caller 0 ] = ("\$")) "function" "script" ] . \ - " '" . $Caller . "' (at least specific functionality) requires RouterOS " . $Required . ". Please update!") false; + $LogPrint warning $0 ("This " . [ $IfThenElse ([ :pick $Caller 0 ] = ("\$")) "function" "script" ] . \ + " '" . $Caller . "' (at least specific functionality) requires RouterOS " . $Required . ". Please update!"); } :return false; } @@ -948,7 +948,7 @@ :set ScriptFromTerminal do={ :local Script [ :tostr $1 ]; - :global LogPrintExit2; + :global LogPrint; :foreach Job in=[ /system/script/job/find where script=$Script ] do={ :set Job [ /system/script/job/get $Job ]; @@ -956,11 +956,11 @@ :set Job [ /system/script/job/get [ find where .id=($Job->"parent") ] ]; } :if (($Job->"type") = "login") do={ - $LogPrintExit2 debug $0 ("Script " . $Script . " started from terminal.") false; + $LogPrint debug $0 ("Script " . $Script . " started from terminal."); :return true; } } - $LogPrintExit2 debug $0 ("Script " . $Script . " NOT started from terminal.") false; + $LogPrint debug $0 ("Script " . $Script . " NOT started from terminal."); :return false; } @@ -982,7 +982,7 @@ :global EitherOr; :global Grep; :global IfThenElse; - :global LogPrintExit2; + :global LogPrint; :global LogPrintOnce; :global ParseKeyValueStore; :global RequiredRouterOS; @@ -991,12 +991,12 @@ :global ValidateSyntax; :if ([ $CertificateAvailable "E1" ] = false) do={ - $LogPrintExit2 warning $0 ("Downloading certificate failed, trying without.") false; + $LogPrint warning $0 ("Downloading certificate failed, trying without."); } :foreach Script in=$Scripts do={ :if ([ :len [ /system/script/find where name=$Script ] ] = 0) do={ - $LogPrintExit2 info $0 ("Adding new script: " . $Script) false; + $LogPrint info $0 ("Adding new script: " . $Script); /system/script/add name=$Script owner=$Script source="#!rsc by RouterOS\n" comment=$NewComment; } } @@ -1013,8 +1013,8 @@ :foreach Scheduler in=[ /system/scheduler/find where on-event~("\\b" . $ScriptVal->"name" . "\\b") ] do={ :local SchedulerVal [ /system/scheduler/get $Scheduler ]; :if ($ScriptVal->"policy" != $SchedulerVal->"policy") do={ - $LogPrintExit2 warning $0 ("Policies differ for script '" . $ScriptVal->"name" . \ - "' and its scheduler '" . $SchedulerVal->"name" . "'!") false; + $LogPrint warning $0 ("Policies differ for script '" . $ScriptVal->"name" . \ + "' and its scheduler '" . $SchedulerVal->"name" . "'!"); } } @@ -1023,7 +1023,7 @@ :local BaseUrl [ $EitherOr ($ScriptInfo->"base-url") $ScriptUpdatesBaseUrl ]; :local UrlSuffix [ $EitherOr ($ScriptInfo->"url-suffix") $ScriptUpdatesUrlSuffix ]; :local Url ($BaseUrl . $ScriptVal->"name" . ".rsc" . $UrlSuffix); - $LogPrintExit2 debug $0 ("Fetching script '" . $ScriptVal->"name" . "' from url: " . $Url) false; + $LogPrint debug $0 ("Fetching script '" . $ScriptVal->"name" . "' from url: " . $Url); :local Result [ /tool/fetch check-certificate=yes-without-crl \ http-header-field=({ $FetchUserAgent }) $Url output=user as-value ]; :if ($Result->"status" = "finished") do={ @@ -1031,11 +1031,11 @@ } } on-error={ :if ($ScriptVal->"source" = "#!rsc by RouterOS\n") do={ - $LogPrintExit2 warning $0 ("Failed fetching script '" . $ScriptVal->"name" . \ - "', removing dummy. Typo on installation?") false; + $LogPrint warning $0 ("Failed fetching script '" . $ScriptVal->"name" . \ + "', removing dummy. Typo on installation?"); /system/script/remove $Script; } else={ - $LogPrintExit2 warning $0 ("Failed fetching script '" . $ScriptVal->"name" . "'!") false; + $LogPrint warning $0 ("Failed fetching script '" . $ScriptVal->"name" . "'!"); } } } @@ -1046,7 +1046,7 @@ :local Required ([ $ParseKeyValueStore [ $Grep $SourceNew ("\23 requires RouterOS, ") ] ]->"version"); :if ([ $RequiredRouterOS $0 [ $EitherOr $Required "0.0" ] false ] = true) do={ :if ([ $ValidateSyntax $SourceNew ] = true) do={ - $LogPrintExit2 info $0 ("Updating script: " . $ScriptVal->"name") false; + $LogPrint info $0 ("Updating script: " . $ScriptVal->"name"); /system/script/set owner=($ScriptVal->"name") source=$SourceNew $Script; :if ($ScriptVal->"name" = "global-config") do={ :set ReloadGlobalConfig true; @@ -1055,48 +1055,48 @@ :set ReloadGlobalFunctions true; } } else={ - $LogPrintExit2 warning $0 ("Syntax validation for script '" . $ScriptVal->"name" . \ - "' failed! Ignoring!") false; + $LogPrint warning $0 ("Syntax validation for script '" . $ScriptVal->"name" . \ + "' failed! Ignoring!"); } } else={ $LogPrintOnce warning $0 ("The script '" . $ScriptVal->"name" . "' requires RouterOS " . \ $Required . ", which is not met by your installation. Ignoring!"); } } else={ - $LogPrintExit2 warning $0 ("Looks like new script '" . $ScriptVal->"name" . \ - "' is not valid (missing shebang). Ignoring!") false; + $LogPrint warning $0 ("Looks like new script '" . $ScriptVal->"name" . \ + "' is not valid (missing shebang). Ignoring!"); } } else={ - $LogPrintExit2 debug $0 ("Script '" . $ScriptVal->"name" . "' did not change.") false; + $LogPrint debug $0 ("Script '" . $ScriptVal->"name" . "' did not change."); } } else={ - $LogPrintExit2 debug $0 ("No update for script '" . $ScriptVal->"name" . "'.") false; + $LogPrint debug $0 ("No update for script '" . $ScriptVal->"name" . "'."); } } :if ($ReloadGlobalFunctions = true) do={ - $LogPrintExit2 info $0 ("Reloading global functions.") false; + $LogPrint info $0 ("Reloading global functions."); :do { /system/script/run global-functions; } on-error={ - $LogPrintExit2 error $0 ("Reloading global functions failed!") false; + $LogPrint error $0 ("Reloading global functions failed!"); } } :if ($ReloadGlobalConfig = true) do={ - $LogPrintExit2 info $0 ("Reloading global configuration.") false; + $LogPrint info $0 ("Reloading global configuration."); :do { /system/script/run global-config; } on-error={ - $LogPrintExit2 error $0 ("Reloading global configuration failed!" . \ - " Syntax error or missing overlay?") false; + $LogPrint error $0 ("Reloading global configuration failed!" . \ + " Syntax error or missing overlay?"); } } :if ($ExpectedConfigVersionBefore > $ExpectedConfigVersion) do={ - $LogPrintExit2 warning $0 ("The configuration version decreased from " . \ + $LogPrint warning $0 ("The configuration version decreased from " . \ $ExpectedConfigVersionBefore . " to " . $ExpectedConfigVersion . \ - ". Installed an older version?") false; + ". Installed an older version?"); } :if ($ExpectedConfigVersionBefore < $ExpectedConfigVersion) do={ @@ -1106,14 +1106,14 @@ :do { :local Url ($ScriptUpdatesBaseUrl . "news-and-changes.rsc" . $ScriptUpdatesUrlSuffix); - $LogPrintExit2 debug $0 ("Fetching news, changes and migration: " . $Url) false; + $LogPrint debug $0 ("Fetching news, changes and migration: " . $Url); :local Result [ /tool/fetch check-certificate=yes-without-crl \ http-header-field=({ $FetchUserAgent }) $Url output=user as-value ]; :if ($Result->"status" = "finished") do={ :set ChangeLogCode ($Result->"data"); } } on-error={ - $LogPrintExit2 warning $0 ("Failed fetching news, changes and migration!") false; + $LogPrint warning $0 ("Failed fetching news, changes and migration!"); } :if ([ :len $ChangeLogCode ] > 0) do={ @@ -1121,10 +1121,10 @@ :do { [ :parse $ChangeLogCode ]; } on-error={ - $LogPrintExit2 warning $0 ("The changelog failed to run!") false; + $LogPrint warning $0 ("The changelog failed to run!"); } } else={ - $LogPrintExit2 warning $0 ("The changelog failed syntax validation!") false; + $LogPrint warning $0 ("The changelog failed syntax validation!"); } } @@ -1133,14 +1133,14 @@ :local Migration ($GlobalConfigMigration->[ :tostr $I ]); :if ([ :typeof $Migration ] = "str") do={ :if ([ $ValidateSyntax $Migration ] = true) do={ - $LogPrintExit2 info $0 ("Applying migration for change " . $I . ": " . $Migration) false; + $LogPrint info $0 ("Applying migration for change " . $I . ": " . $Migration); :do { [ :parse $Migration ]; } on-error={ - $LogPrintExit2 warning $0 ("Migration code for change " . $I . " failed to run!") false; + $LogPrint warning $0 ("Migration code for change " . $I . " failed to run!"); } } else={ - $LogPrintExit2 warning $0 ("Migration code for change " . $I . " failed syntax validation!") false; + $LogPrint warning $0 ("Migration code for change " . $I . " failed syntax validation!"); } } } @@ -1149,7 +1149,7 @@ :local NotificationMessage ("The configuration version on " . $Identity . " increased " . \ "to " . $ExpectedConfigVersion . ", current configuration may need modification. " . \ "Please review and update global-config-overlay, then re-run global-config."); - $LogPrintExit2 info $0 ($NotificationMessage) false; + $LogPrint info $0 ($NotificationMessage); :if ([ :len $GlobalConfigChanges ] > 0) do={ :set NotificationMessage ($NotificationMessage . "\n\nChanges:"); @@ -1157,7 +1157,7 @@ :local Change ($GlobalConfigChanges->[ :tostr $I ]); :set NotificationMessage ($NotificationMessage . "\n " . \ [ $SymbolForNotification "pushpin" "*" ] . $Change); - $LogPrintExit2 info $0 ("Change " . $I . ": " . $Change) false; + $LogPrint info $0 ("Change " . $I . ": " . $Change); } } else={ :set NotificationMessage ($NotificationMessage . "\n\nNews and changes are not available."); @@ -1191,7 +1191,7 @@ :global GetRandom20CharAlNum; :global IfThenElse; - :global LogPrintExit2; + :global LogPrint; :global ScriptLockOrder; :if ([ :typeof $ScriptLockOrder ] = "nothing") do={ @@ -1277,15 +1277,17 @@ } :if ([ :len [ /system/script/find where name=$Script ] ] = 0) do={ - $LogPrintExit2 error $0 ("A script named '" . $Script . "' does not exist!") true; + $LogPrint error $0 ("A script named '" . $Script . "' does not exist!"); + :error false; } :if ([ $JobCount $Script ] = 0) do={ - $LogPrintExit2 error $0 ("No script '" . $Script . "' is running!") true; + $LogPrint error $0 ("No script '" . $Script . "' is running!"); + :error false; } :if ([ $TicketCount $Script ] >= [ $JobCount $Script ]) do={ - $LogPrintExit2 error $0 ("More tickets than running scripts '" . $Script . "', resetting!") false; + $LogPrint error $0 ("More tickets than running scripts '" . $Script . "', resetting!"); :set ($ScriptLockOrder->$Script) ({}); /system/script/job/remove [ find where script=$Script ]; } @@ -1306,8 +1308,8 @@ } $RemoveTicket $Script $MyTicket; - $LogPrintExit2 info $0 ("Script '" . $Script . "' started more than once" . [ $IfThenElse ($WaitCount > 0) \ - " and timed out waiting for lock" "" ] . "...") false; + $LogPrint info $0 ("Script '" . $Script . "' started more than once" . [ $IfThenElse ($WaitCount > 0) \ + " and timed out waiting for lock" "" ] . "..."); :return false; } @@ -1542,10 +1544,10 @@ :do { /system/script/run $Script; } on-error={ - $LogPrintExit2 error $0 ("Module '" . $ScriptVal->"name" . "' failed to run.") false; + $LogPrint error $0 ("Module '" . $ScriptVal->"name" . "' failed to run."); } } else={ - $LogPrintExit2 error $0 ("Module '" . $ScriptVal->"name" . "' failed syntax validation, skipping.") false; + $LogPrint error $0 ("Module '" . $ScriptVal->"name" . "' failed syntax validation, skipping."); } } From 5c567604ff14700ee90701e2b21af07fde4bd0ce Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 373/908] gps-track: switch to $LogPrint --- gps-track.rsc | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/gps-track.rsc b/gps-track.rsc index c40e2e0..1aeab84 100644 --- a/gps-track.rsc +++ b/gps-track.rsc @@ -17,7 +17,7 @@ :global GpsTrackUrl; :global Identity; - :global LogPrintExit2; + :global LogPrint; :global ScriptLock; :global WaitFullyConnected; @@ -38,13 +38,13 @@ "\"lon\":\"" . ($Gps->"longitude") . "\"," . \ "\"identity\":\"" . $Identity . "\"" . \ "}") as-value; - $LogPrintExit2 debug $ScriptName ("Sending GPS data in " . $CoordinateFormat . " format: " . \ + $LogPrint debug $ScriptName ("Sending GPS data in " . $CoordinateFormat . " format: " . \ "lat: " . ($Gps->"latitude") . " " . \ - "lon: " . ($Gps->"longitude")) false; + "lon: " . ($Gps->"longitude")); } on-error={ - $LogPrintExit2 warning $ScriptName ("Failed sending GPS data!") false; + $LogPrint warning $ScriptName ("Failed sending GPS data!"); } } else={ - $LogPrintExit2 debug $ScriptName ("GPS data not valid.") false; + $LogPrint debug $ScriptName ("GPS data not valid."); } } on-error={ } From d93ffb9cb28843f95a970fdaae0d8296546cbb9d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 374/908] hotspot-to-wpa-cleanup: switch to $LogPrint --- hotspot-to-wpa-cleanup.capsman.rsc | 14 +++++++------- hotspot-to-wpa-cleanup.template.rsc | 14 +++++++------- hotspot-to-wpa-cleanup.wifi.rsc | 14 +++++++------- 3 files changed, 21 insertions(+), 21 deletions(-) diff --git a/hotspot-to-wpa-cleanup.capsman.rsc b/hotspot-to-wpa-cleanup.capsman.rsc index ba74260..0540ad5 100644 --- a/hotspot-to-wpa-cleanup.capsman.rsc +++ b/hotspot-to-wpa-cleanup.capsman.rsc @@ -18,7 +18,7 @@ :local ScriptName [ :jobname ]; :global EitherOr; - :global LogPrintExit2; + :global LogPrint; :global ParseKeyValueStore; :global ScriptLock; @@ -41,8 +41,8 @@ :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \ mac-address=($ClientVal->"mac-address") ] do={ :if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) > 0s) do={ - $LogPrintExit2 info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ - " connected to WPA, making lease static.") false; + $LogPrint info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ + " connected to WPA, making lease static."); /ip/dhcp-server/lease/make-static $Lease; /ip/dhcp-server/lease/set comment=($ClientVal->"comment") $Lease; } @@ -54,8 +54,8 @@ :local ClientVal [ /caps-man/access-list/get $Client ]; :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \ mac-address=($ClientVal->"mac-address") ] ] = 0) do={ - $LogPrintExit2 info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ - " did not connect to WPA, removing from access list.") false; + $LogPrint info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ + " did not connect to WPA, removing from access list."); /caps-man/access-list/remove $Client; } } @@ -64,8 +64,8 @@ :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \ server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; - $LogPrintExit2 info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ - " was not seen for " . ($LeaseVal->"last-seen") . ", removing.") false; + $LogPrint info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ + " was not seen for " . ($LeaseVal->"last-seen") . ", removing."); /caps-man/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ mac-address=($LeaseVal->"mac-address") ]; /ip/dhcp-server/lease/remove $Lease; diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc index c46d75d..6f3b3e1 100644 --- a/hotspot-to-wpa-cleanup.template.rsc +++ b/hotspot-to-wpa-cleanup.template.rsc @@ -19,7 +19,7 @@ :local ScriptName [ :jobname ]; :global EitherOr; - :global LogPrintExit2; + :global LogPrint; :global ParseKeyValueStore; :global ScriptLock; @@ -44,8 +44,8 @@ :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \ mac-address=($ClientVal->"mac-address") ] do={ :if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) > 0s) do={ - $LogPrintExit2 info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ - " connected to WPA, making lease static.") false; + $LogPrint info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ + " connected to WPA, making lease static."); /ip/dhcp-server/lease/make-static $Lease; /ip/dhcp-server/lease/set comment=($ClientVal->"comment") $Lease; } @@ -59,8 +59,8 @@ :local ClientVal [ /interface/wifi/access-list/get $Client ]; :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \ mac-address=($ClientVal->"mac-address") ] ] = 0) do={ - $LogPrintExit2 info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ - " did not connect to WPA, removing from access list.") false; + $LogPrint info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ + " did not connect to WPA, removing from access list."); /caps-man/access-list/remove $Client; /interface/wifi/access-list/remove $Client; } @@ -70,8 +70,8 @@ :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \ server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; - $LogPrintExit2 info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ - " was not seen for " . ($LeaseVal->"last-seen") . ", removing.") false; + $LogPrint info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ + " was not seen for " . ($LeaseVal->"last-seen") . ", removing."); /caps-man/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ /interface/wifi/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ mac-address=($LeaseVal->"mac-address") ]; diff --git a/hotspot-to-wpa-cleanup.wifi.rsc b/hotspot-to-wpa-cleanup.wifi.rsc index 3e5799a..9c79628 100644 --- a/hotspot-to-wpa-cleanup.wifi.rsc +++ b/hotspot-to-wpa-cleanup.wifi.rsc @@ -18,7 +18,7 @@ :local ScriptName [ :jobname ]; :global EitherOr; - :global LogPrintExit2; + :global LogPrint; :global ParseKeyValueStore; :global ScriptLock; @@ -41,8 +41,8 @@ :foreach Lease in=[ /ip/dhcp-server/lease/find where dynamic \ mac-address=($ClientVal->"mac-address") ] do={ :if (($DHCPServers->[ /ip/dhcp-server/lease/get $Lease server ]) > 0s) do={ - $LogPrintExit2 info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ - " connected to WPA, making lease static.") false; + $LogPrint info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ + " connected to WPA, making lease static."); /ip/dhcp-server/lease/make-static $Lease; /ip/dhcp-server/lease/set comment=($ClientVal->"comment") $Lease; } @@ -54,8 +54,8 @@ :local ClientVal [ /interface/wifi/access-list/get $Client ]; :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \ mac-address=($ClientVal->"mac-address") ] ] = 0) do={ - $LogPrintExit2 info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ - " did not connect to WPA, removing from access list.") false; + $LogPrint info $ScriptName ("Client with mac address " . ($ClientVal->"mac-address") . \ + " did not connect to WPA, removing from access list."); /interface/wifi/access-list/remove $Client; } } @@ -64,8 +64,8 @@ :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \ server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; - $LogPrintExit2 info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ - " was not seen for " . ($LeaseVal->"last-seen") . ", removing.") false; + $LogPrint info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ + " was not seen for " . ($LeaseVal->"last-seen") . ", removing."); /interface/wifi/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ mac-address=($LeaseVal->"mac-address") ]; /ip/dhcp-server/lease/remove $Lease; From 369af473743623fd89685cdfd8bf31b3430ed489 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 375/908] hotspot-to-wpa: switch to $LogPrint --- hotspot-to-wpa.capsman.rsc | 15 ++++++++------- hotspot-to-wpa.template.rsc | 15 ++++++++------- hotspot-to-wpa.wifi.rsc | 15 ++++++++------- 3 files changed, 24 insertions(+), 21 deletions(-) diff --git a/hotspot-to-wpa.capsman.rsc b/hotspot-to-wpa.capsman.rsc index a6ad2a1..37c8464 100644 --- a/hotspot-to-wpa.capsman.rsc +++ b/hotspot-to-wpa.capsman.rsc @@ -17,7 +17,7 @@ :local ScriptName [ :jobname ]; :global EitherOr; - :global LogPrintExit2; + :global LogPrint; :global ParseKeyValueStore; :global ScriptLock; @@ -29,7 +29,8 @@ } :if ([ :typeof $MacAddress ] = "nothing" || [ :typeof $UserName ] = "nothing") do={ - $LogPrintExit2 error $ScriptName ("This script is supposed to run from hotspot on login.") true; + $LogPrint error $ScriptName ("This script is supposed to run from hotspot on login."); + :error false; } :local Date [ /system/clock/get date ]; @@ -42,28 +43,28 @@ :if ([ :len [ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ /caps-man/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; - $LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'.") false; + $LogPrint warning $ScriptName ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'."); } :local PlaceBefore ([ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); :if ([ :len [ /caps-man/access-list/find where \ comment=("hotspot-to-wpa template " . $Hotspot) disabled ] ] = 0) do={ /caps-man/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; - $LogPrintExit2 warning $ScriptName ("Added template in access-list for hotspot '" . $Hotspot . "'.") false; + $LogPrint warning $ScriptName ("Added template in access-list for hotspot '" . $Hotspot . "'."); } :local Template [ /caps-man/access-list/get ([ find where \ comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ]; :if ($Template->"action" = "reject") do={ - $LogPrintExit2 info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'.") false; + $LogPrint info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'."); :error true; } # allow login page to load :delay 1s; - $LogPrintExit2 info $ScriptName ("Adding/updating access-list entry for mac address " . $MacAddress . \ - " (user " . $UserName . ").") false; + $LogPrint info $ScriptName ("Adding/updating access-list entry for mac address " . $MacAddress . \ + " (user " . $UserName . ")."); /caps-man/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; /caps-man/access-list/add private-passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ mac-address=$MacAddress comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \ diff --git a/hotspot-to-wpa.template.rsc b/hotspot-to-wpa.template.rsc index b7869c4..cbce42a 100644 --- a/hotspot-to-wpa.template.rsc +++ b/hotspot-to-wpa.template.rsc @@ -18,7 +18,7 @@ :local ScriptName [ :jobname ]; :global EitherOr; - :global LogPrintExit2; + :global LogPrint; :global ParseKeyValueStore; :global ScriptLock; @@ -30,7 +30,8 @@ } :if ([ :typeof $MacAddress ] = "nothing" || [ :typeof $UserName ] = "nothing") do={ - $LogPrintExit2 error $ScriptName ("This script is supposed to run from hotspot on login.") true; + $LogPrint error $ScriptName ("This script is supposed to run from hotspot on login."); + :error false; } :local Date [ /system/clock/get date ]; @@ -45,7 +46,7 @@ :if ([ :len [ /interface/wifi/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ /caps-man/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; /interface/wifi/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; - $LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'.") false; + $LogPrint warning $ScriptName ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'."); } :local PlaceBefore ([ /caps-man/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); :local PlaceBefore ([ /interface/wifi/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); @@ -55,22 +56,22 @@ comment=("hotspot-to-wpa template " . $Hotspot) disabled ] ] = 0) do={ /caps-man/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; /interface/wifi/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; - $LogPrintExit2 warning $ScriptName ("Added template in access-list for hotspot '" . $Hotspot . "'.") false; + $LogPrint warning $ScriptName ("Added template in access-list for hotspot '" . $Hotspot . "'."); } :local Template [ /caps-man/access-list/get ([ find where \ :local Template [ /interface/wifi/access-list/get ([ find where \ comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ]; :if ($Template->"action" = "reject") do={ - $LogPrintExit2 info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'.") false; + $LogPrint info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'."); :error true; } # allow login page to load :delay 1s; - $LogPrintExit2 info $ScriptName ("Adding/updating access-list entry for mac address " . $MacAddress . \ - " (user " . $UserName . ").") false; + $LogPrint info $ScriptName ("Adding/updating access-list entry for mac address " . $MacAddress . \ + " (user " . $UserName . ")."); /caps-man/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; /interface/wifi/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; /caps-man/access-list/add private-passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ diff --git a/hotspot-to-wpa.wifi.rsc b/hotspot-to-wpa.wifi.rsc index e728d7f..86aeed7 100644 --- a/hotspot-to-wpa.wifi.rsc +++ b/hotspot-to-wpa.wifi.rsc @@ -17,7 +17,7 @@ :local ScriptName [ :jobname ]; :global EitherOr; - :global LogPrintExit2; + :global LogPrint; :global ParseKeyValueStore; :global ScriptLock; @@ -29,7 +29,8 @@ } :if ([ :typeof $MacAddress ] = "nothing" || [ :typeof $UserName ] = "nothing") do={ - $LogPrintExit2 error $ScriptName ("This script is supposed to run from hotspot on login.") true; + $LogPrint error $ScriptName ("This script is supposed to run from hotspot on login."); + :error false; } :local Date [ /system/clock/get date ]; @@ -42,28 +43,28 @@ :if ([ :len [ /interface/wifi/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ] ] = 0) do={ /interface/wifi/access-list/add comment="--- hotspot-to-wpa above ---" disabled=yes; - $LogPrintExit2 warning $ScriptName ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'.") false; + $LogPrint warning $ScriptName ("Added disabled access-list entry with comment '--- hotspot-to-wpa above ---'."); } :local PlaceBefore ([ /interface/wifi/access-list/find where comment="--- hotspot-to-wpa above ---" disabled ]->0); :if ([ :len [ /interface/wifi/access-list/find where \ comment=("hotspot-to-wpa template " . $Hotspot) disabled ] ] = 0) do={ /interface/wifi/access-list/add comment=("hotspot-to-wpa template " . $Hotspot) disabled=yes place-before=$PlaceBefore; - $LogPrintExit2 warning $ScriptName ("Added template in access-list for hotspot '" . $Hotspot . "'.") false; + $LogPrint warning $ScriptName ("Added template in access-list for hotspot '" . $Hotspot . "'."); } :local Template [ /interface/wifi/access-list/get ([ find where \ comment=("hotspot-to-wpa template " . $Hotspot) disabled ]->0) ]; :if ($Template->"action" = "reject") do={ - $LogPrintExit2 info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'.") false; + $LogPrint info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'."); :error true; } # allow login page to load :delay 1s; - $LogPrintExit2 info $ScriptName ("Adding/updating access-list entry for mac address " . $MacAddress . \ - " (user " . $UserName . ").") false; + $LogPrint info $ScriptName ("Adding/updating access-list entry for mac address " . $MacAddress . \ + " (user " . $UserName . ")."); /interface/wifi/access-list/remove [ find where mac-address=$MacAddress comment~"^hotspot-to-wpa: " ]; /interface/wifi/access-list/add passphrase=($UserVal->"password") ssid-regexp="-wpa\$" \ mac-address=$MacAddress comment=("hotspot-to-wpa: " . $UserName . ", " . $MacAddress . ", " . $Date) \ From 56e39123b92fa0c6f20ed47bcc870db6ab1a4cd1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 376/908] ipsec-to-dns: switch to $LogPrint --- ipsec-to-dns.rsc | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/ipsec-to-dns.rsc b/ipsec-to-dns.rsc index 03abf59..dd40ca2 100644 --- a/ipsec-to-dns.rsc +++ b/ipsec-to-dns.rsc @@ -22,7 +22,7 @@ :global CharacterReplace; :global EscapeForRegEx; :global IfThenElse; - :global LogPrintExit2; + :global LogPrint; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ @@ -38,7 +38,7 @@ :if ([ :len [ /ip/dns/static/find where (name=$CommentString or (comment=$CommentString and name=-)) type=NXDOMAIN disabled ] ] = 0) do={ /ip/dns/static/add name=$CommentString type=NXDOMAIN disabled=yes; - $LogPrintExit2 warning $ScriptName ("Added disabled static dns record with name '" . $CommentString . "'.") false; + $LogPrint warning $ScriptName ("Added disabled static dns record with name '" . $CommentString . "'."); } :local PlaceBefore ([ /ip/dns/static/find where (name=$CommentString or (comment=$CommentString and name=-)) type=NXDOMAIN disabled ]->0); @@ -47,10 +47,10 @@ :local PeerId [ $CharacterReplace ($DnsRecordVal->"comment") $CommentPrefix "" ]; :if ([ :len [ /ip/ipsec/active-peers/find where id~("^(CN=)?" . [ $EscapeForRegEx $PeerId ] . "\$") \ dynamic-address=($DnsRecordVal->"address") ] ] > 0) do={ - $LogPrintExit2 debug $ScriptName ("Peer " . $PeerId . " (" . $DnsRecordVal->"name" . ") still exists. Not deleting DNS entry.") false; + $LogPrint debug $ScriptName ("Peer " . $PeerId . " (" . $DnsRecordVal->"name" . ") still exists. Not deleting DNS entry."); } else={ :local Found false; - $LogPrintExit2 info $ScriptName ("Peer " . $PeerId . " (" . $DnsRecordVal->"name" . ") has gone, deleting DNS entry.") false; + $LogPrint info $ScriptName ("Peer " . $PeerId . " (" . $DnsRecordVal->"name" . ") has gone, deleting DNS entry."); /ip/dns/static/remove $DnsRecord; } } @@ -66,13 +66,13 @@ :if ([ :len $DnsRecord ] > 0) do={ :local DnsIp [ /ip/dns/static/get $DnsRecord address ]; :if ($DnsIp = $PeerVal->"dynamic-address") do={ - $LogPrintExit2 debug $ScriptName ("DNS entry for " . $Fqdn . " does not need updating.") false; + $LogPrint debug $ScriptName ("DNS entry for " . $Fqdn . " does not need updating."); } else={ - $LogPrintExit2 info $ScriptName ("Replacing DNS entry for " . $Fqdn . ", new address is " . $PeerVal->"dynamic-address" . ".") false; + $LogPrint info $ScriptName ("Replacing DNS entry for " . $Fqdn . ", new address is " . $PeerVal->"dynamic-address" . "."); /ip/dns/static/set name=$Fqdn address=($PeerVal->"dynamic-address") ttl=$Ttl comment=$Comment $DnsRecord; } } else={ - $LogPrintExit2 info $ScriptName ("Adding new DNS entry for " . $Fqdn . ", address is " . $PeerVal->"dynamic-address" . ".") false; + $LogPrint info $ScriptName ("Adding new DNS entry for " . $Fqdn . ", address is " . $PeerVal->"dynamic-address" . "."); /ip/dns/static/add name=$Fqdn address=($PeerVal->"dynamic-address") ttl=$Ttl comment=$Comment place-before=$PlaceBefore; } } From 1f938efcaff3e4c67b5be25762c97dce75fa104c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 377/908] ipv6-update: switch to $LogPrint --- ipv6-update.rsc | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/ipv6-update.rsc b/ipv6-update.rsc index 8ce1e4d..65bb959 100644 --- a/ipv6-update.rsc +++ b/ipv6-update.rsc @@ -14,7 +14,7 @@ :do { :local ScriptName [ :jobname ]; - :global LogPrintExit2; + :global LogPrint; :global ParseKeyValueStore; :global ScriptLock; @@ -25,19 +25,20 @@ } :if ([ :typeof $PdPrefix ] = "nothing") do={ - $LogPrintExit2 error $ScriptName ("This script is supposed to run from ipv6 dhcp-client.") true; + $LogPrint error $ScriptName ("This script is supposed to run from ipv6 dhcp-client."); + :error false; } :local Pool [ /ipv6/pool/get [ find where prefix=$PdPrefix ] name ]; :if ([ :len [ /ipv6/firewall/address-list/find where comment=("ipv6-pool-" . $Pool) ] ] = 0) do={ /ipv6/firewall/address-list/add list=("ipv6-pool-" . $Pool) address=:: comment=("ipv6-pool-" . $Pool); - $LogPrintExit2 warning $ScriptName ("Added ipv6 address list entry for ipv6-pool-" . $Pool) false; + $LogPrint warning $ScriptName ("Added ipv6 address list entry for ipv6-pool-" . $Pool); } :local AddrList [ /ipv6/firewall/address-list/find where comment=("ipv6-pool-" . $Pool) ]; :local OldPrefix [ /ipv6/firewall/address-list/get ($AddrList->0) address ]; :if ($OldPrefix != $PdPrefix) do={ - $LogPrintExit2 info $ScriptName ("Updating IPv6 address list with new IPv6 prefix " . $PdPrefix) false; + $LogPrint info $ScriptName ("Updating IPv6 address list with new IPv6 prefix " . $PdPrefix); /ipv6/firewall/address-list/set address=$PdPrefix $AddrList; # give the interfaces a moment to receive their addresses @@ -56,12 +57,12 @@ :local Address ($ListEntryVal->"address"); :local Address ($Prefix | ([ :toip6 [ :pick $Address 0 [ :find $Address "/128" ] ] ] & ::ffff:ffff:ffff:ffff)); - $LogPrintExit2 info $ScriptName ("Updating IPv6 address list with new IPv6 host address " . $Address . \ - " from interface " . ($Comment->"interface")) false; + $LogPrint info $ScriptName ("Updating IPv6 address list with new IPv6 host address " . $Address . \ + " from interface " . ($Comment->"interface")); /ipv6/firewall/address-list/set address=$Address $ListEntry; } else={ - $LogPrintExit2 info $ScriptName ("Updating IPv6 address list with new IPv6 prefix " . $Prefix . \ - " from interface " . ($Comment->"interface")) false; + $LogPrint info $ScriptName ("Updating IPv6 address list with new IPv6 prefix " . $Prefix . \ + " from interface " . ($Comment->"interface")); /ipv6/firewall/address-list/set address=$Prefix $ListEntry; } } @@ -77,8 +78,8 @@ :set Prefix ([ :toip6 [ :pick $Prefix 0 [ :find $Prefix "/64" ] ] ] & ffff:ffff:ffff:ffff::); :local Address ($Prefix | ([ :toip6 ($RecordVal->"address") ] & ::ffff:ffff:ffff:ffff)); - $LogPrintExit2 info $ScriptName ("Updating DNS record for " . ($RecordVal->"name") . \ - ($RecordVal->"regexp") . " to " . $Address) false; + $LogPrint info $ScriptName ("Updating DNS record for " . ($RecordVal->"name") . \ + ($RecordVal->"regexp") . " to " . $Address); /ip/dns/static/set address=$Address $Record; } } From 29a72e54dce7ad5a65b46d5b403db1ccec3c9c3e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 378/908] lease-script: switch to $LogPrint --- lease-script.rsc | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/lease-script.rsc b/lease-script.rsc index 0f6b7f8..8e1e8f6 100644 --- a/lease-script.rsc +++ b/lease-script.rsc @@ -16,7 +16,7 @@ :global Grep; :global IfThenElse; - :global LogPrintExit2; + :global LogPrint; :global ParseKeyValueStore; :global ScriptLock; @@ -24,18 +24,19 @@ [ :typeof $leaseActMAC ] = "nothing" || \ [ :typeof $leaseServerName ] = "nothing" || \ [ :typeof $leaseBound ] = "nothing") do={ - $LogPrintExit2 error $ScriptName ("This script is supposed to run from ip dhcp-server.") true; + $LogPrint error $ScriptName ("This script is supposed to run from ip dhcp-server."); + :error false; } - $LogPrintExit2 debug $ScriptName ("DHCP Server " . $leaseServerName . " " . [ $IfThenElse ($leaseBound = 0) \ - "de" "" ] . "assigned lease " . $leaseActIP . " to " . $leaseActMAC) false; + $LogPrint debug $ScriptName ("DHCP Server " . $leaseServerName . " " . [ $IfThenElse ($leaseBound = 0) \ + "de" "" ] . "assigned lease " . $leaseActIP . " to " . $leaseActMAC); :if ([ $ScriptLock $ScriptName 10 ] = false) do={ :error false; } :if ([ :len [ /system/script/job/find where script=$ScriptName ] ] > 1) do={ - $LogPrintExit2 debug $ScriptName ("More invocations are waiting, exiting early.") false; + $LogPrint debug $ScriptName ("More invocations are waiting, exiting early."); :error true; } @@ -49,10 +50,10 @@ :foreach Order,Script in=$RunOrder do={ :do { - $LogPrintExit2 debug $ScriptName ("Running script with order " . $Order . ": " . $Script) false; + $LogPrint debug $ScriptName ("Running script with order " . $Order . ": " . $Script); /system/script/run $Script; } on-error={ - $LogPrintExit2 warning $ScriptName ("Running script '" . $Script . "' failed!") false; + $LogPrint warning $ScriptName ("Running script '" . $Script . "' failed!"); } } } on-error={ } From f8c79abd382a3859297f87071a0836d6d9480bdc Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 379/908] log-forward: switch to $LogPrint --- log-forward.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/log-forward.rsc b/log-forward.rsc index 09e3b84..a919d8f 100644 --- a/log-forward.rsc +++ b/log-forward.rsc @@ -26,7 +26,7 @@ :global HexToNum; :global IfThenElse; :global LogForwardFilterLogForwarding; - :global LogPrintExit2; + :global LogPrint; :global MAX; :global ScriptLock; :global SendNotification2; @@ -42,7 +42,7 @@ :if ($LogForwardRateLimit > 30) do={ :set LogForwardRateLimit ($LogForwardRateLimit - 1); - $LogPrintExit2 info $ScriptName ("Rate limit in action, not forwarding logs, if any!") false; + $LogPrint info $ScriptName ("Rate limit in action, not forwarding logs, if any!"); :error false; } From b7983d18c41d61746671a55ec2b9795eba8477bc Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 380/908] mod/bridge-port-to: switch to $LogPrint --- mod/bridge-port-to.rsc | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/mod/bridge-port-to.rsc b/mod/bridge-port-to.rsc index a78f31b..441094f 100644 --- a/mod/bridge-port-to.rsc +++ b/mod/bridge-port-to.rsc @@ -12,7 +12,7 @@ :local BridgePortTo [ :tostr $1 ]; :global IfThenElse; - :global LogPrintExit2; + :global LogPrint; :global ParseKeyValueStore; :local InterfaceReEnable ({}); @@ -24,21 +24,22 @@ :if ($BridgeDefault = "dhcp-client") do={ :if ([ :len $DHCPClient ] != 1) do={ - $LogPrintExit2 warning $0 ([ $IfThenElse ([ :len $DHCPClient ] = 0) "Missing" "Duplicate" ] . \ - " dhcp client configuration for interface " . $BridgePortVal->"interface" . "!") true; + $LogPrint warning $0 ([ $IfThenElse ([ :len $DHCPClient ] = 0) "Missing" "Duplicate" ] . \ + " dhcp client configuration for interface " . $BridgePortVal->"interface" . "!"); + :error false; } :local DHCPClientDisabled [ /ip/dhcp-client/get $DHCPClient disabled ]; :if ($BridgePortVal->"disabled" = false || $DHCPClientDisabled = true) do={ - $LogPrintExit2 info $0 ("Disabling bridge port for interface " . $BridgePortVal->"interface" . ", enabling dhcp client.") false; + $LogPrint info $0 ("Disabling bridge port for interface " . $BridgePortVal->"interface" . ", enabling dhcp client."); /interface/bridge/port/disable $BridgePort; :delay 200ms; /ip/dhcp-client/enable $DHCPClient; } } else={ :if ($BridgePortVal->"disabled" = true || $BridgeDefault != $BridgePortVal->"bridge") do={ - $LogPrintExit2 info $0 ("Enabling bridge port for interface " . $BridgePortVal->"interface" . ", changing to " . $BridgePortTo . \ - " bridge " . $BridgeDefault . ", disabling dhcp client.") false; + $LogPrint info $0 ("Enabling bridge port for interface " . $BridgePortVal->"interface" . ", changing to " . $BridgePortTo . \ + " bridge " . $BridgeDefault . ", disabling dhcp client."); :if ([ :len $DHCPClient ] = 1) do={ /ip/dhcp-client/disable $DHCPClient; :delay 200ms; @@ -50,8 +51,8 @@ } /interface/bridge/port/set disabled=no bridge=$BridgeDefault $BridgePort; } else={ - $LogPrintExit2 debug $0 ("Interface " . $BridgePortVal->"interface" . " already connected to " . $BridgePortTo . \ - " bridge " . $BridgeDefault . ".") false; + $LogPrint debug $0 ("Interface " . $BridgePortVal->"interface" . " already connected to " . $BridgePortTo . \ + " bridge " . $BridgeDefault . "."); } } } @@ -59,7 +60,7 @@ } :if ([ :len $InterfaceReEnable ] > 0) do={ :delay 5s; - $LogPrintExit2 info $0 ("Re-enabling interfaces...") false; + $LogPrint info $0 ("Re-enabling interfaces..."); /interface/ethernet/enable $InterfaceReEnable; } } From bdcf43a6f6644d0f88a1d38e4b28e90566d77d23 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 381/908] mod/bridge-port-vlan: switch to $LogPrint --- mod/bridge-port-vlan.rsc | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/mod/bridge-port-vlan.rsc b/mod/bridge-port-vlan.rsc index 72cf772..522e9a6 100644 --- a/mod/bridge-port-vlan.rsc +++ b/mod/bridge-port-vlan.rsc @@ -12,7 +12,7 @@ :local ConfigTo [ :tostr $1 ]; :global IfThenElse; - :global LogPrintExit2; + :global LogPrint; :global ParseKeyValueStore; :local InterfaceReEnable ({}); @@ -24,13 +24,14 @@ :if ($Vlan = "dhcp-client") do={ :if ([ :len $DHCPClient ] != 1) do={ - $LogPrintExit2 warning $0 ([ $IfThenElse ([ :len $DHCPClient ] = 0) "Missing" "Duplicate" ] . \ - " dhcp client configuration for interface " . $BridgePortVal->"interface" . "!") true; + $LogPrint warning $0 ([ $IfThenElse ([ :len $DHCPClient ] = 0) "Missing" "Duplicate" ] . \ + " dhcp client configuration for interface " . $BridgePortVal->"interface" . "!"); + :error false; } :local DHCPClientDisabled [ /ip/dhcp-client/get $DHCPClient disabled ]; :if ($BridgePortVal->"disabled" = false || $DHCPClientDisabled = true) do={ - $LogPrintExit2 info $0 ("Disabling bridge port for interface " . $BridgePortVal->"interface" . ", enabling dhcp client.") false; + $LogPrint info $0 ("Disabling bridge port for interface " . $BridgePortVal->"interface" . ", enabling dhcp client."); /interface/bridge/port/disable $BridgePort; :delay 200ms; /ip/dhcp-client/enable $DHCPClient; @@ -41,12 +42,13 @@ :do { :set $Vlan ([ /interface/bridge/vlan/get [ find where comment=$Vlan ] vlan-ids ]->0); } on-error={ - $LogPrintExit2 warning $0 ("Could not find VLAN '" . $Vlan . "' for interface " . $BridgePortVal->"interface" . "!") true; + $LogPrint warning $0 ("Could not find VLAN '" . $Vlan . "' for interface " . $BridgePortVal->"interface" . "!"); + :error false; } } :if ($BridgePortVal->"disabled" = true || $Vlan != $BridgePortVal->"pvid") do={ - $LogPrintExit2 info $0 ("Enabling bridge port for interface " . $BridgePortVal->"interface" . ", changing to " . $ConfigTo . \ - " vlan " . $Vlan . [ $IfThenElse ($Vlan != $VlanName) (" (" . $VlanName . ")") ] . ", disabling dhcp client.") false; + $LogPrint info $0 ("Enabling bridge port for interface " . $BridgePortVal->"interface" . ", changing to " . $ConfigTo . \ + " vlan " . $Vlan . [ $IfThenElse ($Vlan != $VlanName) (" (" . $VlanName . ")") ] . ", disabling dhcp client."); :if ([ :len $DHCPClient ] = 1) do={ /ip/dhcp-client/disable $DHCPClient; :delay 200ms; @@ -58,8 +60,8 @@ } /interface/bridge/port/set disabled=no pvid=$Vlan $BridgePort; } else={ - $LogPrintExit2 debug $0 ("Interface " . $BridgePortVal->"interface" . " already connected to " . $ConfigTo . \ - " vlan " . $Vlan . ".") false; + $LogPrint debug $0 ("Interface " . $BridgePortVal->"interface" . " already connected to " . $ConfigTo . \ + " vlan " . $Vlan . "."); } } } @@ -67,7 +69,7 @@ } :if ([ :len $InterfaceReEnable ] > 0) do={ :delay 5s; - $LogPrintExit2 info $0 ("Re-enabling interfaces...") false; + $LogPrint info $0 ("Re-enabling interfaces..."); /interface/ethernet/enable $InterfaceReEnable; } } From 9b8d3f7970dbdddeb2a51db06f8358d8a195526d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 382/908] mod/notification-email: switch to $LogPrint --- mod/notification-email.rsc | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index 88bfdac..78192f3 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -24,7 +24,7 @@ :global EitherOr; :global IsDNSResolving; :global IsTimeSync; - :global LogPrintExit2; + :global LogPrint; :local AllDone true; :local QueueLen [ :len $EmailQueue ]; @@ -35,23 +35,23 @@ } :if ([ /tool/e-mail/get last-status ] = "in-progress") do={ - $LogPrintExit2 debug $0 ("Sending mail is currently in progress, not flushing.") false; + $LogPrint debug $0 ("Sending mail is currently in progress, not flushing."); :return false; } :if ([ $IsTimeSync ] = false) do={ - $LogPrintExit2 debug $0 ("Time is not synced, not flushing.") false; + $LogPrint debug $0 ("Time is not synced, not flushing."); :return false; } :local EMailSettings [ /tool/e-mail/get ]; :if ([ :typeof [ :toip ($EMailSettings->"server") ] ] != "ip" && [ $IsDNSResolving ] = false) do={ - $LogPrintExit2 debug $0 ("Server address is a DNS name and resolving fails, not flushing.") false; + $LogPrint debug $0 ("Server address is a DNS name and resolving fails, not flushing."); :return false; } :if ([ :len $Scheduler ] > 0 && $QueueLen = 0) do={ - $LogPrintExit2 warning $0 ("Flushing E-Mail messages from scheduler, but queue is empty.") false; + $LogPrint warning $0 ("Flushing E-Mail messages from scheduler, but queue is empty."); } /system/scheduler/set interval=([ $EitherOr $QueueLen 1 ] . "m") comment="Sending..." $Scheduler; @@ -64,7 +64,7 @@ :if ([ :len [ /file/find where name=$File ] ] = 1) do={ :set Attach ($Attach, $File); } else={ - $LogPrintExit2 warning $0 ("File '" . $File . "' does not exist, can not attach.") false; + $LogPrint warning $0 ("File '" . $File . "' does not exist, can not attach."); } } /tool/e-mail/send to=($Message->"to") cc=($Message->"cc") subject=($Message->"subject") \ From 279993e965a934c6f4c2f30f4c97aa09ab03158e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 383/908] mod/notification-matrix: switch to $LogPrint --- mod/notification-matrix.rsc | 41 +++++++++++++++++++++---------------- 1 file changed, 23 insertions(+), 18 deletions(-) diff --git a/mod/notification-matrix.rsc b/mod/notification-matrix.rsc index 8884b08..c4fe100 100644 --- a/mod/notification-matrix.rsc +++ b/mod/notification-matrix.rsc @@ -20,10 +20,10 @@ :global MatrixQueue; :global IsFullyConnected; - :global LogPrintExit2; + :global LogPrint; :if ([ $IsFullyConnected ] = false) do={ - $LogPrintExit2 debug $0 ("System is not fully connected, not flushing.") false; + $LogPrint debug $0 ("System is not fully connected, not flushing."); :return false; } @@ -31,7 +31,7 @@ :local QueueLen [ :len $MatrixQueue ]; :if ([ :len [ /system/scheduler/find where name="_FlushMatrixQueue" ] ] > 0 && $QueueLen = 0) do={ - $LogPrintExit2 warning $0 ("Flushing Matrix messages from scheduler, but queue is empty.") false; + $LogPrint warning $0 ("Flushing Matrix messages from scheduler, but queue is empty."); } :foreach Id,Message in=$MatrixQueue do={ @@ -45,7 +45,7 @@ $Message->"formatted" . "\" }") as-value; :set ($MatrixQueue->$Id); } on-error={ - $LogPrintExit2 debug $0 ("Sending queued Matrix message failed.") false; + $LogPrint debug $0 ("Sending queued Matrix message failed."); :set AllDone false; } } @@ -72,7 +72,7 @@ :global MatrixRoomOverride; :global EitherOr; - :global LogPrintExit2; + :global LogPrint; :global SymbolForNotification; :local PrepareText do={ @@ -134,7 +134,7 @@ "\"format\": \"org.matrix.custom.html\", \"formatted_body\": \"" . \ $Formatted . "\" }") as-value; } on-error={ - $LogPrintExit2 info $0 ("Failed sending Matrix notification! Queuing...") false; + $LogPrint info $0 ("Failed sending Matrix notification! Queuing..."); :if ([ :typeof $MatrixQueue ] = "nothing") do={ :set MatrixQueue ({}); @@ -184,7 +184,7 @@ :local Pass [ :tostr $2 ]; :global CharacterReplace; - :global LogPrintExit2; + :global LogPrint; :global ParseJson; :global MatrixAccessToken; @@ -195,9 +195,10 @@ :local Data ([ /tool/fetch check-certificate=yes-without-crl output=user \ ("https://" . $Domain . "/.well-known/matrix/client") as-value ]->"data"); :set MatrixHomeServer ([ $ParseJson ([ $ParseJson [ $CharacterReplace $Data " " "" ] ]->"m.homeserver") ]->"base_url"); - $LogPrintExit2 debug $0 ("Home server is: " . $MatrixHomeServer) false; + $LogPrint debug $0 ("Home server is: " . $MatrixHomeServer); } on-error={ - $LogPrintExit2 error $0 ("Failed getting home server!") true; + $LogPrint error $0 ("Failed getting home server!"); + :error false; } :if ([ :pick $MatrixHomeServer 0 8 ] = "https://") do={ @@ -209,18 +210,20 @@ http-method=post http-data=("{\"type\":\"m.login.password\", \"user\":\"" . $User . "\", \"password\":\"" . $Pass . "\"}") \ ("https://" . $MatrixHomeServer . "/_matrix/client/r0/login") as-value ]->"data"); :set MatrixAccessToken ([ $ParseJson $Data ]->"access_token"); - $LogPrintExit2 debug $0 ("Access token is: " . $MatrixAccessToken) false; + $LogPrint debug $0 ("Access token is: " . $MatrixAccessToken); } on-error={ - $LogPrintExit2 error $0 ("Failed logging in (and getting access token)!") true; + $LogPrint error $0 ("Failed logging in (and getting access token)!"); + :error false; } :do { /system/script/set global-config-overlay source=([ get global-config-overlay source ] . "\n" . \ ":global MatrixHomeServer \"" . $MatrixHomeServer . "\";\n" . \ ":global MatrixAccessToken \"" . $MatrixAccessToken . "\";\n"); - $LogPrintExit2 info $0 ("Appended configuration to global-config-overlay. Now create and join a room, please!") false; + $LogPrint info $0 ("Appended configuration to global-config-overlay. Now create and join a room, please!"); } on-error={ - $LogPrintExit2 error $0 ("Failed appending configuration to global-config-overlay!") true; + $LogPrint error $0 ("Failed appending configuration to global-config-overlay!"); + :error false; } } @@ -228,7 +231,7 @@ :set SetupMatrixJoinRoom do={ :global MatrixRoom [ :tostr $1 ]; - :global LogPrintExit2; + :global LogPrint; :global UrlEncode; :global MatrixAccessToken; @@ -240,16 +243,18 @@ http-method=post http-data="" \ ("https://" . $MatrixHomeServer . "/_matrix/client/r0/rooms/" . [ $UrlEncode $MatrixRoom ] . \ "/join?access_token=" . [ $UrlEncode $MatrixAccessToken ]) as-value; - $LogPrintExit2 debug $0 ("Joined the room.") false; + $LogPrint debug $0 ("Joined the room."); } on-error={ - $LogPrintExit2 error $0 ("Failed joining the room!") true; + $LogPrint error $0 ("Failed joining the room!"); + :error false; } :do { /system/script/set global-config-overlay source=([ get global-config-overlay source ] . "\n" . \ ":global MatrixRoom \"" . $MatrixRoom . "\";\n"); - $LogPrintExit2 info $0 ("Appended configuration to global-config-overlay. Please review and cleanup!") false; + $LogPrint info $0 ("Appended configuration to global-config-overlay. Please review and cleanup!"); } on-error={ - $LogPrintExit2 error $0 ("Failed appending configuration to global-config-overlay!") true; + $LogPrint error $0 ("Failed appending configuration to global-config-overlay!"); + :error false; } } From fb88521ed5ba5012cec11824f19c92ded44c4ce1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 384/908] mod/notification-ntfy: switch to $LogPrint --- mod/notification-ntfy.rsc | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/mod/notification-ntfy.rsc b/mod/notification-ntfy.rsc index 4dc6d84..6d48a59 100644 --- a/mod/notification-ntfy.rsc +++ b/mod/notification-ntfy.rsc @@ -18,10 +18,10 @@ :global NtfyMessageIDs; :global IsFullyConnected; - :global LogPrintExit2; + :global LogPrint; :if ([ $IsFullyConnected ] = false) do={ - $LogPrintExit2 debug $0 ("System is not fully connected, not flushing.") false; + $LogPrint debug $0 ("System is not fully connected, not flushing."); :return false; } @@ -29,7 +29,7 @@ :local QueueLen [ :len $NtfyQueue ]; :if ([ :len [ /system/scheduler/find where name="_FlushNtfyQueue" ] ] > 0 && $QueueLen = 0) do={ - $LogPrintExit2 warning $0 ("Flushing Ntfy messages from scheduler, but queue is empty.") false; + $LogPrint warning $0 ("Flushing Ntfy messages from scheduler, but queue is empty."); } :foreach Id,Message in=$NtfyQueue do={ @@ -39,7 +39,7 @@ ($Message->"url") http-header-field=($Message->"headers") http-data=($Message->"text") as-value; :set ($NtfyQueue->$Id); } on-error={ - $LogPrintExit2 debug $0 ("Sending queued Ntfy message failed.") false; + $LogPrint debug $0 ("Sending queued Ntfy message failed."); :set AllDone false; } } @@ -66,7 +66,7 @@ :global CertificateAvailable; :global EitherOr; :global IfThenElse; - :global LogPrintExit2; + :global LogPrint; :global SymbolForNotification; :global UrlEncode; @@ -88,13 +88,14 @@ :do { :if ($NtfyServer = "ntfy.sh") do={ :if ([ $CertificateAvailable "R3" ] = false) do={ - $LogPrintExit2 warning $0 ("Downloading required certificate failed.") true; + $LogPrint warning $0 ("Downloading required certificate failed."); + :error false; } } /tool/fetch check-certificate=yes-without-crl output=none http-method=post \ $Url http-header-field=$Headers http-data=$Text as-value; } on-error={ - $LogPrintExit2 info $0 ("Failed sending ntfy notification! Queuing...") false; + $LogPrint info $0 ("Failed sending ntfy notification! Queuing..."); :if ([ :typeof $NtfyQueue ] = "nothing") do={ :set NtfyQueue ({}); From 699f09c2820abb156cf6ca4f45fe3a8285b11a81 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 385/908] mod/notification-telegram: switch to $LogPrint --- mod/notification-telegram.rsc | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index 5b79135..506ec80 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -18,12 +18,12 @@ :global TelegramMessageIDs; :global IsFullyConnected; - :global LogPrintExit2; + :global LogPrint; :global ParseJson; :global UrlEncode; :if ([ $IsFullyConnected ] = false) do={ - $LogPrintExit2 debug $0 ("System is not fully connected, not flushing.") false; + $LogPrint debug $0 ("System is not fully connected, not flushing."); :return false; } @@ -31,7 +31,7 @@ :local QueueLen [ :len $TelegramQueue ]; :if ([ :len [ /system/scheduler/find where name="_FlushTelegramQueue" ] ] > 0 && $QueueLen = 0) do={ - $LogPrintExit2 warning $0 ("Flushing Telegram messages from scheduler, but queue is empty.") false; + $LogPrint warning $0 ("Flushing Telegram messages from scheduler, but queue is empty."); } :foreach Id,Message in=$TelegramQueue do={ @@ -45,7 +45,7 @@ :set ($TelegramQueue->$Id); :set ($TelegramMessageIDs->([ $ParseJson ([ $ParseJson $Data ]->"result") ]->"message_id")) 1; } on-error={ - $LogPrintExit2 debug $0 ("Sending queued Telegram message failed.") false; + $LogPrint debug $0 ("Sending queued Telegram message failed."); :set AllDone false; } } @@ -74,7 +74,7 @@ :global CharacterReplace; :global EitherOr; :global IfThenElse; - :global LogPrintExit2; + :global LogPrint; :global ParseJson; :global SymbolForNotification; :global UrlEncode; @@ -136,7 +136,8 @@ :do { :if ([ $CertificateAvailable "Go Daddy Secure Certificate Authority - G2" ] = false) do={ - $LogPrintExit2 warning $0 ("Downloading required certificate failed.") true; + $LogPrint warning $0 ("Downloading required certificate failed."); + :error false; } :local Data ([ /tool/fetch check-certificate=yes-without-crl output=user http-method=post \ ("https://api.telegram.org/bot" . $TokenId . "/sendMessage") \ @@ -145,7 +146,7 @@ "&parse_mode=MarkdownV2&text=" . [ $UrlEncode $Text ]) as-value ]->"data"); :set ($TelegramMessageIDs->([ $ParseJson ([ $ParseJson $Data ]->"result") ]->"message_id")) 1; } on-error={ - $LogPrintExit2 info $0 ("Failed sending telegram notification! Queuing...") false; + $LogPrint info $0 ("Failed sending telegram notification! Queuing..."); :if ([ :typeof $TelegramQueue ] = "nothing") do={ :set TelegramQueue ({}); From 8c62c31604d00bc12ddd548da4c8cbd46c0de383 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 386/908] mod/scriptrunonce: switch to $LogPrint --- mod/scriptrunonce.rsc | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/mod/scriptrunonce.rsc b/mod/scriptrunonce.rsc index 38348a0..ffb1aff 100644 --- a/mod/scriptrunonce.rsc +++ b/mod/scriptrunonce.rsc @@ -15,13 +15,14 @@ :global ScriptRunOnceBaseUrl; :global ScriptRunOnceUrlSuffix; - :global LogPrintExit2; + :global LogPrint; :global ValidateSyntax; :foreach Script in=$Scripts do={ :if (!($Script ~ "^(ftp|https?|sftp)://")) do={ :if ([ :len $ScriptRunOnceBaseUrl ] = 0) do={ - $LogPrintExit2 warning $0 ("Script '" . $Script . "' is not an url and base url is not available.") true; + $LogPrint warning $0 ("Script '" . $Script . "' is not an url and base url is not available."); + :error false; } :set Script ($ScriptRunOnceBaseUrl . $Script . ".rsc" . $ScriptRunOnceUrlSuffix); } @@ -30,19 +31,19 @@ :do { :set Source ([ /tool/fetch check-certificate=yes-without-crl $Script output=user as-value ]->"data"); } on-error={ - $LogPrintExit2 warning $0 ("Failed fetching script '" . $Script . "'!") false; + $LogPrint warning $0 ("Failed fetching script '" . $Script . "'!"); } :if ([ :len $Source ] > 0) do={ :if ([ $ValidateSyntax $Source ] = true) do={ :do { - $LogPrintExit2 info $0 ("Running script '" . $Script . "' now.") false; + $LogPrint info $0 ("Running script '" . $Script . "' now."); [ :parse $Source ]; } on-error={ - $LogPrintExit2 warning $0 ("The script '" . $Script . "' failed to run!") false; + $LogPrint warning $0 ("The script '" . $Script . "' failed to run!"); } } else={ - $LogPrintExit2 warning $0 ("The script '" . $Script . "' failed syntax validation!") false; + $LogPrint warning $0 ("The script '" . $Script . "' failed syntax validation!"); } } } From eedf092930992281700b591371cd2e960f1d9f0e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 387/908] mod/ssh-keys-import: switch to $LogPrint --- mod/ssh-keys-import.rsc | 37 ++++++++++++++++++++++--------------- 1 file changed, 22 insertions(+), 15 deletions(-) diff --git a/mod/ssh-keys-import.rsc b/mod/ssh-keys-import.rsc index b88ef9a..fbc667e 100644 --- a/mod/ssh-keys-import.rsc +++ b/mod/ssh-keys-import.rsc @@ -18,32 +18,36 @@ :global CharacterReplace; :global GetRandom20CharAlNum; - :global LogPrintExit2; + :global LogPrint; :global MkDir; :global WaitForFile; :if ([ :len $Key ] = 0 || [ :len $User ] = 0) do={ - $LogPrintExit2 warning $0 ("Missing argument(s), please pass key and user!") true; + $LogPrint warning $0 ("Missing argument(s), please pass key and user!"); + :error false; } :if ([ :len [ /user/find where name=$User ] ] = 0) do={ - $LogPrintExit2 warning $0 ("User '" . $User . "' does not exist.") true; + $LogPrint warning $0 ("User '" . $User . "' does not exist."); + :error false; } :local KeyVal [ :toarray [ $CharacterReplace $Key " " "," ] ]; :if (!($KeyVal->0 = "ssh-ed25519" || $KeyVal->0 = "ssh-rsa")) do={ - $LogPrintExit2 warning $0 ("SSH key of type '" . $KeyVal->0 . "' is not supported.") true; + $LogPrint warning $0 ("SSH key of type '" . $KeyVal->0 . "' is not supported."); + :error false; } :if ([ $MkDir "tmpfs/ssh-keys-import" ] = false) do={ - $LogPrintExit2 warning $0 ("Creating directory 'tmpfs/ssh-keys-import' failed!") true; + $LogPrint warning $0 ("Creating directory 'tmpfs/ssh-keys-import' failed!"); + :error false; } :local FingerPrintMD5 [ :convert from=base64 transform=md5 to=hex ($KeyVal->1) ]; :if ([ :len [ /user/ssh-keys/find where user=$User key-owner~("\\bmd5=" . $FingerPrintMD5 . "\\b") ] ] > 0) do={ - $LogPrintExit2 warning $0 ("The ssh public key (MD5:" . $FingerPrintMD5 . \ - ") is already available for user '" . $User . "'.") false; + $LogPrint warning $0 ("The ssh public key (MD5:" . $FingerPrintMD5 . \ + ") is already available for user '" . $User . "'."); :return false; } @@ -53,10 +57,11 @@ :do { /user/ssh-keys/import public-key-file=$FileName user=$User; - $LogPrintExit2 info $0 ("Imported ssh public key (" . $KeyVal->2 . ", " . $KeyVal->0 . ", " . \ - "MD5:" . $FingerPrintMD5 . ") for user '" . $User . "'.") false; + $LogPrint info $0 ("Imported ssh public key (" . $KeyVal->2 . ", " . $KeyVal->0 . ", " . \ + "MD5:" . $FingerPrintMD5 . ") for user '" . $User . "'."); } on-error={ - $LogPrintExit2 warning $0 ("Failed importing key.") true; + $LogPrint warning $0 ("Failed importing key."); + :error false; } } @@ -67,17 +72,19 @@ :global CharacterReplace; :global EitherOr; - :global LogPrintExit2; + :global LogPrint; :global ParseKeyValueStore; :global SSHKeysImport; :if ([ :len $FileName ] = 0 || [ :len $User ] = 0) do={ - $LogPrintExit2 warning $0 ("Missing argument(s), please pass file name and user!") true; + $LogPrint warning $0 ("Missing argument(s), please pass file name and user!"); + :error false; } :local File [ /file/find where name=$FileName ]; :if ([ :len $File ] = 0) do={ - $LogPrintExit2 warning $0 ("File '" . $FileName . "' does not exist.") true; + $LogPrint warning $0 ("File '" . $FileName . "' does not exist."); + :error false; } :local Keys ([ /file/get $FileName contents ] . "\n"); @@ -90,7 +97,7 @@ :do { $SSHKeysImport $Line $User; } on-error={ - $LogPrintExit2 warning $0 ("Failed importing key for user '" . $User . "'.") false; + $LogPrint warning $0 ("Failed importing key for user '" . $User . "'."); } :set Continue true; } @@ -99,7 +106,7 @@ :set Continue true; } :if ($Continue = false && [ :len ($KeyVal->0) ] > 0) do={ - $LogPrintExit2 warning $0 ("SSH key of type '" . $KeyVal->0 . "' is not supported.") false; + $LogPrint warning $0 ("SSH key of type '" . $KeyVal->0 . "' is not supported."); } } while=([ :len $Keys ] > 0); } From e3d55819eebfbdf1f752ec474adf28dc199ae989 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 388/908] mode-button: switch to $LogPrint --- mode-button.rsc | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/mode-button.rsc b/mode-button.rsc index 07788cb..f453f11 100644 --- a/mode-button.rsc +++ b/mode-button.rsc @@ -16,18 +16,18 @@ :global ModeButton; - :global LogPrintExit2; + :global LogPrint; :set ($ModeButton->"count") ($ModeButton->"count" + 1); :local Scheduler [ /system/scheduler/find where name="_ModeButtonScheduler" ]; :if ([ :len $Scheduler ] = 0) do={ - $LogPrintExit2 info $ScriptName ("Creating scheduler _ModeButtonScheduler, counting presses...") false; + $LogPrint info $ScriptName ("Creating scheduler _ModeButtonScheduler, counting presses..."); :global ModeButtonScheduler do={ :global ModeButton; - :global LogPrintExit2; + :global LogPrint; :global ModeButtonScheduler; :global ValidateSyntax; @@ -52,7 +52,7 @@ :if ([ :len $Code ] > 0) do={ :if ([ $ValidateSyntax $Code ] = true) do={ - $LogPrintExit2 info $ScriptName ("Acting on " . $Count . " mode-button presses: " . $Code) false; + $LogPrint info $ScriptName ("Acting on " . $Count . " mode-button presses: " . $Code); :for I from=1 to=$Count do={ $LEDInvert; @@ -66,16 +66,16 @@ [ :parse $Code ]; } else={ - $LogPrintExit2 warning $ScriptName ("The code for " . $Count . " mode-button presses failed syntax validation!") false; + $LogPrint warning $ScriptName ("The code for " . $Count . " mode-button presses failed syntax validation!"); } } else={ - $LogPrintExit2 info $ScriptName ("No action defined for " . $Count . " mode-button presses.") false; + $LogPrint info $ScriptName ("No action defined for " . $Count . " mode-button presses."); } } /system/scheduler/add name="_ModeButtonScheduler" \ on-event=":global ModeButtonScheduler; \$ModeButtonScheduler;" interval=3s; } else={ - $LogPrintExit2 debug $ScriptName ("Updating scheduler _ModeButtonScheduler...") false; + $LogPrint debug $ScriptName ("Updating scheduler _ModeButtonScheduler..."); /system/scheduler/set $Scheduler start-time=[ /system/clock/get time ]; } } on-error={ } From 8ea24540c4bd910717b33f93d07b1b60d3cd8bb6 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 389/908] netwatch-dns: switch to $LogPrint --- netwatch-dns.rsc | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/netwatch-dns.rsc b/netwatch-dns.rsc index 76f2685..50c2b4c 100644 --- a/netwatch-dns.rsc +++ b/netwatch-dns.rsc @@ -16,7 +16,7 @@ :global CertificateAvailable; :global EitherOr; - :global LogPrintExit2; + :global LogPrint; :global ParseKeyValueStore; :global ScriptLock; @@ -26,7 +26,7 @@ :local SettleTime (5m30s - [ /system/resource/get uptime ]); :if ($SettleTime > 0s) do={ - $LogPrintExit2 info $ScriptName ("System just booted, giving netwatch " . $SettleTime . " to settle.") false; + $LogPrint info $ScriptName ("System just booted, giving netwatch " . $SettleTime . " to settle."); :error true; } @@ -50,15 +50,14 @@ :if ([ :len $DnsServers ] > 0) do={ :if ($DnsServers != $DnsCurrent) do={ - $LogPrintExit2 info $ScriptName ("Updating DNS servers: " . [ :tostr $DnsServers ]) false; + $LogPrint info $ScriptName ("Updating DNS servers: " . [ :tostr $DnsServers ]); /ip/dns/set servers=$DnsServers; /ip/dns/cache/flush; } } else={ :if ([ :len $DnsFallback ] > 0) do={ :if ($DnsFallback != $DnsCurrent) do={ - $LogPrintExit2 info $ScriptName ("Updating DNS servers to fallback: " . \ - [ :tostr $DnsFallback ]) false; + $LogPrint info $ScriptName ("Updating DNS servers to fallback: " . [ :tostr $DnsFallback ]); /ip/dns/set servers=$DnsFallback; /ip/dns/cache/flush; } @@ -83,7 +82,7 @@ } :if ($DohCurrent = $HostInfo->"doh-url") do={ - $LogPrintExit2 debug $ScriptName ("Current DoH server is still up: " . $DohCurrent) false; + $LogPrint debug $ScriptName ("Current DoH server is still up: " . $DohCurrent); :error true; } @@ -92,7 +91,7 @@ } :if ([ :len $DohCurrent ] > 0) do={ - $LogPrintExit2 info $ScriptName ("Current DoH server is down, disabling: " . $DohCurrent) false; + $LogPrint info $ScriptName ("Current DoH server is down, disabling: " . $DohCurrent); /ip/dns/set use-doh-server=""; /ip/dns/cache/flush; } @@ -100,7 +99,7 @@ :foreach DohServer in=$DohServers do={ :if ([ :len ($DohServer->"doh-cert") ] > 0) do={ :if ([ $CertificateAvailable ($DohServer->"doh-cert") ] = false) do={ - $LogPrintExit2 warning $ScriptName ("Downloading certificate failed, trying without.") false; + $LogPrint warning $ScriptName ("Downloading certificate failed, trying without."); } } @@ -112,19 +111,19 @@ "\01\00" . "\00\01" . "\00\00" . "\00\00" . "\00\00" . "\09doh-check\05eworm\02de\00" . \ "\00\10" . "\00\01") ]) as-value ]->"data"); } on-error={ - $LogPrintExit2 warning $ScriptName ("Request to DoH server failed (network or certificate issue): " . \ - ($DohServer->"doh-url")) false; + $LogPrint warning $ScriptName ("Request to DoH server failed (network or certificate issue): " . \ + ($DohServer->"doh-url")); } :if ($Data != false) do={ :if ([ :typeof [ :find $Data "doh-check-OK" ] ] = "num") do={ /ip/dns/set use-doh-server=($DohServer->"doh-url") verify-doh-cert=yes; /ip/dns/cache/flush; - $LogPrintExit2 info $ScriptName ("Setting DoH server: " . ($DohServer->"doh-url")) false; + $LogPrint info $ScriptName ("Setting DoH server: " . ($DohServer->"doh-url")); :error true; } else={ - $LogPrintExit2 warning $ScriptName ("Received unexpected response from DoH server: " . \ - ($DohServer->"doh-url")) false; + $LogPrint warning $ScriptName ("Received unexpected response from DoH server: " . \ + ($DohServer->"doh-url")); } } } From 030105cc2ed46623b4628496cbd5665da245b0c9 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 390/908] netwatch-notify: switch to $LogPrint --- netwatch-notify.rsc | 29 +++++++++++++---------------- 1 file changed, 13 insertions(+), 16 deletions(-) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index 90d26f1..9536dd7 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -19,7 +19,7 @@ :global EitherOr; :global IfThenElse; :global IsDNSResolving; - :global LogPrintExit2; + :global LogPrint; :global ParseKeyValueStore; :global ScriptFromTerminal; :global ScriptLock; @@ -32,25 +32,22 @@ :local State [ :tostr $3 ]; :local Hook [ :tostr $4 ]; - :global LogPrintExit2; + :global LogPrint; :global ValidateSyntax; :if ([ $ValidateSyntax $Hook ] = true) do={ :do { [ :parse $Hook ]; } on-error={ - $LogPrintExit2 warning $0 ("The " . $State . "-hook for " . $Type . " '" . $Name . \ - "' failed to run.") false; + $LogPrint warning $0 ("The " . $State . "-hook for " . $Type . " '" . $Name . "' failed to run."); :return ("The hook failed to run."); } } else={ - $LogPrintExit2 warning $0 ("The " . $State . "-hook for " . $Type . " '" . $Name . \ - "' failed syntax validation.") false; + $LogPrint warning $0 ("The " . $State . "-hook for " . $Type . " '" . $Name . "' failed syntax validation."); :return ("The hook failed syntax validation."); } - $LogPrintExit2 info $0 ("Ran hook on " . $Type . " '" . $Name . "' " . $State . ": " . \ - $Hook) false; + $LogPrint info $0 ("Ran hook on " . $Type . " '" . $Name . "' " . $State . ": " . $Hook); :return ("Ran hook:\n" . $Hook); } @@ -106,10 +103,10 @@ :local Resolve [ :resolve ($HostInfo->"resolve") ]; :if ($Resolve != $HostVal->"host") do={ :if ([ $ResolveExpected ($HostInfo->"resolve") ($HostVal->"host") ] = false) do={ - $LogPrintExit2 info $ScriptName ("Name '" . $HostInfo->"resolve" . [ $IfThenElse \ + $LogPrint info $ScriptName ("Name '" . $HostInfo->"resolve" . [ $IfThenElse \ ($HostInfo->"resolve" != $HostInfo->"name") ("' for " . $Type . " '" . \ $HostInfo->"name") "" ] . "' resolves to different address " . $Resolve . \ - ", updating.") false; + ", updating."); /tool/netwatch/set host=$Resolve $Host; :set ($Metric->"resolve-failcnt") 0; :set ($HostVal->"status") "unknown"; @@ -118,9 +115,9 @@ } on-error={ :set ($Metric->"resolve-failcnt") ($Metric->"resolve-failcnt" + 1); :if ($Metric->"resolve-failcnt" = 3) do={ - $LogPrintExit2 warning $ScriptName ("Resolving name '" . $HostInfo->"resolve" . [ $IfThenElse \ + $LogPrint warning $ScriptName ("Resolving name '" . $HostInfo->"resolve" . [ $IfThenElse \ ($HostInfo->"resolve" != $HostInfo->"name") ("' for " . $Type . " '" . \ - $HostInfo->"name") "" ] . "' failed.") false; + $HostInfo->"name") "" ] . "' failed."); } } } @@ -129,8 +126,8 @@ :if ($HostVal->"status" = "up") do={ :local CountDown ($Metric->"count-down"); :if ($CountDown > 0) do={ - $LogPrintExit2 info $ScriptName \ - ("The " . $Type . " '" . $Name . "' (" . $HostDetails . ") is up.") false; + $LogPrint info $ScriptName \ + ("The " . $Type . " '" . $Name . "' (" . $HostDetails . ") is up."); :set ($Metric->"count-down") 0; } :set ($Metric->"count-up") ($Metric->"count-up" + 1); @@ -178,11 +175,11 @@ } :if ($Metric->"notified" = false || $Metric->"count-down" % 120 = 0 || \ $ScriptFromTerminalCached = true) do={ - $LogPrintExit2 [ $IfThenElse ($HostInfo->"no-down-notification" != true) info debug ] $ScriptName \ + $LogPrint [ $IfThenElse ($HostInfo->"no-down-notification" != true) info debug ] $ScriptName \ ("The " . $Type . " '" . $Name . "' (" . $HostDetails . ") is down for " . \ $Metric->"count-down" . " checks, " . [ $IfThenElse ($ParentNotified = false) [ $IfThenElse \ ($Metric->"notified" = true) ("already notified.") ($CountDown - $Metric->"count-down" . \ - " to go.") ] ("parent " . $Type . " " . $Parent . " is down.") ]) false; + " to go.") ] ("parent " . $Type . " " . $Parent . " is down.") ]); } :if ((($CountDown * 2) - ($Metric->"count-down" * 3)) / 2 = 0 && \ [ :typeof ($HostInfo->"pre-down-hook") ] = "str") do={ From ad65b62c1c0751fc3efee6221f4c32232f3302b9 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 391/908] ospf-to-leds: switch to $LogPrint --- ospf-to-leds.rsc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ospf-to-leds.rsc b/ospf-to-leds.rsc index 73c9922..a22e5a5 100644 --- a/ospf-to-leds.rsc +++ b/ospf-to-leds.rsc @@ -14,7 +14,7 @@ :do { :local ScriptName [ :jobname ]; - :global LogPrintExit2; + :global LogPrint; :global ParseKeyValueStore; :global ScriptLock; @@ -34,11 +34,11 @@ } :if ($NeighborCount > 0 && $LEDType = "off") do={ - $LogPrintExit2 info $ScriptName ("OSPF instance " . $InstanceVal->"name" . " has " . $NeighborCount . " neighbors, led on!") false; + $LogPrint info $ScriptName ("OSPF instance " . $InstanceVal->"name" . " has " . $NeighborCount . " neighbors, led on!"); /system/leds/set type=on [ find where leds=$LED ]; } :if ($NeighborCount = 0 && $LEDType = "on") do={ - $LogPrintExit2 info $ScriptName ("OSPF instance " . $InstanceVal->"name" . " has no neighbors, led off!") false; + $LogPrint info $ScriptName ("OSPF instance " . $InstanceVal->"name" . " has no neighbors, led off!"); /system/leds/set type=off [ find where leds=$LED ]; } } From 8444e5f2703a90ae0441281239505a670c24c152 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 392/908] packages-update: switch to $LogPrint --- packages-update.rsc | 40 +++++++++++++++++++++++----------------- 1 file changed, 23 insertions(+), 17 deletions(-) diff --git a/packages-update.rsc b/packages-update.rsc index 634b7bb..22ea501 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -16,7 +16,7 @@ :global DownloadPackage; :global Grep; - :global LogPrintExit2; + :global LogPrint; :global ParseKeyValueStore; :global ScriptFromTerminal; :global ScriptLock; @@ -29,7 +29,7 @@ :local ScriptName [ :tostr $1 ]; :global GetRandomNumber; - :global LogPrintExit2; + :global LogPrint; :global RebootForUpdate do={ /system/reboot; @@ -39,8 +39,8 @@ /system/scheduler/add name="_RebootForUpdate" start-time=$StartTime interval=1d \ on-event=("/system/scheduler/remove \"_RebootForUpdate\"; " . \ ":global RebootForUpdate; \$RebootForUpdate;"); - $LogPrintExit2 info $ScriptName ("Scheduled reboot for update at " . $StartTime . \ - " local time (" . [ /system/clock/get time-zone-name ] . ").") false; + $LogPrint info $ScriptName ("Scheduled reboot for update at " . $StartTime . \ + " local time (" . [ /system/clock/get time-zone-name ] . ")."); :return true; } @@ -51,11 +51,12 @@ :local Update [ /system/package/update/get ]; :if ([ :typeof ($Update->"latest-version") ] = "nothing") do={ - $LogPrintExit2 warning $ScriptName ("Latest version is not known.") true; + $LogPrint warning $ScriptName ("Latest version is not known."); + :error false; } :if ($Update->"installed-version" = $Update->"latest-version") do={ - $LogPrintExit2 info $ScriptName ("Version " . $Update->"latest-version" . " is already installed.") false; + $LogPrint info $ScriptName ("Version " . $Update->"latest-version" . " is already installed."); :error true; } @@ -63,8 +64,9 @@ :local NumLatest [ $VersionToNum ($Update->"latest-version") ]; :if ($NumInstalled < 0x070d0000 && $NumLatest > 0x070d0000) do={ - $LogPrintExit2 error $ScriptName ("Migration to wireless/wifi package in RouterOS " . \ - ($Update->"latest-version") . " is pending. Please update manually!") true; + $LogPrint error $ScriptName ("Migration to wireless/wifi package in RouterOS " . \ + ($Update->"latest-version") . " is pending. Please update manually!"); + :error false; } :local DoDowngrade false; @@ -77,14 +79,16 @@ :put "Canceled..."; } } else={ - $LogPrintExit2 warning $ScriptName ("Not installing downgrade automatically.") true; + $LogPrint warning $ScriptName ("Not installing downgrade automatically."); + :error false; } } :foreach Package in=[ /system/package/find where !bundle ] do={ :local PkgName [ /system/package/get $Package name ]; :if ([ $DownloadPackage $PkgName ($Update->"latest-version") ] = false) do={ - $LogPrintExit2 error $ScriptName ("Download for package " . $PkgName . " failed, update aborted.") true; + $LogPrint error $ScriptName ("Download for package " . $PkgName . " failed, update aborted."); + :error false; } } @@ -99,29 +103,31 @@ :foreach Order,Script in=$RunOrder do={ :set PackagesUpdateBackupFailure false; :do { - $LogPrintExit2 info $ScriptName ("Running backup script " . $Script . " before update.") false; + $LogPrint info $ScriptName ("Running backup script " . $Script . " before update."); /system/script/run $Script; } on-error={ :set PackagesUpdateBackupFailure true; } :if ($PackagesUpdateBackupFailure = true) do={ - $LogPrintExit2 warning $ScriptName ("Running backup script " . $Script . " before update failed!") false; + $LogPrint warning $ScriptName ("Running backup script " . $Script . " before update failed!"); :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ :put "Do you want to continue anyway? [y/N]"; :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ - $LogPrintExit2 info $ScriptName ("User requested to continue anyway.") false; + $LogPrint info $ScriptName ("User requested to continue anyway."); } else={ - $LogPrintExit2 info $ScriptName ("Canceled update...") true; + $LogPrint info $ScriptName ("Canceled update..."); + :error false; } } else={ - $LogPrintExit2 warning $ScriptName ("Canceled non-interactive update.") true; + $LogPrint warning $ScriptName ("Canceled non-interactive update."); + :error false; } } } :if ($DoDowngrade = true) do={ - $LogPrintExit2 info $ScriptName ("Rebooting for downgrade.") false; + $LogPrint info $ScriptName ("Rebooting for downgrade."); :delay 1s; /system/package/downgrade; } @@ -137,7 +143,7 @@ } } - $LogPrintExit2 info $ScriptName ("Rebooting for update.") false; + $LogPrint info $ScriptName ("Rebooting for update."); :delay 1s; /system/reboot; } on-error={ } From 88d4c0aff83fffad0952a44a6afbe888d1332c14 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 393/908] ppp-on-up: switch to $LogPrint --- ppp-on-up.rsc | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/ppp-on-up.rsc b/ppp-on-up.rsc index 0cc2405..61766c0 100644 --- a/ppp-on-up.rsc +++ b/ppp-on-up.rsc @@ -14,26 +14,27 @@ :do { :local ScriptName [ :jobname ]; - :global LogPrintExit2; + :global LogPrint; :local Interface $interface; :if ([ :typeof $Interface ] = "nothing") do={ - $LogPrintExit2 error $ScriptName ("This script is supposed to run from ppp on-up script hook.") true; + $LogPrint error $ScriptName ("This script is supposed to run from ppp on-up script hook."); + :error false; } :local IntName [ /interface/get $Interface name ]; - $LogPrintExit2 info $ScriptName ("PPP interface " . $IntName . " is up.") false; + $LogPrint info $ScriptName ("PPP interface " . $IntName . " is up."); /ipv6/dhcp-client/release [ find where interface=$IntName !disabled ]; :foreach Script in=[ /system/script/find where source~("\n# provides: ppp-on-up\n") ] do={ :local ScriptName [ /system/script/get $Script name ]; :do { - $LogPrintExit2 debug $ScriptName ("Running script: " . $ScriptName) false; + $LogPrint debug $ScriptName ("Running script: " . $ScriptName); /system/script/run $Script; } on-error={ - $LogPrintExit2 warning $ScriptName ("Running script '" . $ScriptName . "' failed!") false; + $LogPrint warning $ScriptName ("Running script '" . $ScriptName . "' failed!"); } } } on-error={ } From 5a487d15c2ba464df46b82eceffac622d1f21604 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 394/908] sms-action: switch to $LogPrint --- sms-action.rsc | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/sms-action.rsc b/sms-action.rsc index 11d3523..4c37565 100644 --- a/sms-action.rsc +++ b/sms-action.rsc @@ -16,13 +16,14 @@ :global SmsAction; - :global LogPrintExit2; + :global LogPrint; :global ValidateSyntax; :local Action $action; :if ([ :typeof $Action ] = "nothing") do={ - $LogPrintExit2 error $ScriptName ("This script is supposed to run from SMS hook with action=...") true; + $LogPrint error $ScriptName ("This script is supposed to run from SMS hook with action=..."); + :error false; } :local Code ($SmsAction->$Action); @@ -31,6 +32,6 @@ :delay 1s; [ :parse $Code ]; } else={ - $LogPrintExit2 warning $ScriptName ("The code for action '" . $Action . "' failed syntax validation!") false; + $LogPrint warning $ScriptName ("The code for action '" . $Action . "' failed syntax validation!"); } } on-error={ } From be1aeccbe520be193906e24de7c2fa82af5970dd Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 395/908] sms-forward: switch to $LogPrint --- sms-forward.rsc | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/sms-forward.rsc b/sms-forward.rsc index c745b81..b0966c3 100644 --- a/sms-forward.rsc +++ b/sms-forward.rsc @@ -19,7 +19,7 @@ :global SmsForwardHooks; :global IfThenElse; - :global LogPrintExit2; + :global LogPrint; :global LogPrintOnce; :global ScriptLock; :global SendNotification2; @@ -41,7 +41,7 @@ :local Settings [ /tool/sms/get ]; :if ([ /interface/lte/get ($Settings->"port") running ] != true) do={ - $LogPrintExit2 info $ScriptName ("The LTE interface is not in running state, skipping.") false; + $LogPrint info $ScriptName ("The LTE interface is not in running state, skipping."); :error true; } @@ -56,7 +56,7 @@ :if ($Phone = $Settings->"allowed-number" && \ ($SmsVal->"message")~("^:cmd " . $Settings->"secret" . " script ")) do={ - $LogPrintExit2 debug $ScriptName ("Removing SMS, which started a script.") false; + $LogPrint debug $ScriptName ("Removing SMS, which started a script."); /tool/sms/inbox/remove $Sms; } else={ :set Messages ($Messages . "\n\nOn " . $SmsVal->"timestamp" . \ @@ -64,20 +64,16 @@ :foreach Hook in=$SmsForwardHooks do={ :if ($Phone~($Hook->"allowed-number") && ($SmsVal->"message")~($Hook->"match")) do={ :if ([ $ValidateSyntax ($Hook->"command") ] = true) do={ - $LogPrintExit2 info $ScriptName ("Running hook '" . $Hook->"match" . "': " . \ - $Hook->"command") false; + $LogPrint info $ScriptName ("Running hook '" . $Hook->"match" . "': " . $Hook->"command"); :do { :local Command [ :parse ($Hook->"command") ]; $Command Phone=$Phone Message=($SmsVal->"message"); - :set Messages ($Messages . "\n\nRan hook '" . $Hook->"match" . "':\n" . \ - $Hook->"command"); + :set Messages ($Messages . "\n\nRan hook '" . $Hook->"match" . "':\n" . $Hook->"command"); } on-error={ - $LogPrintExit2 warning $ScriptName ("The code for hook '" . $Hook->"match" . \ - "' failed to run!") false; + $LogPrint warning $ScriptName ("The code for hook '" . $Hook->"match" . "' failed to run!"); } } else={ - $LogPrintExit2 warning $ScriptName ("The code for hook '" . $Hook->"match" . \ - "' failed syntax validation!") false; + $LogPrint warning $ScriptName ("The code for hook '" . $Hook->"match" . "' failed syntax validation!"); } } } From 19fb5c5801a0769e3b94123b8b28aca14f0e73d9 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 396/908] telegram-chat: switch to $LogPrint --- telegram-chat.rsc | 29 ++++++++++++++++------------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/telegram-chat.rsc b/telegram-chat.rsc index 799569f..c81b714 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -30,7 +30,7 @@ :global EscapeForRegEx; :global GetRandom20CharAlNum; :global IfThenElse; - :global LogPrintExit2; + :global LogPrint; :global MAX; :global MIN; :global MkDir; @@ -57,7 +57,8 @@ } :if ([ $CertificateAvailable "Go Daddy Secure Certificate Authority - G2" ] = false) do={ - $LogPrintExit2 warning $ScriptName ("Downloading required certificate failed.") true; + $LogPrint warning $ScriptName ("Downloading required certificate failed."); + :error false; } $RandomDelay $TelegramRandomDelay; @@ -72,7 +73,7 @@ :set TelegramRandomDelay [ $MAX 0 ($TelegramRandomDelay - 1) ]; } on-error={ :if ($I < 4) do={ - $LogPrintExit2 debug $ScriptName ("Fetch failed, " . $I . ". try.") false; + $LogPrint debug $ScriptName ("Fetch failed, " . $I . ". try."); :set TelegramRandomDelay [ $MIN 15 ($TelegramRandomDelay + 5) ]; :delay (($I * $I) . "s"); } @@ -81,7 +82,8 @@ } :if ($Data = false) do={ - $LogPrintExit2 warning $ScriptName ("Failed getting updates from Telegram.") true; + $LogPrint warning $ScriptName ("Failed getting updates from Telegram."); + :error false; } :local UpdateID 0; @@ -106,7 +108,7 @@ :if ($Trusted = true) do={ :local Done false; :if ($Message->"text" = "?") do={ - $LogPrintExit2 info $ScriptName ("Sending notice for update " . $UpdateID . ".") false; + $LogPrint info $ScriptName ("Sending notice for update " . $UpdateID . "."); $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=true; replyto=($Message->"message_id"); \ subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ message=("Online, awaiting your commands!") }); @@ -118,8 +120,8 @@ } else={ :set TelegramChatActive false; } - $LogPrintExit2 info $ScriptName ("Now " . [ $IfThenElse $TelegramChatActive "active" "passive" ] . \ - " from update " . $UpdateID . "!") false; + $LogPrint info $ScriptName ("Now " . [ $IfThenElse $TelegramChatActive "active" "passive" ] . \ + " from update " . $UpdateID . "!"); :set Done true; } :if ($Done = false && ($IsMyReply = 1 || ($IsReply = 0 && $TelegramChatActive = true)) && [ :len ($Message->"text") ] > 0) do={ @@ -127,9 +129,10 @@ :local State ""; :local File ("tmpfs/telegram-chat/" . [ $GetRandom20CharAlNum 6 ]); :if ([ $MkDir "tmpfs/telegram-chat" ] = false) do={ - $LogPrintExit2 error $ScriptName ("Failed creating directory!") true; + $LogPrint error $ScriptName ("Failed creating directory!"); + :error false; } - $LogPrintExit2 info $ScriptName ("Running command from update " . $UpdateID . ": " . $Message->"text") false; + $LogPrint info $ScriptName ("Running command from update " . $UpdateID . ": " . $Message->"text"); :execute script=(":do {\n" . $Message->"text" . "\n} on-error={ /file/add name=\"" . $File . ".failed\" };" . \ "/file/add name=\"" . $File . ".done\"") file=($File . "\00"); :if ([ $WaitForFile ($File . ".done") [ $EitherOr $TelegramChatRunTime 20s ] ] = false) do={ @@ -146,7 +149,7 @@ ("Output exceeds file read size.") ("No output.") ] ]) }); /file/remove "tmpfs/telegram-chat"; } else={ - $LogPrintExit2 info $ScriptName ("The command from update " . $UpdateID . " failed syntax validation!") false; + $LogPrint info $ScriptName ("The command from update " . $UpdateID . " failed syntax validation!"); $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=false; replyto=($Message->"message_id"); \ subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ message=("Command:\n" . $Message->"text" . "\n\nThe command failed syntax validation!") }); @@ -157,16 +160,16 @@ [ $IfThenElse ([ :len ($From->"username") ] = 0) "without username" ("'" . $From->"username" . "'") ] . \ " (ID " . $From->"id" . ") in update " . $UpdateID . "!"); :if ($Message->"text" ~ ("^! *" . [ $EscapeForRegEx $Identity ] . "\$")) do={ - $LogPrintExit2 warning $ScriptName $MessageText false; + $LogPrint warning $ScriptName $MessageText; $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=false; replyto=($Message->"message_id"); \ subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ message=("You are not trusted.") }); } else={ - $LogPrintExit2 info $ScriptName $MessageText false; + $LogPrint info $ScriptName $MessageText; } } } else={ - $LogPrintExit2 debug $ScriptName ("Already handled update " . $UpdateID . ".") false; + $LogPrint debug $ScriptName ("Already handled update " . $UpdateID . "."); } } :set TelegramChatOffset ([ :pick $TelegramChatOffset 1 3 ], \ From 1c6154728411e206d651ad05fce093a80168f64f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 12 Mar 2024 10:34:26 +0100 Subject: [PATCH 397/908] global-config: merge loading overlay and snippets --- global-config.rsc | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/global-config.rsc b/global-config.rsc index 85731c3..2b688bc 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -243,20 +243,14 @@ "cert2-cn"="4n0th3r-s3cr3t"; }; -# load custom settings from overlay +# load custom settings from overlay and snippets # Warning: Do *NOT* copy this code to overlay! -:do { - /system/script/run global-config-overlay; -} on-error={ - :log error ("Loading configuration from overlay failed!"); -} - -# configuration overlay snippets -:foreach Script in=[ /system/script/find where name ~ "^global-config-overlay.d/" ] do={ +:foreach Script in=([ /system/script/find where name="global-config-overlay" ], \ + [ /system/script/find where name~"^global-config-overlay.d/" ]) do={ :do { /system/script/run $Script; } on-error={ - :log error ("Loading configuration from overlay snippet " . \ + :log error ("Loading configuration from overlay or snippet " . \ [ /system/script/get $Script name ] . " failed!"); } } From 9a21f4d3e3bf1ba0abe565058f7f8688024b68a2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 398/908] update-gre-address: switch to $LogPrint --- update-gre-address.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/update-gre-address.rsc b/update-gre-address.rsc index 78705c5..74967cd 100644 --- a/update-gre-address.rsc +++ b/update-gre-address.rsc @@ -16,7 +16,7 @@ :local ScriptName [ :jobname ]; :global CharacterReplace; - :global LogPrintExit2; + :global LogPrint; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ @@ -33,7 +33,7 @@ :if ([ :typeof ($PeerVal->"dynamic-address") ] = "str" && \ ($PeerVal->"dynamic-address" != $GreIntVal->"remote-address" || \ $GreIntVal->"disabled" = true)) do={ - $LogPrintExit2 info $ScriptName ("Updating remote address for interface " . $GreIntVal->"name" . " to " . $PeerVal->"dynamic-address") false; + $LogPrint info $ScriptName ("Updating remote address for interface " . $GreIntVal->"name" . " to " . $PeerVal->"dynamic-address"); /interface/gre/set remote-address=0.0.0.0 disabled=yes [ find where remote-address=$PeerVal->"dynamic-address" name!=$GreIntVal->"name" ]; /interface/gre/set $GreInt remote-address=($PeerVal->"dynamic-address") disabled=no; } From 76f65c13d77759321f128035bd1ce4aa9b2cec46 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 12 Mar 2024 15:59:41 +0100 Subject: [PATCH 399/908] global-functions: add architecture in user-agent string --- global-functions.rsc | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index d2386f4..1c2523a 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -16,7 +16,12 @@ # global variables not to be changed by user :global GlobalFunctionsReady false; -:global FetchUserAgent ("User-Agent: Mikrotik/" . [ /system/resource/get version ] . " Fetch"); +:global FetchUserAgent; +{ + :local Resource [ /system/resource/get ]; + :set FetchUserAgent ("User-Agent: Mikrotik/" . $Resource->"version" . \ + " " . $Resource->"architecture-name" . " Fetch"); +} :global Identity [ /system/identity/get name ]; # global functions From 242ecef012f5208b6fa088a1222d0d5477e5b2ed Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 12:45:38 +0100 Subject: [PATCH 400/908] update-tunnelbroker: switch to $LogPrint --- update-tunnelbroker.rsc | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/update-tunnelbroker.rsc b/update-tunnelbroker.rsc index 9f316e3..c76b7ec 100644 --- a/update-tunnelbroker.rsc +++ b/update-tunnelbroker.rsc @@ -17,7 +17,7 @@ :local ScriptName [ :jobname ]; :global CertificateAvailable; - :global LogPrintExit2; + :global LogPrint; :global ParseKeyValueStore; :global ScriptLock; @@ -26,7 +26,8 @@ } :if ([ $CertificateAvailable "Starfield Secure Certificate Authority - G2" ] = false) do={ - $LogPrintExit2 error $ScriptName ("Downloading required certificate failed.") true; + $LogPrint error $ScriptName ("Downloading required certificate failed."); + :error false; } :foreach Interface in=[ /interface/6to4/find where comment~"^tunnelbroker" !disabled ] do={ @@ -41,24 +42,25 @@ ("https://ipv4.tunnelbroker.net/nic/update?hostname=" . $Comment->"id") \ user=($Comment->"user") password=($Comment->"pass") output=user as-value ]->"data"); } on-error={ - $LogPrintExit2 debug $ScriptName ("Failed downloading, " . $I . " retries pending.") false; + $LogPrint debug $ScriptName ("Failed downloading, " . $I . " retries pending."); :delay 2s; } } } :if (!($Data ~ "^(good|nochg) ")) do={ - $LogPrintExit2 error $ScriptName ("Failed sending the local address to tunnelbroker or unexpected response!") true; + $LogPrint error $ScriptName ("Failed sending the local address to tunnelbroker or unexpected response!"); + :error false; } :local PublicAddress [ :pick $Data ([ :find $Data " " ] + 1) [ :find $Data "\n" ] ]; :if ($PublicAddress != $InterfaceVal->"local-address") do={ :if ([ :len [ /ip/address find where address~("^" . $PublicAddress . "/") ] ] < 1) do={ - $LogPrintExit2 warning $ScriptName ("The address " . $PublicAddress . " is not configured on your device. NAT by ISP?") false; + $LogPrint warning $ScriptName ("The address " . $PublicAddress . " is not configured on your device. NAT by ISP?"); } - $LogPrintExit2 info $ScriptName ("Local address changed, updating tunnel configuration with address: " . $PublicAddress) false; + $LogPrint info $ScriptName ("Local address changed, updating tunnel configuration with address: " . $PublicAddress); /interface/6to4/set $Interface local-address=$PublicAddress; } } From 19802c0b6977f9467fada4ace3cab017dd98964b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 11:09:22 +0100 Subject: [PATCH 401/908] global-functions: $LogPrintOnce: drop support for exit This is not widely adopted or used, so let's just drop it - no compatibility. --- dhcp-to-dns.rsc | 4 ++-- fw-addr-lists.rsc | 2 +- global-functions.rsc | 9 ++++----- sms-forward.rsc | 3 ++- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/dhcp-to-dns.rsc b/dhcp-to-dns.rsc index 84a1e84..d0638c7 100644 --- a/dhcp-to-dns.rsc +++ b/dhcp-to-dns.rsc @@ -61,7 +61,7 @@ :do { :set LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; :if ([ :len [ /ip/dhcp-server/lease/find where active-mac-address=($LeaseVal->"active-mac-address") status=bound ] ] > 1) do={ - $LogPrintOnce info $ScriptName ("Multiple bound leases found for mac-address " . ($LeaseVal->"active-mac-address") . "!") false; + $LogPrintOnce info $ScriptName ("Multiple bound leases found for mac-address " . ($LeaseVal->"active-mac-address") . "!"); } } on-error={ $LogPrintExit2 debug $ScriptName ("A lease just vanished, ignoring.") false; @@ -117,7 +117,7 @@ } :if ([ :len [ /ip/dns/static/find where name=$FullA (!type or type=A) ] ] > 1) do={ - $LogPrintOnce warning $ScriptName ("The name '" . $FullA . "' appeared in more than one A record!") false; + $LogPrintOnce warning $ScriptName ("The name '" . $FullA . "' appeared in more than one A record!"); } } else={ $LogPrintExit2 debug $ScriptName ("No address available... Ignoring.") false; diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 6071f7b..4ec4105 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -82,7 +82,7 @@ } :if ([ :len $Data ] > 63000) do={ - $LogPrintOnce warning $ScriptName ("The list is huge and may be truncated: " . $List->"url") false; + $LogPrintOnce warning $ScriptName ("The list is huge and may be truncated: " . $List->"url"); } :while ([ :len $Data ] != 0) do={ diff --git a/global-functions.rsc b/global-functions.rsc index 1c2523a..aca4cd8 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -703,7 +703,6 @@ :local Severity [ :tostr $1 ]; :local Name [ :tostr $2 ]; :local Message [ :tostr $3 ]; - :local Exit [ :tostr $4 ]; :global LogPrintExit2; @@ -718,7 +717,7 @@ } :set ($LogPrintOnceMessages->$Message) 1; - $LogPrintExit2 $Severity $Name $Message $Exit; + $LogPrintExit2 $Severity $Name $Message false; } # get max value @@ -1048,7 +1047,7 @@ } } else={ $LogPrintOnce warning $0 ("The script '" . $ScriptVal->"name" . "' requires RouterOS " . \ - $Required . ", which is not met by your installation. Ignoring!") false; + $Required . ", which is not met by your installation. Ignoring!"); } } else={ $LogPrintExit2 warning $0 ("Looks like new script '" . $ScriptVal->"name" . \ @@ -1359,7 +1358,7 @@ } :if ([ :len ($Symbols->$Name) ] = 0) do={ - $LogPrintOnce warning $0 ("No symbol available for name '" . $Name . "'!") false; + $LogPrintOnce warning $0 ("No symbol available for name '" . $Name . "'!"); :return ""; } @@ -1540,7 +1539,7 @@ # Log success :local Resource [ /system/resource/get ]; $LogPrintOnce info $ScriptName ("Loaded on " . $Resource->"board-name" . \ - " with RouterOS " . $Resource->"version" . ".") false; + " with RouterOS " . $Resource->"version" . "."); # signal we are ready :set GlobalFunctionsReady true; diff --git a/sms-forward.rsc b/sms-forward.rsc index 2f549b1..c745b81 100644 --- a/sms-forward.rsc +++ b/sms-forward.rsc @@ -32,7 +32,8 @@ } :if ([ /tool/sms/get receive-enabled ] = false) do={ - $LogPrintOnce warning $ScriptName ("Receiving of SMS is not enabled.") true; + $LogPrintOnce warning $ScriptName ("Receiving of SMS is not enabled."); + :error false; } $WaitFullyConnected; From 39dd1f2a63bc8477bf444111189a7ecead77a667 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 17:50:28 +0100 Subject: [PATCH 402/908] mod/bridge-port-to: do not exit with error --- mod/bridge-port-to.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mod/bridge-port-to.rsc b/mod/bridge-port-to.rsc index 441094f..567a762 100644 --- a/mod/bridge-port-to.rsc +++ b/mod/bridge-port-to.rsc @@ -26,7 +26,7 @@ :if ([ :len $DHCPClient ] != 1) do={ $LogPrint warning $0 ([ $IfThenElse ([ :len $DHCPClient ] = 0) "Missing" "Duplicate" ] . \ " dhcp client configuration for interface " . $BridgePortVal->"interface" . "!"); - :error false; + :return false; } :local DHCPClientDisabled [ /ip/dhcp-client/get $DHCPClient disabled ]; From 525e4325daadb94757c8632c1c07391d986c9e0e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 17:51:22 +0100 Subject: [PATCH 403/908] mod/bridge-port-vlan: do not exit with error --- mod/bridge-port-vlan.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mod/bridge-port-vlan.rsc b/mod/bridge-port-vlan.rsc index 522e9a6..aee5ef9 100644 --- a/mod/bridge-port-vlan.rsc +++ b/mod/bridge-port-vlan.rsc @@ -26,7 +26,7 @@ :if ([ :len $DHCPClient ] != 1) do={ $LogPrint warning $0 ([ $IfThenElse ([ :len $DHCPClient ] = 0) "Missing" "Duplicate" ] . \ " dhcp client configuration for interface " . $BridgePortVal->"interface" . "!"); - :error false; + :return false; } :local DHCPClientDisabled [ /ip/dhcp-client/get $DHCPClient disabled ]; @@ -43,7 +43,7 @@ :set $Vlan ([ /interface/bridge/vlan/get [ find where comment=$Vlan ] vlan-ids ]->0); } on-error={ $LogPrint warning $0 ("Could not find VLAN '" . $Vlan . "' for interface " . $BridgePortVal->"interface" . "!"); - :error false; + :return false; } } :if ($BridgePortVal->"disabled" = true || $Vlan != $BridgePortVal->"pvid") do={ From c2dc8a0837cd848512a8587f406f9dadd31b957c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 17:53:48 +0100 Subject: [PATCH 404/908] mod/notification-matrix: do not exit with error --- mod/notification-matrix.rsc | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/mod/notification-matrix.rsc b/mod/notification-matrix.rsc index c4fe100..aa95841 100644 --- a/mod/notification-matrix.rsc +++ b/mod/notification-matrix.rsc @@ -198,7 +198,7 @@ $LogPrint debug $0 ("Home server is: " . $MatrixHomeServer); } on-error={ $LogPrint error $0 ("Failed getting home server!"); - :error false; + :return false; } :if ([ :pick $MatrixHomeServer 0 8 ] = "https://") do={ @@ -213,7 +213,7 @@ $LogPrint debug $0 ("Access token is: " . $MatrixAccessToken); } on-error={ $LogPrint error $0 ("Failed logging in (and getting access token)!"); - :error false; + :return false; } :do { @@ -223,7 +223,7 @@ $LogPrint info $0 ("Appended configuration to global-config-overlay. Now create and join a room, please!"); } on-error={ $LogPrint error $0 ("Failed appending configuration to global-config-overlay!"); - :error false; + :return false; } } @@ -246,7 +246,7 @@ $LogPrint debug $0 ("Joined the room."); } on-error={ $LogPrint error $0 ("Failed joining the room!"); - :error false; + :return false; } :do { @@ -255,6 +255,6 @@ $LogPrint info $0 ("Appended configuration to global-config-overlay. Please review and cleanup!"); } on-error={ $LogPrint error $0 ("Failed appending configuration to global-config-overlay!"); - :error false; + :return false; } } From 0e2e7efdb223baa10d06b9f0d917fbe507264307 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 17:52:07 +0100 Subject: [PATCH 405/908] mod/scriptrunonce: do not exit with error --- mod/scriptrunonce.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mod/scriptrunonce.rsc b/mod/scriptrunonce.rsc index ffb1aff..85d465a 100644 --- a/mod/scriptrunonce.rsc +++ b/mod/scriptrunonce.rsc @@ -22,7 +22,7 @@ :if (!($Script ~ "^(ftp|https?|sftp)://")) do={ :if ([ :len $ScriptRunOnceBaseUrl ] = 0) do={ $LogPrint warning $0 ("Script '" . $Script . "' is not an url and base url is not available."); - :error false; + :return false; } :set Script ($ScriptRunOnceBaseUrl . $Script . ".rsc" . $ScriptRunOnceUrlSuffix); } From b829ec1fc9091fe8add28d56c81da64c7aa9be3a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Mar 2024 17:47:56 +0100 Subject: [PATCH 406/908] mod/ssh-keys-import: do not exit with error --- mod/ssh-keys-import.rsc | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/mod/ssh-keys-import.rsc b/mod/ssh-keys-import.rsc index fbc667e..6716958 100644 --- a/mod/ssh-keys-import.rsc +++ b/mod/ssh-keys-import.rsc @@ -24,23 +24,23 @@ :if ([ :len $Key ] = 0 || [ :len $User ] = 0) do={ $LogPrint warning $0 ("Missing argument(s), please pass key and user!"); - :error false; + :return false; } :if ([ :len [ /user/find where name=$User ] ] = 0) do={ $LogPrint warning $0 ("User '" . $User . "' does not exist."); - :error false; + :return false; } :local KeyVal [ :toarray [ $CharacterReplace $Key " " "," ] ]; :if (!($KeyVal->0 = "ssh-ed25519" || $KeyVal->0 = "ssh-rsa")) do={ $LogPrint warning $0 ("SSH key of type '" . $KeyVal->0 . "' is not supported."); - :error false; + :return false; } :if ([ $MkDir "tmpfs/ssh-keys-import" ] = false) do={ $LogPrint warning $0 ("Creating directory 'tmpfs/ssh-keys-import' failed!"); - :error false; + :return false; } :local FingerPrintMD5 [ :convert from=base64 transform=md5 to=hex ($KeyVal->1) ]; @@ -61,7 +61,7 @@ "MD5:" . $FingerPrintMD5 . ") for user '" . $User . "'."); } on-error={ $LogPrint warning $0 ("Failed importing key."); - :error false; + :return false; } } @@ -78,13 +78,13 @@ :if ([ :len $FileName ] = 0 || [ :len $User ] = 0) do={ $LogPrint warning $0 ("Missing argument(s), please pass file name and user!"); - :error false; + :return false; } :local File [ /file/find where name=$FileName ]; :if ([ :len $File ] = 0) do={ $LogPrint warning $0 ("File '" . $FileName . "' does not exist."); - :error false; + :return false; } :local Keys ([ /file/get $FileName contents ] . "\n"); From 44fc69e82d1a612ad276998377b1c3f34310422e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Dec 2023 23:43:23 +0100 Subject: [PATCH 407/908] packages-update: drop RouterOS version check... ... and allow all updates again. This requires RouterOS 7.13. --- doc/packages-update.md | 2 +- packages-update.rsc | 8 +------- 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/doc/packages-update.md b/doc/packages-update.md index 86eae0d..fae3896 100644 --- a/doc/packages-update.md +++ b/doc/packages-update.md @@ -4,7 +4,7 @@ Manage system update [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/packages-update.rsc b/packages-update.rsc index 22ea501..2723b3b 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # download packages and reboot for installation # https://git.eworm.de/cgit/routeros-scripts/about/doc/packages-update.md @@ -63,12 +63,6 @@ :local NumInstalled [ $VersionToNum ($Update->"installed-version") ]; :local NumLatest [ $VersionToNum ($Update->"latest-version") ]; - :if ($NumInstalled < 0x070d0000 && $NumLatest > 0x070d0000) do={ - $LogPrint error $ScriptName ("Migration to wireless/wifi package in RouterOS " . \ - ($Update->"latest-version") . " is pending. Please update manually!"); - :error false; - } - :local DoDowngrade false; :if ($NumInstalled > $NumLatest) do={ :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ From c016a6ef47eb08ad0f1f72968348af7bfa0acad0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 12 Mar 2024 21:52:18 +0100 Subject: [PATCH 408/908] mod/notification-email: add display name with identity (if not given) --- mod/notification-email.rsc | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index 78192f3..d801d78 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -8,6 +8,7 @@ # send notifications via e-mail # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/notification-email.md +:global EMailGenerateFrom; :global FlushEmailQueue; :global LogForwardFilterLogForwarding; :global NotificationEMailSubject; @@ -17,11 +18,25 @@ :global SendEMail; :global SendEMail2; +# generate from-property with display name +:set EMailGenerateFrom do={ + :global Identity; + + :local From [ /tool/e-mail/get from ]; + + :if ($From ~ "<.*>\$") do={ + :return $From; + } + + :return ("\"" . $Identity . " via routeros-scripts\" <" . $From . ">"); +} + # flush e-mail queue :set FlushEmailQueue do={ :global EmailQueue; :global EitherOr; + :global EMailGenerateFrom; :global IsDNSResolving; :global IsTimeSync; :global LogPrint; @@ -67,8 +82,8 @@ $LogPrint warning $0 ("File '" . $File . "' does not exist, can not attach."); } } - /tool/e-mail/send to=($Message->"to") cc=($Message->"cc") subject=($Message->"subject") \ - body=($Message->"body") file=$Attach; + /tool/e-mail/send from=[ $EMailGenerateFrom ] to=($Message->"to") cc=($Message->"cc") \ + subject=($Message->"subject") body=($Message->"body") file=$Attach; :local Wait true; :do { :delay 1s; From ccfbabde5eed08a021b2d47f34bc4498940fda1d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 12 Mar 2024 22:03:04 +0100 Subject: [PATCH 409/908] mod/notification-email: clean name for display name --- mod/notification-email.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index d801d78..0d83d69 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -22,13 +22,15 @@ :set EMailGenerateFrom do={ :global Identity; + :global CleanName; + :local From [ /tool/e-mail/get from ]; :if ($From ~ "<.*>\$") do={ :return $From; } - :return ("\"" . $Identity . " via routeros-scripts\" <" . $From . ">"); + :return ([ $CleanName $Identity ] . " via routeros-scripts <" . $From . ">"); } # flush e-mail queue From 3d4a14d44935fff6777a97afb4b598238c57b47e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 13 Mar 2024 08:37:11 +0100 Subject: [PATCH 410/908] netwatch-notify: pass link to notification This is pass verbatim below the notification text. --- doc/netwatch-notify.md | 7 +++++++ global-functions.rsc | 2 +- netwatch-notify.rsc | 4 ++-- news-and-changes.rsc | 1 + 4 files changed, 11 insertions(+), 3 deletions(-) diff --git a/doc/netwatch-notify.md b/doc/netwatch-notify.md index 6f3e1ce..806bb3a 100644 --- a/doc/netwatch-notify.md +++ b/doc/netwatch-notify.md @@ -111,6 +111,13 @@ included verbatim into the notification. /tool/netwatch/add comment="notify, name=example, note=Do not touch!" host=10.0.0.31; +### Add a link in notification + +It is possible to add a link in notification, that is added below the +formatted notification text. + + /tool/netwatch/add comment="notify, name=example.com, resolve=example.com, link=https://example.com/"; + Tips & Tricks ------------- diff --git a/global-functions.rsc b/global-functions.rsc index d33e3e2..e4d0fd2 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -12,7 +12,7 @@ :local ScriptName [ :jobname ]; # expected configuration version -:global ExpectedConfigVersion 123; +:global ExpectedConfigVersion 124; # global variables not to be changed by user :global GlobalFunctionsReady false; diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index 9536dd7..adcfc37 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -144,7 +144,7 @@ } $SendNotification2 ({ origin=[ $EitherOr ($HostInfo->"origin") $ScriptName ]; silent=($HostInfo->"silent"); \ subject=([ $SymbolForNotification "white-heavy-check-mark" ] . "Netwatch Notify: " . $Name . " up"); \ - message=$Message }); + message=$Message; link=($HostInfo->"link") }); } :set ($Metric->"notified") false; :set ($Metric->"parent") ($HostInfo->"parent"); @@ -199,7 +199,7 @@ :if ($HostInfo->"no-down-notification" != true) do={ $SendNotification2 ({ origin=[ $EitherOr ($HostInfo->"origin") $ScriptName ]; silent=($HostInfo->"silent"); \ subject=([ $SymbolForNotification "cross-mark" ] . "Netwatch Notify: " . $Name . " down"); \ - message=$Message }); + message=$Message; link=($HostInfo->"link") }); } :set ($Metric->"notified") true; } diff --git a/news-and-changes.rsc b/news-and-changes.rsc index 6b0a538..1f1094d 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -48,6 +48,7 @@ 121="The 'wifiwave2' scripts are finally gone. Development continues with 'wifi' in RouterOS 7.13 and later."; 122="The global configuration was enhanced to support loading snippets. Configuration can be split off to scripts where name starts with 'global-config-overlay.d/'."; 123="Introduced new function '\$LogPrint', and deprecated '\$LogPrintExit2'. Please update custom scripts if you use it."; + 124="Added support for links in 'netwatch-notify', these are added below the formatted notification text."; }; # Migration steps to be applied on script updates From 9b4e5ce369b4061f0d4b02f7cbcf9898cf86d0f0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 14 Mar 2024 22:12:03 +0100 Subject: [PATCH 411/908] global-functions: $SymbolByUnicodeName: add these for later use --- global-functions.rsc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index e4d0fd2..2a3c0dd 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1365,6 +1365,9 @@ "mobile-phone"="\F0\9F\93\B1"; "pushpin"="\F0\9F\93\8C"; "scissors"="\E2\9C\82"; + "smiley-partying-face"="\F0\9F\A5\B3"; + "smiley-smiling-face"="\E2\98\BA"; + "smiley-winking-face-with-tongue"="\F0\9F\98\9C"; "sparkles"="\E2\9C\A8"; "speech-balloon"="\F0\9F\92\AC"; "star"="\E2\AD\90"; From eb03a4608bdff08dcbb8ef5776931485625e26f4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 15 Mar 2024 10:05:32 +0100 Subject: [PATCH 412/908] global-functions: $ScriptInstallUpdate: use shorter url --- global-functions.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 2a3c0dd..206c345 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1171,7 +1171,7 @@ "This project is developed in private spare time and usage is " . \ "free of charge for you. If you like the scripts and think this is " . \ "of value for you or your business please consider a donation."); - :set Link "https://git.eworm.de/cgit/routeros-scripts/about/#donate"; + :set Link "https://rsc.eworm.de/#donate"; } $SendNotification2 ({ origin=$0; \ From 2cf4f333d4ab3a0db2742965a430a5d5836c588b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 15 Mar 2024 11:26:44 +0100 Subject: [PATCH 413/908] README: add QR code with (shortened) upstream url --- README.d/upstream.png | Bin 0 -> 207 bytes README.md | 2 ++ 2 files changed, 2 insertions(+) create mode 100644 README.d/upstream.png diff --git a/README.d/upstream.png b/README.d/upstream.png new file mode 100644 index 0000000000000000000000000000000000000000..fd5e877c7ba42c3475e2ccb0bcacb0d71748b968 GIT binary patch literal 207 zcmeAS@N?(olHy`uVBq!ia0vp^F(Ayy3?y$VI!FU4&H|6fVg?3oArNM~bhqvgP>?Oa zC&cyt|NlT{=%LGXKq}wU#WAGf*4!(Gj4X}kj|hKN)Y?_<3AZsk#ibn!(f6&t;ucLK6VSvPZ)J literal 0 HcmV?d00001 diff --git a/README.md b/README.md index 61b1725..614095a 100644 --- a/README.md +++ b/README.md @@ -366,6 +366,8 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the Upstream -------- +![upstream](README.d/upstream.png) + URL: [GitHub.com](https://github.com/eworm-de/routeros-scripts#routeros-scripts) From 576a2c97cf88b7d1b36907469fb6fd34618523b3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 15 Mar 2024 14:42:50 +0100 Subject: [PATCH 414/908] global-functions: $LogPrintExit2: add deprecation warning --- global-functions.rsc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 206c345..c616724 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -703,6 +703,10 @@ :local Exit [ :tostr $4 ]; :global LogPrint; + :global LogPrintOnce; + + $LogPrintOnce warning $0 \ + ("This function is deprecated and will be removed. Please make your adjustments!"); $LogPrint $1 $2 $3; From eb7919c1d8b4ad5c77e0d120136c4f54e1e157e6 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Sat, 16 Mar 2024 23:10:47 +0100 Subject: [PATCH 415/908] global-functions: generate user agent string in function... ... and add the caller and my shortened url. --- check-certificates.rsc | 2 +- fw-addr-lists.rsc | 4 ++-- global-functions.rsc | 27 ++++++++++++++++----------- 3 files changed, 19 insertions(+), 14 deletions(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index 7504955..9aa24fd 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -48,7 +48,7 @@ :foreach Type in={ ".pem"; ".p12" } do={ :local CertFileName ([ $UrlEncode $Name ] . $Type); :do { - /tool/fetch check-certificate=yes-without-crl http-header-field=({ $FetchUserAgent }) \ + /tool/fetch check-certificate=yes-without-crl http-header-field=({ [ $FetchUserAgent $0 ] }) \ ($CertRenewUrl . $CertFileName) dst-path=$CertFileName as-value; $WaitForFile $CertFileName; diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 64233ac..3a422e8 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -14,12 +14,12 @@ :do { :local ScriptName [ :jobname ]; - :global FetchUserAgent; :global FwAddrLists; :global FwAddrListTimeOut; :global CertificateAvailable; :global EitherOr; + :global FetchUserAgent; :global LogPrint; :global LogPrintOnce; :global ScriptLock; @@ -65,7 +65,7 @@ :if ($Data = false) do={ :do { :set Data ([ /tool/fetch check-certificate=$CheckCertificate output=user \ - http-header-field=({ $FetchUserAgent }) ($List->"url") as-value ]->"data"); + http-header-field=({ [ $FetchUserAgent $ScriptName ] }) ($List->"url") as-value ]->"data"); } on-error={ :if ($I < 4) do={ $LogPrint debug $ScriptName ("Failed downloading, " . $I . ". try: " . $List->"url"); diff --git a/global-functions.rsc b/global-functions.rsc index c616724..8df70f1 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -16,12 +16,6 @@ # global variables not to be changed by user :global GlobalFunctionsReady false; -:global FetchUserAgent; -{ - :local Resource [ /system/resource/get ]; - :set FetchUserAgent ("User-Agent: Mikrotik/" . $Resource->"version" . \ - " " . $Resource->"architecture-name" . " Fetch"); -} :global Identity [ /system/identity/get name ]; # global functions @@ -38,6 +32,7 @@ :global DownloadPackage; :global EitherOr; :global EscapeForRegEx; +:global FetchUserAgent; :global FormatLine; :global FormatMultiLines; :global GetMacVendor; @@ -137,11 +132,11 @@ :set CertificateDownload do={ :local CommonName [ :tostr $1 ]; - :global FetchUserAgent; :global ScriptUpdatesBaseUrl; :global ScriptUpdatesUrlSuffix; :global CertificateNameByCN; + :global FetchUserAgent; :global LogPrint; :global UrlEncode; :global WaitForFile; @@ -151,7 +146,7 @@ :do { :local LocalFileName ($CommonName . ".pem"); :local UrlFileName ([ $UrlEncode $CommonName ] . ".pem"); - /tool/fetch check-certificate=yes-without-crl http-header-field=({ $FetchUserAgent }) \ + /tool/fetch check-certificate=yes-without-crl http-header-field=({ [ $FetchUserAgent $0 ] }) \ ($ScriptUpdatesBaseUrl . "certs/" . $UrlFileName . $ScriptUpdatesUrlSuffix) \ dst-path=$LocalFileName as-value; $WaitForFile $LocalFileName; @@ -396,6 +391,16 @@ :return $Return; } +# generate user agent string for fetch +:global FetchUserAgent do={ + :local Caller [ :tostr $1 ]; + + :local Resource [ /system/resource/get ]; + + :return ("User-Agent: Mikrotik/" . $Resource->"version" . " " . \ + $Resource->"architecture-name" . " " . $Caller . "/Fetch (https://rsc.eworm.de/)"); +} + # format a line for output :set FormatLine do={ :local Key [ :tostr $1 ]; @@ -975,7 +980,6 @@ :local NewComment [ :tostr $2 ]; :global ExpectedConfigVersion; - :global FetchUserAgent; :global Identity; :global IDonate; :global NoNewsAndChangesNotification; @@ -984,6 +988,7 @@ :global CertificateAvailable; :global EitherOr; + :global FetchUserAgent; :global Grep; :global IfThenElse; :global LogPrint; @@ -1029,7 +1034,7 @@ :local Url ($BaseUrl . $ScriptVal->"name" . ".rsc" . $UrlSuffix); $LogPrint debug $0 ("Fetching script '" . $ScriptVal->"name" . "' from url: " . $Url); :local Result [ /tool/fetch check-certificate=yes-without-crl \ - http-header-field=({ $FetchUserAgent }) $Url output=user as-value ]; + http-header-field=({ [ $FetchUserAgent $0 ] }) $Url output=user as-value ]; :if ($Result->"status" = "finished") do={ :set SourceNew ($Result->"data"); } @@ -1112,7 +1117,7 @@ :local Url ($ScriptUpdatesBaseUrl . "news-and-changes.rsc" . $ScriptUpdatesUrlSuffix); $LogPrint debug $0 ("Fetching news, changes and migration: " . $Url); :local Result [ /tool/fetch check-certificate=yes-without-crl \ - http-header-field=({ $FetchUserAgent }) $Url output=user as-value ]; + http-header-field=({ [ $FetchUserAgent $0 ] }) $Url output=user as-value ]; :if ($Result->"status" = "finished") do={ :set ChangeLogCode ($Result->"data"); } From cd371b69a642d9e3a0bc32795e959c7feef42522 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Sat, 16 Mar 2024 23:27:45 +0100 Subject: [PATCH 416/908] global-functions: $CertificateDownload: download via clean name... ... and rename certificates in repository. --- ...ECC CA-3.pem => Cloudflare-Inc-ECC-CA-3.pem} | 0 ...iCert-Global-G2-TLS-RSA-SHA256-2020-CA1.pem} | 0 ...DigiCert-TLS-Hybrid-ECC-SHA384-2020-CA1.pem} | 0 certs/{GTS CA 1C3.pem => GTS-CA-1C3.pem} | 0 certs/{GTS CA 1P5.pem => GTS-CA-1P5.pem} | 0 ...> GlobalSign-Atlas-R3-DV-TLS-CA-2022-Q3.pem} | 0 ...o-Daddy-Secure-Certificate-Authority-G2.pem} | 0 ...arfield-Secure-Certificate-Authority-G2.pem} | 0 global-functions.rsc | 17 ++++++++--------- 9 files changed, 8 insertions(+), 9 deletions(-) rename certs/{Cloudflare Inc ECC CA-3.pem => Cloudflare-Inc-ECC-CA-3.pem} (100%) rename certs/{DigiCert Global G2 TLS RSA SHA256 2020 CA1.pem => DigiCert-Global-G2-TLS-RSA-SHA256-2020-CA1.pem} (100%) rename certs/{DigiCert TLS Hybrid ECC SHA384 2020 CA1.pem => DigiCert-TLS-Hybrid-ECC-SHA384-2020-CA1.pem} (100%) rename certs/{GTS CA 1C3.pem => GTS-CA-1C3.pem} (100%) rename certs/{GTS CA 1P5.pem => GTS-CA-1P5.pem} (100%) rename certs/{GlobalSign Atlas R3 DV TLS CA 2022 Q3.pem => GlobalSign-Atlas-R3-DV-TLS-CA-2022-Q3.pem} (100%) rename certs/{Go Daddy Secure Certificate Authority - G2.pem => Go-Daddy-Secure-Certificate-Authority-G2.pem} (100%) rename certs/{Starfield Secure Certificate Authority - G2.pem => Starfield-Secure-Certificate-Authority-G2.pem} (100%) diff --git a/certs/Cloudflare Inc ECC CA-3.pem b/certs/Cloudflare-Inc-ECC-CA-3.pem similarity index 100% rename from certs/Cloudflare Inc ECC CA-3.pem rename to certs/Cloudflare-Inc-ECC-CA-3.pem diff --git a/certs/DigiCert Global G2 TLS RSA SHA256 2020 CA1.pem b/certs/DigiCert-Global-G2-TLS-RSA-SHA256-2020-CA1.pem similarity index 100% rename from certs/DigiCert Global G2 TLS RSA SHA256 2020 CA1.pem rename to certs/DigiCert-Global-G2-TLS-RSA-SHA256-2020-CA1.pem diff --git a/certs/DigiCert TLS Hybrid ECC SHA384 2020 CA1.pem b/certs/DigiCert-TLS-Hybrid-ECC-SHA384-2020-CA1.pem similarity index 100% rename from certs/DigiCert TLS Hybrid ECC SHA384 2020 CA1.pem rename to certs/DigiCert-TLS-Hybrid-ECC-SHA384-2020-CA1.pem diff --git a/certs/GTS CA 1C3.pem b/certs/GTS-CA-1C3.pem similarity index 100% rename from certs/GTS CA 1C3.pem rename to certs/GTS-CA-1C3.pem diff --git a/certs/GTS CA 1P5.pem b/certs/GTS-CA-1P5.pem similarity index 100% rename from certs/GTS CA 1P5.pem rename to certs/GTS-CA-1P5.pem diff --git a/certs/GlobalSign Atlas R3 DV TLS CA 2022 Q3.pem b/certs/GlobalSign-Atlas-R3-DV-TLS-CA-2022-Q3.pem similarity index 100% rename from certs/GlobalSign Atlas R3 DV TLS CA 2022 Q3.pem rename to certs/GlobalSign-Atlas-R3-DV-TLS-CA-2022-Q3.pem diff --git a/certs/Go Daddy Secure Certificate Authority - G2.pem b/certs/Go-Daddy-Secure-Certificate-Authority-G2.pem similarity index 100% rename from certs/Go Daddy Secure Certificate Authority - G2.pem rename to certs/Go-Daddy-Secure-Certificate-Authority-G2.pem diff --git a/certs/Starfield Secure Certificate Authority - G2.pem b/certs/Starfield-Secure-Certificate-Authority-G2.pem similarity index 100% rename from certs/Starfield Secure Certificate Authority - G2.pem rename to certs/Starfield-Secure-Certificate-Authority-G2.pem diff --git a/global-functions.rsc b/global-functions.rsc index 8df70f1..ca238ba 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -136,25 +136,24 @@ :global ScriptUpdatesUrlSuffix; :global CertificateNameByCN; + :global CleanName; :global FetchUserAgent; :global LogPrint; - :global UrlEncode; :global WaitForFile; $LogPrint info $0 ("Downloading and importing certificate with " . \ "CommonName \"" . $CommonName . "\"."); :do { - :local LocalFileName ($CommonName . ".pem"); - :local UrlFileName ([ $UrlEncode $CommonName ] . ".pem"); + :local FileName ([ $CleanName $CommonName ] . ".pem"); /tool/fetch check-certificate=yes-without-crl http-header-field=({ [ $FetchUserAgent $0 ] }) \ - ($ScriptUpdatesBaseUrl . "certs/" . $UrlFileName . $ScriptUpdatesUrlSuffix) \ - dst-path=$LocalFileName as-value; - $WaitForFile $LocalFileName; - /certificate/import file-name=$LocalFileName passphrase="" as-value; + ($ScriptUpdatesBaseUrl . "certs/" . $FileName . $ScriptUpdatesUrlSuffix) \ + dst-path=$FileName as-value; + $WaitForFile $FileName; + /certificate/import file-name=$FileName passphrase="" as-value; :delay 1s; - /file/remove $LocalFileName; + /file/remove $FileName; - :foreach Cert in=[ /certificate/find where name~("^" . $LocalFileName . "_[0-9]+\$") ] do={ + :foreach Cert in=[ /certificate/find where name~("^" . $FileName . "_[0-9]+\$") ] do={ $CertificateNameByCN [ /certificate/get $Cert common-name ]; } } on-error={ From 079249f3d7a1c4c11aa2b4d93b3cf239b0f5da0d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 18 Mar 2024 09:31:40 +0100 Subject: [PATCH 417/908] check-routeros-update: use custom user agent string --- check-routeros-update.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index e209610..fde7cb5 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -24,6 +24,7 @@ :global DeviceInfo; :global EscapeForRegEx; + :global FetchUserAgent; :global LogPrint; :global ScriptFromTerminal; :global ScriptLock; @@ -108,7 +109,8 @@ :do { :set Result [ /tool/fetch check-certificate=yes-without-crl \ ($SafeUpdateUrl . $Update->"channel" . "?installed=" . $Update->"installed-version" . \ - "&latest=" . $Update->"latest-version") output=user as-value ]; + "&latest=" . $Update->"latest-version") http-header-field=({ [ $FetchUserAgent $ScriptName ] }) \ + output=user as-value ]; } on-error={ $LogPrint warning $ScriptName ("Failed receiving safe version for " . $Update->"channel" . "."); } From be231ce4f3a3d829e7892b6f17751d04991ccd42 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 18 Mar 2024 13:46:46 +0100 Subject: [PATCH 418/908] global-config: prepare a (commented) address-list for Mikrotik This is AS51894: https://bgp.he.net/AS51894 --- global-config.rsc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/global-config.rsc b/global-config.rsc index 2b688bc..63a4a3f 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -104,6 +104,10 @@ # { url="https://www.spamhaus.org/drop/edrop.txt"; # cert="Cloudflare Inc ECC CA-3" }; }; +# "mikrotik"={ +# { url="https://eworm.de/ros/fw-addr-lists/mikrotik"; +# cert="E1"; timeout=1w }; +# }; }; :global FwAddrListTimeOut 1d; From 6845eb69b3fb47038bb3d69ba239fd8678447409 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 20 Mar 2024 13:34:37 +0100 Subject: [PATCH 419/908] global-config: put example fw-addr-lists into repository --- fw-addr-lists.d/allow | 3 +++ fw-addr-lists.d/block | 5 +++++ fw-addr-lists.d/mikrotik | 5 +++++ global-config.rsc | 6 +++--- 4 files changed, 16 insertions(+), 3 deletions(-) create mode 100644 fw-addr-lists.d/allow create mode 100644 fw-addr-lists.d/block create mode 100644 fw-addr-lists.d/mikrotik diff --git a/fw-addr-lists.d/allow b/fw-addr-lists.d/allow new file mode 100644 index 0000000..8b59ed7 --- /dev/null +++ b/fw-addr-lists.d/allow @@ -0,0 +1,3 @@ +# an ip address list for use with fw-addr-lists script +# https://git.eworm.de/cgit/routeros-scripts/about/doc/fw-addr-lists.md +git.eworm.de diff --git a/fw-addr-lists.d/block b/fw-addr-lists.d/block new file mode 100644 index 0000000..5e9fef2 --- /dev/null +++ b/fw-addr-lists.d/block @@ -0,0 +1,5 @@ +# an ip address list for use with fw-addr-lists script +# https://git.eworm.de/cgit/routeros-scripts/about/doc/fw-addr-lists.md + +# example.net +93.184.216.34 diff --git a/fw-addr-lists.d/mikrotik b/fw-addr-lists.d/mikrotik new file mode 100644 index 0000000..3b31a94 --- /dev/null +++ b/fw-addr-lists.d/mikrotik @@ -0,0 +1,5 @@ +# AS51894 Mikrotikls SIA +# https://bgp.he.net/AS51894 +159.148.147.0/24 +159.148.172.0/24 +2a02:610:7501::/48 diff --git a/global-config.rsc b/global-config.rsc index 63a4a3f..f393abb 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -87,11 +87,11 @@ # This defines the settings for firewall address-lists (fw-addr-lists). :global FwAddrLists { # "allow"={ -# { url="https://eworm.de/ros/fw-addr-lists/allow"; +# { url="https://git.eworm.de/cgit/routeros-scripts/plain/fw-addr-lists.d/allow"; # cert="E1"; timeout=1w }; # }; "block"={ -# { url="https://eworm.de/ros/fw-addr-lists/block"; +# { url="https://git.eworm.de/cgit/routeros-scripts/plain/fw-addr-lists.d/block"; # cert="E1" }; { url="https://feodotracker.abuse.ch/downloads/ipblocklist_recommended.txt"; cert="GlobalSign Atlas R3 DV TLS CA 2022 Q3" }; @@ -105,7 +105,7 @@ # cert="Cloudflare Inc ECC CA-3" }; }; # "mikrotik"={ -# { url="https://eworm.de/ros/fw-addr-lists/mikrotik"; +# { url="https://git.eworm.de/cgit/routeros-scripts/plain/fw-addr-lists.d/mikrotik"; # cert="E1"; timeout=1w }; # }; }; From 81f1d9aa99b928fea43612a9e2e58e4c17eee7d6 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 20 Mar 2024 13:55:55 +0100 Subject: [PATCH 420/908] check-certificates: pass script name into local function --- check-certificates.rsc | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index 9aa24fd..ab78e22 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -31,7 +31,8 @@ :global WaitFullyConnected; :local CheckCertificatesDownloadImport do={ - :local Name [ :tostr $1 ]; + :local ScriptName [ :tostr $1 ]; + :local Name [ :tostr $2 ]; :global CertRenewUrl; :global CertRenewPass; @@ -48,7 +49,7 @@ :foreach Type in={ ".pem"; ".p12" } do={ :local CertFileName ([ $UrlEncode $Name ] . $Type); :do { - /tool/fetch check-certificate=yes-without-crl http-header-field=({ [ $FetchUserAgent $0 ] }) \ + /tool/fetch check-certificate=yes-without-crl http-header-field=({ [ $FetchUserAgent $ScriptName ] }) \ ($CertRenewUrl . $CertFileName) dst-path=$CertFileName as-value; $WaitForFile $CertFileName; @@ -62,7 +63,7 @@ /file/remove [ find where name=$CertFileName ]; :if ($DecryptionFailed = true) do={ - $LogPrint warning $0 ("Decryption failed for certificate file '" . $CertFileName . "'."); + $LogPrint warning $ScriptName ("Decryption failed for certificate file '" . $CertFileName . "'."); } :foreach CertInChain in=[ /certificate/find where name~("^" . [ $EscapeForRegEx $CertFileName ] . "_[0-9]+\$") \ @@ -72,7 +73,7 @@ :set Return true; } on-error={ - $LogPrint debug $0 ("Could not download certificate file '" . $CertFileName . "'."); + $LogPrint debug $ScriptName ("Could not download certificate file '" . $CertFileName . "'."); } } @@ -150,11 +151,11 @@ :local ImportSuccess false; :set LastName ($CertVal->"common-name"); - :set ImportSuccess [ $CheckCertificatesDownloadImport $LastName ]; + :set ImportSuccess [ $CheckCertificatesDownloadImport $ScriptName $LastName ]; :foreach SAN in=($CertVal->"subject-alt-name") do={ :if ($ImportSuccess = false) do={ :set LastName [ :pick $SAN ([ :find $SAN ":" ] + 1) [ :len $SAN ] ]; - :set ImportSuccess [ $CheckCertificatesDownloadImport $LastName ]; + :set ImportSuccess [ $CheckCertificatesDownloadImport $ScriptName $LastName ]; } } :if ($ImportSuccess = false) do={ :error false; } From 6628d9f9665cc224423c904ef65d84a25c8de817 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 20 Mar 2024 13:59:44 +0100 Subject: [PATCH 421/908] netwatch-notify: pass script name into local functions --- netwatch-notify.rsc | 30 ++++++++++++++++-------------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index adcfc37..bdabe2e 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -27,10 +27,11 @@ :global SymbolForNotification; :local NetwatchNotifyHook do={ - :local Name [ :tostr $1 ]; - :local Type [ :tostr $2 ]; - :local State [ :tostr $3 ]; - :local Hook [ :tostr $4 ]; + :local ScriptName [ :tostr $1 ]; + :local Name [ :tostr $2 ]; + :local Type [ :tostr $3 ]; + :local State [ :tostr $4 ]; + :local Hook [ :tostr $5 ]; :global LogPrint; :global ValidateSyntax; @@ -39,25 +40,26 @@ :do { [ :parse $Hook ]; } on-error={ - $LogPrint warning $0 ("The " . $State . "-hook for " . $Type . " '" . $Name . "' failed to run."); + $LogPrint warning $ScriptName ("The " . $State . "-hook for " . $Type . " '" . $Name . "' failed to run."); :return ("The hook failed to run."); } } else={ - $LogPrint warning $0 ("The " . $State . "-hook for " . $Type . " '" . $Name . "' failed syntax validation."); + $LogPrint warning $ScriptName ("The " . $State . "-hook for " . $Type . " '" . $Name . "' failed syntax validation."); :return ("The hook failed syntax validation."); } - $LogPrint info $0 ("Ran hook on " . $Type . " '" . $Name . "' " . $State . ": " . $Hook); + $LogPrint info $ScriptName ("Ran hook on " . $Type . " '" . $Name . "' " . $State . ": " . $Hook); :return ("Ran hook:\n" . $Hook); } :local ResolveExpected do={ - :local Name [ :tostr $1 ]; - :local Expected [ :tostr $2 ]; + :local ScriptName [ :tostr $1 ]; + :local Name [ :tostr $2 ]; + :local Expected [ :tostr $3 ]; :global GetRandom20CharAlNum; - :local FwAddrList ($0 . "-" . [ $GetRandom20CharAlNum ]); + :local FwAddrList ($ScriptName . "-" . [ $GetRandom20CharAlNum ]); /ip/firewall/address-list/add address=$Name list=$FwAddrList dynamic=yes timeout=1s; :delay 20ms; :if ([ :len [ /ip/firewall/address-list/find where list=$FwAddrList address=$Expected ] ] > 0) do={ @@ -102,7 +104,7 @@ :do { :local Resolve [ :resolve ($HostInfo->"resolve") ]; :if ($Resolve != $HostVal->"host") do={ - :if ([ $ResolveExpected ($HostInfo->"resolve") ($HostVal->"host") ] = false) do={ + :if ([ $ResolveExpected $ScriptName ($HostInfo->"resolve") ($HostVal->"host") ] = false) do={ $LogPrint info $ScriptName ("Name '" . $HostInfo->"resolve" . [ $IfThenElse \ ($HostInfo->"resolve" != $HostInfo->"name") ("' for " . $Type . " '" . \ $HostInfo->"name") "" ] . "' resolves to different address " . $Resolve . \ @@ -139,7 +141,7 @@ :set Message ($Message . "\n\nNote:\n" . ($HostInfo->"note")); } :if ([ :typeof ($HostInfo->"up-hook") ] = "str") do={ - :set Message ($Message . "\n\n" . [ $NetwatchNotifyHook $Name $Type "up" \ + :set Message ($Message . "\n\n" . [ $NetwatchNotifyHook $ScriptName $Name $Type "up" \ ($HostInfo->"up-hook") ]); } $SendNotification2 ({ origin=[ $EitherOr ($HostInfo->"origin") $ScriptName ]; silent=($HostInfo->"silent"); \ @@ -183,7 +185,7 @@ } :if ((($CountDown * 2) - ($Metric->"count-down" * 3)) / 2 = 0 && \ [ :typeof ($HostInfo->"pre-down-hook") ] = "str") do={ - $NetwatchNotifyHook $Name $Type "pre-down" ($HostInfo->"pre-down-hook"); + $NetwatchNotifyHook $ScriptName $Name $Type "pre-down" ($HostInfo->"pre-down-hook"); } :if ($ParentNotified = false && $Metric->"count-down" >= $CountDown && \ ($ParentUp = false || $ParentUp > 2) && $Metric->"notified" != true) do={ @@ -193,7 +195,7 @@ :set Message ($Message . "\n\nNote:\n" . ($HostInfo->"note")); } :if ([ :typeof ($HostInfo->"down-hook") ] = "str") do={ - :set Message ($Message . "\n\n" . [ $NetwatchNotifyHook $Name $Type "down" \ + :set Message ($Message . "\n\n" . [ $NetwatchNotifyHook $ScriptName $Name $Type "down" \ ($HostInfo->"down-hook") ]); } :if ($HostInfo->"no-down-notification" != true) do={ From cc81e556491c40d9b2a0d164eda16e196ac72aa6 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 21 Mar 2024 13:39:56 +0100 Subject: [PATCH 422/908] telegram-chat: improve readability with symbols --- global-functions.rsc | 1 + telegram-chat.rsc | 15 +++++++++------ 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index ca238ba..1b1a8c8 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1361,6 +1361,7 @@ "earth"="\F0\9F\8C\8D"; "fire"="\F0\9F\94\A5"; "floppy-disk"="\F0\9F\92\BE"; + "gear"="\E2\9A\99"; "heart"="\E2\99\A5"; "high-voltage-sign"="\E2\9A\A1"; "incoming-envelope"="\F0\9F\93\A8"; diff --git a/telegram-chat.rsc b/telegram-chat.rsc index c81b714..4245cfd 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -136,23 +136,26 @@ :execute script=(":do {\n" . $Message->"text" . "\n} on-error={ /file/add name=\"" . $File . ".failed\" };" . \ "/file/add name=\"" . $File . ".done\"") file=($File . "\00"); :if ([ $WaitForFile ($File . ".done") [ $EitherOr $TelegramChatRunTime 20s ] ] = false) do={ - :set State "The command did not finish, still running in background.\n\n"; + :set State ([ $SymbolForNotification "warning-sign" ] . "The command did not finish, still running in background.\n\n"); } :if ([ :len [ /file/find where name=($File . ".failed") ] ] > 0) do={ - :set State "The command failed with an error!\n\n"; + :set State ([ $SymbolForNotification "cross-mark" ] . "The command failed with an error!\n\n"); } :local Content [ /file/get $File contents ]; $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=true; replyto=($Message->"message_id"); \ subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ - message=("Command:\n" . $Message->"text" . "\n\n" . $State . [ $IfThenElse ([ :len $Content ] > 0) \ - ("Output:\n" . $Content) [ $IfThenElse ([ /file/get $File size ] > 0) \ - ("Output exceeds file read size.") ("No output.") ] ]) }); + message=([ $SymbolForNotification "gear" ] . "Command:\n" . $Message->"text" . "\n\n" . \ + $State . [ $IfThenElse ([ :len $Content ] > 0) \ + ([ $SymbolForNotification "memo" ] . "Output:\n" . $Content) [ $IfThenElse ([ /file/get $File size ] > 0) \ + ([ $SymbolForNotification "warning-sign" ] . "Output exceeds file read size.") \ + ([ $SymbolForNotification "memo" ] . "No output.") ] ]) }); /file/remove "tmpfs/telegram-chat"; } else={ $LogPrint info $ScriptName ("The command from update " . $UpdateID . " failed syntax validation!"); $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=false; replyto=($Message->"message_id"); \ subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ - message=("Command:\n" . $Message->"text" . "\n\nThe command failed syntax validation!") }); + message=([ $SymbolForNotification "gear" ] . "Command:\n" . $Message->"text" . "\n\n" . \ + [ $SymbolForNotification "cross-mark" ] . "The command failed syntax validation!") }); } } } else={ From f72aadfc591ece4c79522256e5b6a4d71fb18467 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 21 Mar 2024 21:10:51 +0100 Subject: [PATCH 423/908] telegram-chat: note active state when answering broadcast --- telegram-chat.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/telegram-chat.rsc b/telegram-chat.rsc index 4245cfd..9ae5967 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -111,7 +111,7 @@ $LogPrint info $ScriptName ("Sending notice for update " . $UpdateID . "."); $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=true; replyto=($Message->"message_id"); \ subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ - message=("Online, awaiting your commands!") }); + message=("Online" . [ $IfThenElse $TelegramChatActive " (and active!)" ] . ", awaiting your commands!") }); :set Done true; } :if ($Done = false && [ :pick ($Message->"text") 0 1 ] = "!") do={ From 9ec8b9c03fbd5529eee0d62417d5de8ffc72abd4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 26 Mar 2024 08:37:07 +0100 Subject: [PATCH 424/908] fw-addr-lists: one more interation on download failure... ... with even more delay. This script is called with long interval from scheduler, so should not be an issue. --- fw-addr-lists.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 3a422e8..887263e 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -61,13 +61,13 @@ } } - :for I from=1 to=4 do={ + :for I from=1 to=5 do={ :if ($Data = false) do={ :do { :set Data ([ /tool/fetch check-certificate=$CheckCertificate output=user \ http-header-field=({ [ $FetchUserAgent $ScriptName ] }) ($List->"url") as-value ]->"data"); } on-error={ - :if ($I < 4) do={ + :if ($I < 5) do={ $LogPrint debug $ScriptName ("Failed downloading, " . $I . ". try: " . $List->"url"); :delay (($I * $I) . "s"); } From bd2301a28cf34bb0302487719a82a40cd64fa4ef Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 26 Mar 2024 13:51:44 +0100 Subject: [PATCH 425/908] global-functions: $LogPrintOnce: indicate action via return --- global-functions.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 1b1a8c8..59ba039 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -734,11 +734,12 @@ } :if ($LogPrintOnceMessages->$Message = 1) do={ - :return true; + :return false; } :set ($LogPrintOnceMessages->$Message) 1; $LogPrint $Severity $Name $Message; + :return true; } # get max value From 43ecec854fccb27bdf4424d684f72519f75e0484 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 27 Mar 2024 07:43:32 +0100 Subject: [PATCH 426/908] global-functions: $LogPrintOnce: detect and warn on possible crash --- global-functions.rsc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 59ba039..b3d8719 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -737,6 +737,11 @@ :return false; } + :if ([ :len [ /log/find where message=($Name . ": " . $Message) ] ] > 0) do={ + $LogPrint warning $0 \ + ("The message is already in log, scripting subsystem may have crashed before!"); + } + :set ($LogPrintOnceMessages->$Message) 1; $LogPrint $Severity $Name $Message; :return true; From 7212d8bd23c555970e22fa43edb56dabfe14b820 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 27 Mar 2024 22:17:06 +0100 Subject: [PATCH 427/908] packages-update: do not reboot when scheduled --- packages-update.rsc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/packages-update.rsc b/packages-update.rsc index 2723b3b..0208b1e 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -130,10 +130,12 @@ :put "Do you want to (s)chedule reboot or (r)eboot now? [s/R]"; :if (([ /terminal/inkey timeout=60 ] % 32) = 19) do={ $Schedule $ScriptName; + :error true; } } else={ :if ($PackagesUpdateDeferReboot = true) do={ $Schedule $ScriptName; + :error true; } } From 1d816d94f60ed953e67760bf2f567442002c0a6f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 27 Mar 2024 22:58:33 +0100 Subject: [PATCH 428/908] global-functions: $FetchUserAgent: set declared function only --- global-functions.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index b3d8719..35eeca9 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -391,7 +391,7 @@ } # generate user agent string for fetch -:global FetchUserAgent do={ +:set FetchUserAgent do={ :local Caller [ :tostr $1 ]; :local Resource [ /system/resource/get ]; From acf8e88db2c3a96b1d196d29e19f3f65be9c21eb Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 27 Mar 2024 23:00:27 +0100 Subject: [PATCH 429/908] global-functions: $AlignRight: set declared function only --- global-functions.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 35eeca9..919ffbe 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -79,7 +79,7 @@ :global WaitTimeSync; # align string to the right -:global AlignRight do={ +:set AlignRight do={ :local Input [ :tostr $1 ]; :local Len [ :tonum $2 ]; From bbdc9c65f50d2d290e4cd15a8c49ec0cb36a347d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 27 Mar 2024 23:01:07 +0100 Subject: [PATCH 430/908] global-functions: $HumanReadableNum: set declared function only --- global-functions.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 919ffbe..17ccda8 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -528,7 +528,7 @@ } # return human readable number -:global HumanReadableNum do={ +:set HumanReadableNum do={ :local Input [ :tonum $1 ]; :local Base [ :tonum $2 ]; From 4df1468e2569dfc1603876e24a9be933dc8cf8f2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 29 Mar 2024 11:09:22 +0100 Subject: [PATCH 431/908] global-functions: rename $FetchUserAgent -> $FetchUserAgentStr ... to make sure the function does not clash with the variable we had before, as this causes issue with news and changes notification. --- check-certificates.rsc | 4 ++-- check-routeros-update.rsc | 4 ++-- fw-addr-lists.rsc | 4 ++-- global-functions.rsc | 14 +++++++------- 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index ab78e22..20e2902 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -39,7 +39,7 @@ :global CertificateNameByCN; :global EscapeForRegEx; - :global FetchUserAgent; + :global FetchUserAgentStr; :global LogPrint; :global UrlEncode; :global WaitForFile; @@ -49,7 +49,7 @@ :foreach Type in={ ".pem"; ".p12" } do={ :local CertFileName ([ $UrlEncode $Name ] . $Type); :do { - /tool/fetch check-certificate=yes-without-crl http-header-field=({ [ $FetchUserAgent $ScriptName ] }) \ + /tool/fetch check-certificate=yes-without-crl http-header-field=({ [ $FetchUserAgentStr $ScriptName ] }) \ ($CertRenewUrl . $CertFileName) dst-path=$CertFileName as-value; $WaitForFile $CertFileName; diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index fde7cb5..c9ab93b 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -24,7 +24,7 @@ :global DeviceInfo; :global EscapeForRegEx; - :global FetchUserAgent; + :global FetchUserAgentStr; :global LogPrint; :global ScriptFromTerminal; :global ScriptLock; @@ -109,7 +109,7 @@ :do { :set Result [ /tool/fetch check-certificate=yes-without-crl \ ($SafeUpdateUrl . $Update->"channel" . "?installed=" . $Update->"installed-version" . \ - "&latest=" . $Update->"latest-version") http-header-field=({ [ $FetchUserAgent $ScriptName ] }) \ + "&latest=" . $Update->"latest-version") http-header-field=({ [ $FetchUserAgentStr $ScriptName ] }) \ output=user as-value ]; } on-error={ $LogPrint warning $ScriptName ("Failed receiving safe version for " . $Update->"channel" . "."); diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 887263e..68775b4 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -19,7 +19,7 @@ :global CertificateAvailable; :global EitherOr; - :global FetchUserAgent; + :global FetchUserAgentStr; :global LogPrint; :global LogPrintOnce; :global ScriptLock; @@ -65,7 +65,7 @@ :if ($Data = false) do={ :do { :set Data ([ /tool/fetch check-certificate=$CheckCertificate output=user \ - http-header-field=({ [ $FetchUserAgent $ScriptName ] }) ($List->"url") as-value ]->"data"); + http-header-field=({ [ $FetchUserAgentStr $ScriptName ] }) ($List->"url") as-value ]->"data"); } on-error={ :if ($I < 5) do={ $LogPrint debug $ScriptName ("Failed downloading, " . $I . ". try: " . $List->"url"); diff --git a/global-functions.rsc b/global-functions.rsc index 17ccda8..1e98019 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -32,7 +32,7 @@ :global DownloadPackage; :global EitherOr; :global EscapeForRegEx; -:global FetchUserAgent; +:global FetchUserAgentStr; :global FormatLine; :global FormatMultiLines; :global GetMacVendor; @@ -137,7 +137,7 @@ :global CertificateNameByCN; :global CleanName; - :global FetchUserAgent; + :global FetchUserAgentStr; :global LogPrint; :global WaitForFile; @@ -145,7 +145,7 @@ "CommonName \"" . $CommonName . "\"."); :do { :local FileName ([ $CleanName $CommonName ] . ".pem"); - /tool/fetch check-certificate=yes-without-crl http-header-field=({ [ $FetchUserAgent $0 ] }) \ + /tool/fetch check-certificate=yes-without-crl http-header-field=({ [ $FetchUserAgentStr $0 ] }) \ ($ScriptUpdatesBaseUrl . "certs/" . $FileName . $ScriptUpdatesUrlSuffix) \ dst-path=$FileName as-value; $WaitForFile $FileName; @@ -391,7 +391,7 @@ } # generate user agent string for fetch -:set FetchUserAgent do={ +:set FetchUserAgentStr do={ :local Caller [ :tostr $1 ]; :local Resource [ /system/resource/get ]; @@ -993,7 +993,7 @@ :global CertificateAvailable; :global EitherOr; - :global FetchUserAgent; + :global FetchUserAgentStr; :global Grep; :global IfThenElse; :global LogPrint; @@ -1039,7 +1039,7 @@ :local Url ($BaseUrl . $ScriptVal->"name" . ".rsc" . $UrlSuffix); $LogPrint debug $0 ("Fetching script '" . $ScriptVal->"name" . "' from url: " . $Url); :local Result [ /tool/fetch check-certificate=yes-without-crl \ - http-header-field=({ [ $FetchUserAgent $0 ] }) $Url output=user as-value ]; + http-header-field=({ [ $FetchUserAgentStr $0 ] }) $Url output=user as-value ]; :if ($Result->"status" = "finished") do={ :set SourceNew ($Result->"data"); } @@ -1122,7 +1122,7 @@ :local Url ($ScriptUpdatesBaseUrl . "news-and-changes.rsc" . $ScriptUpdatesUrlSuffix); $LogPrint debug $0 ("Fetching news, changes and migration: " . $Url); :local Result [ /tool/fetch check-certificate=yes-without-crl \ - http-header-field=({ [ $FetchUserAgent $0 ] }) $Url output=user as-value ]; + http-header-field=({ [ $FetchUserAgentStr $0 ] }) $Url output=user as-value ]; :if ($Result->"status" = "finished") do={ :set ChangeLogCode ($Result->"data"); } From bdcf5b327518e5c8806bdb9a1896f86523ec2925 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 14 Mar 2024 22:32:15 +0100 Subject: [PATCH 432/908] news on charge and fees --- global-functions.rsc | 2 +- news-and-changes.rsc | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 1e98019..bd72313 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -12,7 +12,7 @@ :local ScriptName [ :jobname ]; # expected configuration version -:global ExpectedConfigVersion 124; +:global ExpectedConfigVersion 125; # global variables not to be changed by user :global GlobalFunctionsReady false; diff --git a/news-and-changes.rsc b/news-and-changes.rsc index 1f1094d..e66ad2e 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -49,6 +49,7 @@ 122="The global configuration was enhanced to support loading snippets. Configuration can be split off to scripts where name starts with 'global-config-overlay.d/'."; 123="Introduced new function '\$LogPrint', and deprecated '\$LogPrintExit2'. Please update custom scripts if you use it."; 124="Added support for links in 'netwatch-notify', these are added below the formatted notification text."; + 125=("Donations do not pay off, thus I will start charging fees soon: 5\C2\A2 each notification, 20\C2\A2 each backup, 50\C2\A2 for script updates. Please add credit card information and mail address for invoice."); }; # Migration steps to be applied on script updates @@ -57,4 +58,5 @@ 100=":global ScriptInstallUpdate; :if ([ :len [ /system/script/find where name=\"ssh-keys-import\" source~\"^#!rsc by RouterOS\\n\" ] ] > 0) do={ /system/script/set name=\"mod/ssh-keys-import\" ssh-keys-import; \$ScriptInstallUpdate; }"; 104=":global CharacterReplace; :global ScriptInstallUpdate; :foreach Script in={ \"capsman-download-packages\"; \"capsman-rolling-upgrade\"; \"hotspot-to-wpa\"; \"hotspot-to-wpa-cleanup\" } do={ /system/script/set name=(\$Script . \".capsman\") [ find where name=\$Script ]; :foreach Scheduler in=[ /system/scheduler/find where on-event~(\$Script . \"([^-.]|\\\$)\") ] do={ /system/scheduler/set \$Scheduler on-event=[ \$CharacterReplace [ get \$Scheduler on-event ] \$Script (\$Script . \".capsman\") ]; }; }; /ip/hotspot/user/profile/set on-login=\"hotspot-to-wpa.capsman\" [ find where on-login=\"hotspot-to-wpa\" ]; \$ScriptInstallUpdate;"; 111=":local Rec [ /ip/dns/static/find where comment~\"^managed by dhcp-to-dns for \" ]; :if ([ :len \$Rec ] > 0) do={ /ip/dns/static/remove \$Rec; /system/script/run dhcp-to-dns; }"; + 125="/system/scheduler/add interval=20h name=_AprilsFool on-event=\"/system/scheduler/remove _AprilsFool; :global SendNotification; :global SymbolForNotification; \\\$SendNotification ([ \\\$SymbolForNotification \\\"smiley-partying-face\\\" ] . \\\"April's Fool!\\\") (\\\"Just played an April's Fool... Of course this project is and remains open source, free of charge and fees.\\\\n\\\\n(Anyway... Donations are much appreciated, \\\" . [ \\\$SymbolForNotification \\\"smiley-smiling-face\\\" ] . \\\"thanks!)\\\") \\\"https://rsc.eworm.de/#donate\\\";\";"; }; From 1e47c909f08a71d850f252bf5ccec7330e436d05 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 14 Mar 2024 22:36:27 +0100 Subject: [PATCH 433/908] =?UTF-8?q?news=20on=20April's=20Fool!=20?= =?UTF-8?q?=F0=9F=A5=B3=EF=B8=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- news-and-changes.rsc | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/news-and-changes.rsc b/news-and-changes.rsc index e66ad2e..5523c73 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -49,7 +49,7 @@ 122="The global configuration was enhanced to support loading snippets. Configuration can be split off to scripts where name starts with 'global-config-overlay.d/'."; 123="Introduced new function '\$LogPrint', and deprecated '\$LogPrintExit2'. Please update custom scripts if you use it."; 124="Added support for links in 'netwatch-notify', these are added below the formatted notification text."; - 125=("Donations do not pay off, thus I will start charging fees soon: 5\C2\A2 each notification, 20\C2\A2 each backup, 50\C2\A2 for script updates. Please add credit card information and mail address for invoice."); + 125=("April's Fool! " . [ $SymbolForNotification "smiley-partying-face" ] . "Well, you missed it... - no charge nor fees. (Anyway... Donations are much appreciated, " . [ $SymbolForNotification "smiley-smiling-face" ] . "thanks!)"); }; # Migration steps to be applied on script updates @@ -58,5 +58,4 @@ 100=":global ScriptInstallUpdate; :if ([ :len [ /system/script/find where name=\"ssh-keys-import\" source~\"^#!rsc by RouterOS\\n\" ] ] > 0) do={ /system/script/set name=\"mod/ssh-keys-import\" ssh-keys-import; \$ScriptInstallUpdate; }"; 104=":global CharacterReplace; :global ScriptInstallUpdate; :foreach Script in={ \"capsman-download-packages\"; \"capsman-rolling-upgrade\"; \"hotspot-to-wpa\"; \"hotspot-to-wpa-cleanup\" } do={ /system/script/set name=(\$Script . \".capsman\") [ find where name=\$Script ]; :foreach Scheduler in=[ /system/scheduler/find where on-event~(\$Script . \"([^-.]|\\\$)\") ] do={ /system/scheduler/set \$Scheduler on-event=[ \$CharacterReplace [ get \$Scheduler on-event ] \$Script (\$Script . \".capsman\") ]; }; }; /ip/hotspot/user/profile/set on-login=\"hotspot-to-wpa.capsman\" [ find where on-login=\"hotspot-to-wpa\" ]; \$ScriptInstallUpdate;"; 111=":local Rec [ /ip/dns/static/find where comment~\"^managed by dhcp-to-dns for \" ]; :if ([ :len \$Rec ] > 0) do={ /ip/dns/static/remove \$Rec; /system/script/run dhcp-to-dns; }"; - 125="/system/scheduler/add interval=20h name=_AprilsFool on-event=\"/system/scheduler/remove _AprilsFool; :global SendNotification; :global SymbolForNotification; \\\$SendNotification ([ \\\$SymbolForNotification \\\"smiley-partying-face\\\" ] . \\\"April's Fool!\\\") (\\\"Just played an April's Fool... Of course this project is and remains open source, free of charge and fees.\\\\n\\\\n(Anyway... Donations are much appreciated, \\\" . [ \\\$SymbolForNotification \\\"smiley-smiling-face\\\" ] . \\\"thanks!)\\\") \\\"https://rsc.eworm.de/#donate\\\";\";"; }; From 7e5010a60853c946e6e73406031fe0e937bee8df Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 28 Mar 2024 22:33:49 +0100 Subject: [PATCH 434/908] telegram-chat: use :deserialize ... ... instead of $ParseJson. This requires RouterOS 7.13. --- telegram-chat.rsc | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/telegram-chat.rsc b/telegram-chat.rsc index 3d0f397..c1a1cbc 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -34,7 +34,6 @@ :global MAX; :global MIN; :global MkDir; - :global ParseJson; :global RandomDelay; :global ScriptLock; :global SendTelegram2; @@ -86,18 +85,18 @@ :error false; } + :local JSON [ :deserialize from=json value=$Data ]; :local UpdateID 0; :local Uptime [ /system/resource/get uptime ]; - :foreach UpdateArray in=([ $ParseJson $Data ]->"result") do={ - :local Update [ $ParseJson $UpdateArray ]; + :foreach Update in=($JSON->"result") do={ :set UpdateID ($Update->"update_id"); - :local Message [ $ParseJson ($Update->"message") ]; + :local Message ($Update->"message"); :local IsReply [ :len ($Message->"reply_to_message") ]; - :local IsMyReply ($TelegramMessageIDs->([ $ParseJson ($Message->"reply_to_message") ]->"message_id")); + :local IsMyReply ($TelegramMessageIDs->[ :tostr ($Message->"reply_to_message"->"message_id") ]); :if (($IsMyReply = 1 || $TelegramChatOffset->0 > 0 || $Uptime > 5m) && $UpdateID >= $TelegramChatOffset->2) do={ :local Trusted false; - :local Chat [ $ParseJson ($Message->"chat") ]; - :local From [ $ParseJson ($Message->"from") ]; + :local Chat ($Message->"chat"); + :local From ($Message->"from"); :foreach IdsTrusted in=($TelegramChatId, $TelegramChatIdsTrusted) do={ :if ($From->"id" = $IdsTrusted || $From->"username" = $IdsTrusted) do={ From 29bcbc4db9d39573e8c8017e75eea4df7f603c2c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 28 Mar 2024 22:43:18 +0100 Subject: [PATCH 435/908] mod/notification-telegram: use :deserialize ... ... instead of $ParseJson. This requires RouterOS 7.13. --- doc/mod/notification-telegram.md | 2 +- mod/notification-telegram.rsc | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/doc/mod/notification-telegram.md b/doc/mod/notification-telegram.md index cb326f0..159fda9 100644 --- a/doc/mod/notification-telegram.md +++ b/doc/mod/notification-telegram.md @@ -4,7 +4,7 @@ Send notifications via Telegram [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index 506ec80..a43ff10 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -3,6 +3,8 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.13 +# # send notifications via Telegram # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/notification-telegram.md @@ -19,7 +21,6 @@ :global IsFullyConnected; :global LogPrint; - :global ParseJson; :global UrlEncode; :if ([ $IsFullyConnected ] = false) do={ @@ -43,7 +44,7 @@ "&reply_to_message_id=" . ($Message->"replyto") . "&disable_web_page_preview=true" . \ "&parse_mode=MarkdownV2&text=" . [ $UrlEncode ($Message->"text") ]) as-value ]->"data"); :set ($TelegramQueue->$Id); - :set ($TelegramMessageIDs->([ $ParseJson ([ $ParseJson $Data ]->"result") ]->"message_id")) 1; + :set ($TelegramMessageIDs->[ :tostr ([ :deserialize from=json value=$Data ]->"result"->"message_id") ]) 1; } on-error={ $LogPrint debug $0 ("Sending queued Telegram message failed."); :set AllDone false; @@ -75,7 +76,6 @@ :global EitherOr; :global IfThenElse; :global LogPrint; - :global ParseJson; :global SymbolForNotification; :global UrlEncode; @@ -144,7 +144,7 @@ http-data=("chat_id=" . $ChatId . "&disable_notification=" . ($Notification->"silent") . \ "&reply_to_message_id=" . ($Notification->"replyto") . "&disable_web_page_preview=true" . \ "&parse_mode=MarkdownV2&text=" . [ $UrlEncode $Text ]) as-value ]->"data"); - :set ($TelegramMessageIDs->([ $ParseJson ([ $ParseJson $Data ]->"result") ]->"message_id")) 1; + :set ($TelegramMessageIDs->[ :tostr ([ :deserialize from=json value=$Data ]->"result"->"message_id") ]) 1; } on-error={ $LogPrint info $0 ("Failed sending telegram notification! Queuing..."); From bb237dcef3fea8c5a6988cc52b2a0360078faad8 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 28 Mar 2024 22:54:23 +0100 Subject: [PATCH 436/908] mod/notification-matrix: use :deserialize ... ... instead of $ParseJson. This requires RouterOS 7.13. --- doc/mod/notification-matrix.md | 2 +- mod/notification-matrix.rsc | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/doc/mod/notification-matrix.md b/doc/mod/notification-matrix.md index c68b0aa..88628e4 100644 --- a/doc/mod/notification-matrix.md +++ b/doc/mod/notification-matrix.md @@ -4,7 +4,7 @@ Send notifications via Matrix [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/mod/notification-matrix.rsc b/mod/notification-matrix.rsc index aa95841..8234779 100644 --- a/mod/notification-matrix.rsc +++ b/mod/notification-matrix.rsc @@ -4,6 +4,8 @@ # Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.13 +# # send notifications via Matrix # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/notification-matrix.md @@ -183,9 +185,7 @@ :local User [ :tostr $1 ]; :local Pass [ :tostr $2 ]; - :global CharacterReplace; :global LogPrint; - :global ParseJson; :global MatrixAccessToken; :global MatrixHomeServer; @@ -194,7 +194,7 @@ :do { :local Data ([ /tool/fetch check-certificate=yes-without-crl output=user \ ("https://" . $Domain . "/.well-known/matrix/client") as-value ]->"data"); - :set MatrixHomeServer ([ $ParseJson ([ $ParseJson [ $CharacterReplace $Data " " "" ] ]->"m.homeserver") ]->"base_url"); + :set MatrixHomeServer ([ :deserialize from=json value=$Data ]->"m.homeserver"->"base_url"); $LogPrint debug $0 ("Home server is: " . $MatrixHomeServer); } on-error={ $LogPrint error $0 ("Failed getting home server!"); @@ -209,7 +209,7 @@ :local Data ([ /tool/fetch check-certificate=yes-without-crl output=user \ http-method=post http-data=("{\"type\":\"m.login.password\", \"user\":\"" . $User . "\", \"password\":\"" . $Pass . "\"}") \ ("https://" . $MatrixHomeServer . "/_matrix/client/r0/login") as-value ]->"data"); - :set MatrixAccessToken ([ $ParseJson $Data ]->"access_token"); + :set MatrixAccessToken ([ :deserialize from=json value=$Data ]->"access_token"); $LogPrint debug $0 ("Access token is: " . $MatrixAccessToken); } on-error={ $LogPrint error $0 ("Failed logging in (and getting access token)!"); From c01a424f4f41997d1b8b4a45c2bb033f37470393 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 28 Mar 2024 21:29:27 +0100 Subject: [PATCH 437/908] telegram-chat: read file content... ... instead of getting it. This lifts the size limit, though we are still limited by Telegram message size. This requires RouterOS 7.13. --- doc/telegram-chat.md | 7 +++---- global-functions.rsc | 2 +- news-and-changes.rsc | 1 + telegram-chat.rsc | 9 ++++----- 4 files changed, 9 insertions(+), 10 deletions(-) diff --git a/doc/telegram-chat.md b/doc/telegram-chat.md index 2a4af99..eb4acf5 100644 --- a/doc/telegram-chat.md +++ b/doc/telegram-chat.md @@ -4,7 +4,7 @@ Chat with your router and send commands via Telegram bot [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) @@ -130,9 +130,8 @@ send information on its own. Something like this should do the job: ### Output size -RouterOS is limited in reading file content to a size of about four -kilobytes. Reading larger files does just fail, and that is also the limit -for command output. +Telegram messages have a limit of 4096 characters. If output is too large it +is truncated, and a warning is added to the message. ### Sending commands to a group diff --git a/global-functions.rsc b/global-functions.rsc index bd72313..b2ef3a2 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -12,7 +12,7 @@ :local ScriptName [ :jobname ]; # expected configuration version -:global ExpectedConfigVersion 125; +:global ExpectedConfigVersion 126; # global variables not to be changed by user :global GlobalFunctionsReady false; diff --git a/news-and-changes.rsc b/news-and-changes.rsc index 5523c73..2b04c29 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -50,6 +50,7 @@ 123="Introduced new function '\$LogPrint', and deprecated '\$LogPrintExit2'. Please update custom scripts if you use it."; 124="Added support for links in 'netwatch-notify', these are added below the formatted notification text."; 125=("April's Fool! " . [ $SymbolForNotification "smiley-partying-face" ] . "Well, you missed it... - no charge nor fees. (Anyway... Donations are much appreciated, " . [ $SymbolForNotification "smiley-smiling-face" ] . "thanks!)"); + 126="Made 'telegram-chat' capable of handling large command output. Telegram messages still limit the size, so it is truncated now."; }; # Migration steps to be applied on script updates diff --git a/telegram-chat.rsc b/telegram-chat.rsc index 9ae5967..3d0f397 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2023-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # use Telegram to chat with your Router and send commands # https://git.eworm.de/cgit/routeros-scripts/about/doc/telegram-chat.md @@ -141,14 +141,13 @@ :if ([ :len [ /file/find where name=($File . ".failed") ] ] > 0) do={ :set State ([ $SymbolForNotification "cross-mark" ] . "The command failed with an error!\n\n"); } - :local Content [ /file/get $File contents ]; + :local Content ([ /file/read chunk-size=32768 file=$File as-value ]->"data"); $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=true; replyto=($Message->"message_id"); \ subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ message=([ $SymbolForNotification "gear" ] . "Command:\n" . $Message->"text" . "\n\n" . \ $State . [ $IfThenElse ([ :len $Content ] > 0) \ - ([ $SymbolForNotification "memo" ] . "Output:\n" . $Content) [ $IfThenElse ([ /file/get $File size ] > 0) \ - ([ $SymbolForNotification "warning-sign" ] . "Output exceeds file read size.") \ - ([ $SymbolForNotification "memo" ] . "No output.") ] ]) }); + ([ $SymbolForNotification "memo" ] . "Output:\n" . $Content) \ + ([ $SymbolForNotification "memo" ] . "No output.") ]) }); /file/remove "tmpfs/telegram-chat"; } else={ $LogPrint info $ScriptName ("The command from update " . $UpdateID . " failed syntax validation!"); From 4db91ec16eb482d0989435f40373f455f1665f97 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 28 Mar 2024 23:27:57 +0100 Subject: [PATCH 438/908] global-functions: drop $ParseJson --- global-functions.rsc | 61 -------------------------------------------- 1 file changed, 61 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index b2ef3a2..e19ed65 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -56,7 +56,6 @@ :global MkDir; :global NotificationFunctions; :global ParseDate; -:global ParseJson; :global ParseKeyValueStore; :global PrettyPrint; :global RandomDelay; @@ -830,66 +829,6 @@ "day"=[ :tonum [ :pick $Date 8 10 ] ] }); } -# parse JSON into array -# Warning: This is not a complete parser! -:set ParseJson do={ - :local Input [ :tostr $1 ]; - - :local InLen; - :local Return ({}); - :local Skip 0; - - :if ([ :pick $Input 0 ] = "{") do={ - :set Input [ :pick $Input 1 ([ :len $Input ] - 1) ]; - } - :set Input [ :toarray $Input ]; - :set InLen [ :len $Input ]; - - :for I from=0 to=$InLen do={ - :if ($Skip > 0 || $Input->$I = "\n" || $Input->$I = "\r\n") do={ - :if ($Skip > 0) do={ - :set $Skip ($Skip - 1); - } - } else={ - :local Done false; - :local Key ($Input->$I); - :local Val1 ($Input->($I + 1)); - :local Val2 ($Input->($I + 2)); - :if ($Val1 = ":") do={ - :set Skip 2; - :set ($Return->$Key) $Val2; - :set Done true; - } - :if ($Done = false && $Val1 = ":[") do={ - :local Last false; - :set Skip 1; - :set ($Return->$Key) ({}); - :do { - :set Skip ($Skip + 1); - :local ValX ($Input->($I + $Skip)); - :if ([ :pick $ValX ([ :len $ValX ] - 1) ] = "]") do={ - :set Last true; - :set ValX [ :pick $ValX 0 ([ :len $ValX ] - 1) ]; - } - :set ($Return->$Key) (($Return->$Key), $ValX); - } while=($Last = false && $I + $Skip < $InLen); - :set Done true; - } - :if ($Done = false && $Val1 = ":[]") do={ - :set Skip 1; - :set ($Return->$Key) ({}); - :set Done true; - } - :if ($Done = false) do={ - :set Skip 1; - :set ($Return->$Key) [ :pick $Val1 1 [ :len $Val1 ] ]; - } - } - } - - :return $Return; -} - # parse key value store :set ParseKeyValueStore do={ :local Source $1; From 6f6840680359757838664b1ae5f38cc47e90e37a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 1 Apr 2024 23:40:09 +0200 Subject: [PATCH 439/908] mod/notification-matrix: add new configuration snippet... ... instead of appending to global-config-overlay. --- .../01-authenticate.avif | Bin 4209 -> 3870 bytes .../notification-matrix.d/02-join-room.avif | Bin 3955 -> 3745 bytes doc/mod/notification-matrix.md | 7 +++++-- mod/notification-matrix.rsc | 15 +++++++++------ 4 files changed, 14 insertions(+), 8 deletions(-) diff --git a/doc/mod/notification-matrix.d/01-authenticate.avif b/doc/mod/notification-matrix.d/01-authenticate.avif index 1db516b784b2779b1ab1054fcb149753b2c53dbf..b897943b1fc7d8c7c0ac6a9f225733d24dff9e37 100644 GIT binary patch delta 2829 zcmV+o3-a{wAf6tOdK3wf000Gz00IC2009610b2k72sV+9#{vz@lUD(N0;~tK*#Ub3 zf8bxk*LQNobem?QSjNg1WC-uim`wLe;=Ao zm+$o&BR}Z+GDP#I`p(N0lLR%2$wB9JUIv;PxZdxT$rGQgkUcrFkN@avpXd z;;c&ATAreA&nxo;q_^7s{-NsYW#)Gi^U6(b5B@ z=H64_hEz+4k^<6z9FnVs$;0HKe;nj<&r(hz!D(e`Zf|@uIn&(2R!!^)!Z2cACmWfR z;9ztfm4Ldoq_M{u>K9=nAfkzz3yfm}JYxeNN=bEHMtf0fHT~3<;9x}aF+e!u1mm#$ zg;SekM-2$8CjRz!^GRWGti8;B2WZdTFku2HQpA9~4a5LCXXQTiUe3o(e_yb&_!{x% z^Ajxdv5rH}7$+Df9eBV!tCO+UHE-=ZX%3}!%p^gUnT|j_1Cz+)@$P+T_d5QtZEWNI z)x8L@a0Ki*5;h6vlkfEOquMbnBoeZ3?|tgAH3&4{_(!F>xlteyr2biLrbp!D zbQm0xNL&uo?-JYEE}tZke|TEr!c}yS?FK?oLL#9U91>U(PjcS1%g29t70TR4cREg> zg_UF>fH}?&UUGjkQe0~KmD~mkoks3xOKvgAGcuFwf^nK$&ekbVikCIt-pYH@gRi082 z(zyYw>VoI(BT~E<8+Li3cHOr-v7F}_=N`06tm>1(@Xe`SNfUq>9(F3gX8?kE>VGII`)h|#)yCVy5<6`l^=YhcE*j3AIPWIEovzu$FA$jh{n$hf5&NM9i@zjrJz{TK4PF;h5!+g zpqw9GxjDn4iU260iU260iU260iU85kf8+800PC6lVz+AxMgIVg$NvDXXZecVpb!7q z5&#MbI3;p8*g!);q%!>qOvnV>gUn8L^U<9O&$%+0w`#KYA*%KrmdO!#yl1n5_^(n` zSEOf?f0Aid#mxDd`A%ziOmGlDunhQ<7iOxZMf|Cb4HIC4jK4`($}N%cPg< zZhYSED&D6~&M1|ihy(Ot9QH&{c2pfwc-{QsJ4lK@VuY7fA6|4-9xB))=XWxz&M8aQ5980Zz&1pa}*3t z6D@4vBG#V14{;mdJHW-kUWO0jdoc<890=;S40s?KDT2z2pt2vtT}7WE73~TlJDubG zomL4QbZOI8v)QIQtHXiqSF@Lp06DkO1z+b47dc~$+JV$G7zcWst`0M4+k124%Eqy; ze@<3ku?49z_!U{@c9+>&k|ssSAu$|uq$#3OB`rpi60N(~M*u&t!3O7w+)8ETdvWLYMwHV?$^UI z*x``4BN`!bC1G(e=sq-m(n852c{F-2j%>u(_s!V+pX*T7)W5DpYtE!(J60v;BFPY zCx4sA)yU!6@vT#9pE=;9;~dxF&6G+#3k0#OLM;sZKGhXwRyfhS7|Cx3v;9UGbIe-7 z>8B~!va$@2R@hlY|B~#G4MQ*j%0P0nG}q-FWT(+SH~rq9>)>-BPl&IX60o5 z-!)s9F@PHePbhw`e-}UrM}h8!$kAwQ*?r3z$Y}dS7lwo3W%Vns7INCse_xhT4edCA zZrpS;ASQ*71WC0tfFr>h;`2q$$NHIRX@yXU`Dvg?$Q~hbyIbZPI5d#0Dfy@r?i*U0 z+f&wz;gNZH`JG(?8sT=!GuCF!Fe)>lS<||BZj%hb&c}mf+H(cDj*g5Xhw%_7I(6l8 z9TAo;D3)@8e2weAo^LWURSN=$Mh`%gYyituUa zUkbPd`qX4JG9}NZ^&kt)k2|xCEMm%ZCe(pE0bOPx_52j4)AOk_qM^NBBl1uAX?hx% z5{Uh4-=sTLyKr%Ff8}Z<689gUBs;f=8PHACwlFz4%@)$IQC3!Y}@%}FicU)=qXk6)>_!W$GQdis6cJvK9d5MmwV`%jYyeBB!p00-|^mxFKM=-0hTYKimu2cpim3O!E;(j fO9X$sZ0tKx(FVvoX?{SiPU$5pd@nWyn2X;Cj2d3n delta 3171 zcmV-p44m_x9`PWMdK3z0000IG00IC2009610b2k72@H{r#{v%?lUD(N0)hy$*#Ub3 zfAh$EJ$H8%tVe-6hq|qjxpT zY#An!W@lCy!33Ox!2GJYovdQ$Ma!D+fA42as_65}sNK!~00^|uMe=~Kx5|ec{nNJ{ z`1Gj8jeOTuF5ViMp|-axG(|!g^6o*;T!82^$p8aYW$_NMx;Dks?$l-uR#FcOAnG~) z02~iNS%btH(8e`;{sss7OYk~ludw{9H5)scC?wlA^jMoml3Q&{!;N<|khG#Re;Tt! zg_U#8NI6nHK|b}TZKdh5&llSKBXw_K6rO9jpK0=r)Hz~7Zu!NM>!tbDgB;rg_J$I$dv8nm;aGPWDLf2G_W9Fb?6ydk_!St}m5Y5mJn5K4#i} zO{2T=tUl17cnWql(yqX)SP-Fie+S16ou{rw4tdEZBF|2Ta9O-DBiqW*`C!knoQR|> zcN3qOg4|$yxb&>;Pg&IlnPnIDjo!)OV<_{R_nWvoj(Hdu!Q-#3WiGF&BBG|DcA*q1 z0W%Gt0stKF04MV`PHmAKG$O2<``O#-SNc`HtM=La6xN~HVi3Bjp!t~nf81jy0CfHn z?^W4!Z7ypxx$ter+E(MsC9YZ0Srm}U21=2;103`<$6aby_u2bh?ajtWC(f0hk(_lu z?H|ng)tEIa`^`elZf~xp3vjNx=3}*sWRcGY-j8U+u#ig0zrFtenbTNlR?{>wPvJYO zgB)@(2{yu2UQ^Bp$@f2*^`*@1 zVwDJ~b6x%H?Ub8~2w~PdAvML!L7Gd5&_lcCJ$3=W2N=(9tvmZCe@jbwgq{$)EE&{G z4bw^xjl*dQ$0u;dZicwm*EMHSuc}_KU_l1q&Oz(n+|}zHTT%YT)s){{GBN;BD+7AZZs|IM9 z9&+rtjlYDP=a6%bf829iiffv@Xo()FdWjecink5|fG_~(fr3RA`o^aWkL7ANk@?bZ zlVt2Su{@K5$@icQRr?Ine`Pj+>3uZJw&=2yC}avF1hL7-UQRjsgQWURm5w96@Ws?= z2_I>>l4oF}VdvyH&h4%A zt$e|O4Z7jZe?i7`&wLNaPzOV8WoBgiRj-FGFD!#bE$$O}-s_F~gAy1L4;UN{d)1YD z7x6U9Y2h%_+p&`3+i;L518V@eC`RT7fxzjEX1OSJjZWGGf(=IQC{X1iN!e9TJb(@d zQ~8>`r|Or`>H4kAS5hU*`C+aB{pkg{8~*n=8Rwb+f6>?e*0GsJiflBgQZmtqP~uN5 zKs$#koGBwCuOla%A);z#@vOy+{{U!J4rADJw2%S(NdxhwPpaxSFc>a13#nlzCOIZ% zQ`50N!}6xKr>H&G+MfF5t~mYam5cB}9Opa`2=@YjEKA}2UK?pHWYexz7{2?M&KK)Z z*l5~@f2V_IYVxUVn}z_-9Axp_eq+|8PY~-UMm1Z~p@S58*_4sfDozjMM0%zDww)5& z-p>d#$mh$DsVqWrNbAs00-p|RDvs@@+=N4hV;KN_f0x&at#_v0SSmHt4G?xJ17kS> zN#p3se;S+ndsxdK?Q86@$^QUIet5^PrB%4Rf4RGD*EbVP*)5qIvB>}v&(MBCfFYua zC;+00CgQg@`_m z7YztkP9q=ekxVu<1Gnw{Y@2QjD=EDiVZd$=tIkgwosEk!yKD3CNI2m-=hh`@U+t}-9v3Fb z^Z3P@!j;%cj4bV`h6|@jTMz-pC>99Q#j$c$lwH=&9$-2xuQ$3ED|zD(Z016CedA}( z=Z4mlS<*G|grZZqygQJ8Q4wrWyR+eLe`LA1lNSDu#XVOgo5dJB`8JHe(WDB<4>K}3 z{D(-T{SQ7!TV+Z6zH{Rj&6l-rY8a2{JVCt>00dc|t>Knr3j)#`XLL~UeV*T48Fw@y z;3()8@^r?lo!1FoT!^N5t^;7PY3o*lQ!`4-tNpPCFib%F<0(#kV`+PGfXTYCe^Ltu zU+~*9er@;wk9MTYEBko{KUNPUjIG{0gmBI8Kj%_|X2$vWkr7PIuB zMyoVv64bV2H=QOvzyKdvfa}*gG|n*AcoU}FGl`)7pVFho<*i^gkr=9<7_!IneIPQD z>s5Ig$#B^L_{z?5#WS!bdbc9mbAM7#IQ?2oA%;^dlECI zZuPo5m`WsV<*Yg@N6kq`cjuhu(3|;C0Mv``jdk7wE`~CPu}pRcmE8;Ce;8U~&kUsK zhRR*U9!c;Bgg4ki`|o35QTD7Y@#qv)kj%@1ZgW?Cx@4$q5V!jOWI3IT4tvEcPOX9B zccSsAB#Tf#<{=|gaw)yuBTe0-_4cJuDhHyGIc84b5qwJi*trD`%zZlPpwin>q||F? zFATs38BYWx%1pO%OhC$3e;#Z~Ftw!7j@x|`uc!4QyC4pv#G?J+2NtOZm8sVTywm#d zD31yzX%jaHujrh2)BfR86d8zXZJRSY?e^o`cWXj;e@w^(qFb7wRk~SY2%dGL$#f3@ z8X8>=HacvA5LqOmHUIqoxvkuPf)_e~DT5)Y44rq_r>+ z1Um4n_|@T2h6JI2k8Opv{u8Ai=Yx=Qim6fYY` zT4dPlh_GkGCgNsP-`jxloX7ZOzK&n~kp>6@s)GaCoNTtv%&j$MJ&E(#ny_lTAfc6_ z$eY`zC|&umbvRLQe?WaEX@yPuR*JCt?;QC3xCgHvrubBIG<#5wI(f-&edEW;QQ6Xj z>mNax_&w@KAiFhl)HDM)I}K-Dzbh{fO$fru<*?4-ch5ZlT3^35a5_4>(0Oo$Kwh6C zm1Dm%iU6uy^mvy)Rf0mOV07C10CSGF6rl)^0s5>}%?Vk~gTy=G=wBjq%?G9C>x3HFp8pzP@ z7>VE;OlDLU$>Xlhp_p}w+Q6Wio+MU2$bw_JoZnvOtzhQ$(^@+ow{B%&&JDY_ zR=O{QIg+RaZb=J=vQ_*8wUTK4Z;!hlRKNUF;ZonWwL5Q5H9?Zi)KxqFQa+uoxSjD_ z%BCZ~HU08K;_;7kh`*0*obIQis!_(Or8w*0m2ISz2%{4$PSuNaC>7IsqvZnF82q(xE{W@b4Hk^?#2&&(?=Eh5wWLuGAs;hEK%uuw-IW z3QKh!$B&w^?mR)Q0WF}_@5Qj)ACvZ%*|3d;cIOz|^5fHrt8uI9S9eKubEw_Ta~lRp zq?wu3hA=@VAn-pbu4ii)x)E~byZe9H(`vdr^6EEpf5I&^5qzL5E%KqqKXmQKemyEN zqhB@Ei?@cRXl<>^%@I(Be7lfy*C09!@<0I9S$spRE{(BuJGB{um6U_R$U2UH#{+C-&%|_1ViU~H&{T3$CXWD$DwGLR2Tjn_ceFu8t8&=escAd2gvoj}_ z(ixj^T<2*y>7H@xPM2HNrjN^)Q@xTr0k!TNj03oFp2P$7tBd7UL{y_1kD0cglW6Yz zs}Hm&9s-?>w5zZy76d3=!SR2?XKCw^gPw9p$g|U-+!k*PNcQryK3FsCXCf&J9mMD6 zAh#GFE9uV};iGA_3#klm<{^2Q?QG|8$>8Ul(ay#7Sa*MWI(sqXU z2h{Ia3}7_uag1ZXu>6H-L9J?*{ugzNP`W^FQZb2J~@+}t5111gsze+KwX5Av0R5ywB+NA@(y$9)~wAPggQ<4o#B7R26@=YKiSj^AQxuP z$__?BZg9PUHL zL2kI}G1EP>TylSFI;3e5CZ%|*677vd>;eur9Pl_FkgY9GU)C9}7yC}^E8R`GR#KpY zw~P+n-30(_Pj{t9a=Hz_h0!$={)FCSitJ=1z#+4McRKvp=rNoDiz}tsSxXUb23$)t zY@~s6<|!fYa-oRisTe$cYleIK$GKaFyPc<3^A=MfEFXW5m>#*{bL=WeHGN9f5e>eh zcML#aBy%#ZIXJ*R=kqiHyY_o~7-W|F!&e_;4G<)=D*_OP+}%dzWjGie2c=DGq(yIP z(A{`m_G_5-`I0-h3Gx5SA{|ET zth@ZhGq!&pcizuD=O;e7pbm#v(RC-8?5y;;e!&q50a$?oPB-RGq+~x*e-7NN@JVfP zBoi*#VsehT&ImXoinw*{V4*{+Uu-$b{iX17a(nudR9)IfXLc;?NoHe`PpO~=(M1#h zQAHF0QAHF0QAHF1qoV%+$K(G1*E9UZZq^oy{{VjgUn8L^U<9O&$%+0w`#KYA*%KrmdO!#yl1n5_^(n`SEOf?l4(}O z%=w!6PHT8fa1cPS4EU25X0KFWPniO^-3kXLv1ceHfUvFmWO+Tyq?hY%eBSOV-ltB^ zD3yPohy(Ot9QH&{c2pfwc-{QsJ4lK@VuY7fA6|4-9xB))=XjD-T?NNjtiU*ECpRw zEn}_!aMN1Nc`}pcd4|qnO;G{I*dU}2+C_g(zjld~M)S)=R5@X3)QLIAnfSAwLbRnw z3#QrO;(Ec5FVg|vUF%iC001n2{J56y)PX1Gf$PfRGm5!t4)qkKNwe*R`<$&`wXX_H z_i-)bPNHIyAR;Op|%p!VuR+8(?aP98juk6jfJeKlUTjsSpW=C zdD*3#8QYEHM{oCB370#$fejCGc`9)9)y6O)2$@6*6T*f=4U4!yb;HOyNDMJych7m% zDt=F=E*{rp6woff&XM$(p7pRGCFg$|Pb!OS3zYxYkQ5n>VZ*f9f|AM0qA+rT31Ql^ zM>zifk3kO01lN1a?nWfhtfiZ!?S}GCvC6Fs72%2W#`w)K?3ikPX8${cuB158+s4B7 zKXWJM`LS;+v$kUYD-Nz}h2usiF??~M-JravRD{pa{fEE60#L#MYl%yHq``j^r?AxG z;&>_#xUA7wsY$}5VU2K{bqs;j_6&j5D9VFcWUtZWxNUW*E8dc$W{pb5sP>@y{rpiK z1~kzfMrdWhVDcXZ(fh9EQ(8X$`3I!6LcRrBEHBw13Za>R2^13`yN#`=9B?fmm}fNu zOdLCakrhN<+4uKVRSXTwhM|ApO(=f)Q>=IGuR_-N(Ns+>ic+$;q^ArAMFfruMzjRg zJP{(p2ca1B3qCppKnv=xh8)EEmZe+GOE=C(4CKC^KDM_DUKf4ZYH_XpM^UdeNDZ@| zm}mkxO^G@f9V5nv|48F9Ju6Es+xg#hHD`9-P(@4sxqlzTjs)SzlDU7zg?38c;~Dk! ze|!=3a2tz0rUjfG2SrjiT`G`rsy7&`#Sth+zJKtlfT8H*7$#vp9GFEDJqwEiy4>5o zLgTA$KjAbb7Aaj|gVHkpIA=+L?9(v8#j`Pxg*wWjh2{6ySB)KE7#!gC3|K*k5EM(i z7Xv3mdFF_kVG2|AFw}n!&{J#4SwYjZTtkzG8C%4phh0jn@)uhrvUxGbG)IDFHJb3S z0&J7D6C(Uu^N0#Np)WDN?X%Uf?#U`;^+Sd8=&YnLlU9ykrHCesEPT1?l&61+0r3Uv2Pl|RknNt2~q%0&l( z-E7y#R8{p5kxZ0yGrV1_x$}hNC8)x`cwsuEu;rXAWP)+r^L^8FgNo)Dxs$23Bm|M5fG>Oz|$%%jvHOL8TGhoQX zrWBUyJ&zwXVGj^%LeuPnSHBj)41Q1AUuMF)3hmA@x8=vD6&1#>sa@SA)y|`LHOy=o zCX!}nRv5tqoP)sps=1x4V(3N7n(u$_XHBZ;^UJ8+&Hn%hw9rNJfUvj9haCOWw;lNO zsK$+a*H$jx8kwQCw<|P7LK*VzLC;)(=rhRx165`54zRj5#nkT9W)49Wrk+WaGRZ($UkYq_6k@{ZIwVnJ`1@>xgYzQfb&#|0{q%3z6 zpO}K&V0^grtnE)()drbm7xsC!t^PBgZxI2z{7#P9hudQV+uc;!UrlEGB6e9b9!TT9`;4cu7E z6jD5kEP`Ob0tq4V0ULiGgYAyhp&iOar4P1vGtIc&8F`ij495yj$+tK=A19|IS1En2 z>glT8w0fP~M9S;?xtRtx9xw>wllhv@xYTd26J^cq#Oa;eWtEs`o_Rj!^FFmL-Q3<0 zP>(A7bvsxrbl7f8ui)#@A_hfAc3{LX;N;@~XF1^D@z$=%XJ~(#ZPabyzcNd?+_aHI zjrKjGVNg&vaK{53`;6BH`sS?aRrO2O3k+OnJLhDJaNJcX3+ zf0*F$latS0Ppu-3t{<>jT%=as3AmCL-0SB=9h`7CeBh8ULC3vUHg-)F%xA$@J3Q>F zEZ@CG+6f0AHZgymI({|BCb_G|h>_}-sF8rEt8m~b0{{+q7$i||tZHz`{#K)TADt%o zHcrEP6UjI{pLzi4n*RVuXM;zz@UTniP+Jc@fpX8dsmbVa>CSo#X8>a2>2_99#9P6a z63rVaAYA#1NPHZqVmT^C4~uSp=dlt~LAjl+MOsS2PFeST5TUMid#zNKpj zhTl=Uh9EE!Ihj`+oM0bw`I-RT`#rskGE05otBAB2JXG3-$o~f4K`KNEr;%zVgxIJnF)TRWIs}W4%s%| z9M&$@CxcG7bd^IR1>lcd^vAzyiS@l&NM0E=OV)|O4vlc-SRCggJm)9#qCIn0g;8VG zZ;?@UC|idCR~W$Ofq(`*r~%PvTAcDok=i?Xay)-dayEuQS%!0t0RCR0r5+g98Nv-J z?6EkLKapTW*BDc)Q$=7RzKk(*7t}0*wi-;{{U%x{{T7w zWZEvJZ3E3coRLPUyq6gHa-%%;<(KoS6{o4{m-mTow-=MjzCc_%k_gUu_2@q#=~C2}~}Ktn;KGL8#O$OPPjrX*MQme_9S=}@AQ5j3P( z1&E{cb^wYO4G33GBOmOMOg1$Gx9$CGn{Es%DZLtDz-|tmOLw0BDIhVIuqO2b>@b%2 zMB96>x>%L~&4t4%@hp3mBc_y)+K3Q z?X9667beN`_{EySmDoy*EbXa=3#Un25CO(076{YDv2s?FUDnPXU^*?YH@X)qdE*dl z=0bLT<7dz3hSro>(lzjeqEorNJCJ`-5o}Srv*B)Jxww-S{*T2yS0$Up7(DqljKF`< zqzcFnGcq~+he)OU4?aj+Wl8(KbK@7ym$h$d7?0^ZLA?+F1X-W0;g)0z0@532bWrhq zp5I*=cQhj4DCidQbjGWl*9l%+h^Be217NXf>sEtPGfK;={jmlxOhEkODNcQ3X?t>j z$-1#p3kF~C+cJJ__yCV~q|7V(c?N$!Ru3eMt=>F@aLw;O=Tdr7%CA88T4+4@l-Ebe zI_01iv-F`xt2Ag5)V5?dohClO03TU^>(@Ip&M?+^6Q0ImhBAk-Om+vA-3#Iv zT4K)(r09mqUBn(q@CbxA*g}8%?^@$@coTgc_iO9Qn32RPNcD*1@wE2u_V{z&*_y+s zAkm>n<8$SA2B8veDmt+nROkmmVE$Kpg!+o7^wpL#lQR&|AcInH<%g2I_3mkU*U0@ zLxdicK1Lr_L~+s$TNr=XisXJZ_b4^k(E+$^=faTnZS$c=l6ji zx>`z>8U$Dzl4tr_tuJJ6Q(RxfiE|P+{EmZwdnw$(V6nYbx9)#_G^ieOcw92pTo*aE z@`f5hdlQD37GX6)nH2HPVj|j4^o!0rFRj;ESWX{cXv$NCu7s08tHj7aH97)QP@#~C zoTMWTg2!ce6w27HYx+$~5j*$)pO~vSzJhy92H#h>PZiS-N|X${nx0>;cBi<3PT@x> zDk7Av8(v3R4T*oz)o%W~_?q?y&u-KXbjws`%xiU@GKOTTN~FEWOBOf%hqvG6hs}mQ zC0~Uhk4W7gF~|OOGWx|4+to11Z$yeg8vWy@=vSvmjEBjg$PgmSKqf|DH(>RVSzuTF zu-K~nV=LwV4xADmv56+d+eZcbuu*OwmYW+uS65wq@F;%@UdyFOH&fGm9{vqHa$2Yy zLkyNdW8AY6fw${hkM2HDpe)|6xQ-Y-L~a4G&}SxH<~5dvS_fgThPx}-l~lRLAj3Mw z>)8ML-LXW89I5R~t^^(Ixd=1=?8-fMYrGycHAOIEAhZ8H#SX&k(GyNA=n(=&DJi`_ zaFmp3UpzHDs1;-rZ^)ZbA>^NUlixG$E*(3<-^D#6wvV7y$}ebiM;?IH9w?CGJ^6@S L(XQ(=Q&YQu{cNRZ diff --git a/doc/mod/notification-matrix.md b/doc/mod/notification-matrix.md index 88628e4..92383be 100644 --- a/doc/mod/notification-matrix.md +++ b/doc/mod/notification-matrix.md @@ -70,6 +70,9 @@ and write first part of the configuration: ![authenticate](notification-matrix.d/01-authenticate.avif) +The configuration is written to a new configuration snippet +`global-config-overlay.d/mod/notification-matrix`. + #### Join Room Every Matix chat is a room, so we have to create one. Do that with your @@ -87,8 +90,8 @@ the invite. ![join room](notification-matrix.d/02-join-room.avif) -The settings have been appended to `global-config-overlay`. You may want to -edit to move it to an appropriate place. +The configuration is appended to the configuration snippet +`global-config-overlay.d/mod/notification-matrix`. Usage and invocation -------------------- diff --git a/mod/notification-matrix.rsc b/mod/notification-matrix.rsc index 8234779..5a08146 100644 --- a/mod/notification-matrix.rsc +++ b/mod/notification-matrix.rsc @@ -217,12 +217,14 @@ } :do { - /system/script/set global-config-overlay source=([ get global-config-overlay source ] . "\n" . \ + /system/script/remove [ find where name="global-config-overlay.d/mod/notification-matrix" ]; + /system/script/add name="global-config-overlay.d/mod/notification-matrix" source=( \ + "# configuration snippet: mod/notification-matrix\n\n" . \ ":global MatrixHomeServer \"" . $MatrixHomeServer . "\";\n" . \ ":global MatrixAccessToken \"" . $MatrixAccessToken . "\";\n"); - $LogPrint info $0 ("Appended configuration to global-config-overlay. Now create and join a room, please!"); + $LogPrint info $0 ("Added configuration snippet. Now create and join a room, please!"); } on-error={ - $LogPrint error $0 ("Failed appending configuration to global-config-overlay!"); + $LogPrint error $0 ("Failed adding configuration snippet!"); :return false; } } @@ -250,11 +252,12 @@ } :do { - /system/script/set global-config-overlay source=([ get global-config-overlay source ] . "\n" . \ + :local Snippet [ /system/script/find where name="global-config-overlay.d/mod/notification-matrix" ]; + /system/script/set $Snippet source=([ get $Snippet source ] . \ ":global MatrixRoom \"" . $MatrixRoom . "\";\n"); - $LogPrint info $0 ("Appended configuration to global-config-overlay. Please review and cleanup!"); + $LogPrint info $0 ("Appended configuration to configuration snippet. Please review!"); } on-error={ - $LogPrint error $0 ("Failed appending configuration to global-config-overlay!"); + $LogPrint error $0 ("Failed appending configuration to snippet!"); :return false; } } From 444f56f9b44baf8a2553e2e475f796626c5da3ae Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 4 Apr 2024 19:09:00 +0200 Subject: [PATCH 440/908] update list of contributors --- CONTRIBUTIONS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CONTRIBUTIONS.md b/CONTRIBUTIONS.md index dff933b..20a1140 100644 --- a/CONTRIBUTIONS.md +++ b/CONTRIBUTIONS.md @@ -33,6 +33,7 @@ Add yourself to the list, * Andrea Ruffini Perico * Andrew Cox * Christoph Boss (@Kampfwurst) +* Daniel Ziegenberg (@ziegenberg) * Devin Dean (@dd2594gh) * Evaldo Gardenal * Giorgio Bikos From 1d8347d8ea0b4c16d4a3763e2f73c186da360a01 Mon Sep 17 00:00:00 2001 From: netravnen <1938389+netravnen@users.noreply.github.com> Date: Wed, 3 Apr 2024 18:11:36 +0000 Subject: [PATCH 441/908] README: add start-time & change interval in scheduler example Set the interval to once a day, Instead of every 1 hour. Add start-time to start-up. Thereby introducing randomization based on when the user last rebooted there device. As the interval is counted based on last boot time. --- README.d/11-schedule-script.avif | Bin 1847 -> 4113 bytes README.md | 4 ++-- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.d/11-schedule-script.avif b/README.d/11-schedule-script.avif index 27541b75d69575591c432fe49b06da2b47a5ebf3..d6eb0f895d413232e27710b9a0ba2fae9e3d26c5 100644 GIT binary patch literal 4113 zcmbVJc|6p8*Zz$eW5yQQ#u{cATZKV}kz`-8m6RpSXc$?>PGpH9glyRfV{K8{6(Lz} zl%=vomPnRRA?q`v`+nZ{^ZxZd&zaAebDeXYIp&Q@00aTiML?)) zo7@~74xdI}Ukad&q1LDl2lfF7P068C+y9Q#{BO)g<>)|Q08EWxR0mTrtshGB|Ao2! z#oWVd%s0KUy91I_P2G|UA^mV9<4i5!@gE2r8fI*=QPT(EdoF2?ayw zp$srMBNMfunvM2SU^)nxo*qJdbkGed4?x)IkBZ1?Ksn4D7(_ie<-_kifFaL5ZQ(NS zUqxZ?UN_;4+&lYCcR`i9oF*X?gQI=i|D z28Z5%_&7W=IyF5r`(%zCS^&dZfZESA+-lplI>HNq3DEmLU*r~ecAP_Kwfu;*Y z=T8&P4xty3gC5l|V{q`~5S0&yah|>R;AsmSi7{X0!h7{Ia-$Tc#MWri4we1?gx&nF zl>J-S|L7V8n86_Gp9f|K)PZ#m`EKpog!~>W<>>?wz}(E@Qlc!J$gGc5S5%p>6(2J_ zuM`K7?V3Z(r3Vj>tADe}NY^l>b?6cGpgi}Klh@o_$y6%k>>G<8D6CqLgI6HGZnf3@EAidevTmGu z&698q-Sb2iuYotb*D=wByEhr{lFc{!^vX#2wU1qp@ZO>DVNU$I7Zlr_=-Fo|r0Y84 z?sRP*ec^b|a_E~$QB~U$b4(XcSqZik%~nbkae?DlXY#Ii)(%-LRHd`evTcPdyw}%< z&ZJ6LXWjH?c4S`r@MQGu+^)j=U%Er?{AN4X-%v_~8$bw1F*%^~dt8vE81!Y?*rRvx z>t-7{6Qpr3LoS(+66dZ*DVZ0=FCZnoZTFT&ll7hPNm{GRuh@Gw26Fc8#}SUcxEW#g z@oXWaU zX5mB=yOL@RZ;A<&f->DAe!)?sx?75V#}cqz=UZk3J8>UOc2Ruw5nU>&UC~Kn%u&2( zbi$*v+cgiwW+v2T=e}&Lq|}d-HJS79`TKP7e#%obJk(v89s2bdefy9LvC}NJ z;(_yI{l>O*0bfg_!OI>^j&v!*FGGeqatWKFG7+H%RPotw(4WLlfXi`dG0@9LJ{ zz&bpCf7BGuDk)4*ZLusyMRUUC81ADXx4$&`A{Lj!!#hS7M=2>BZ5~1Lx)={KVsEMJ z)34vU3Y%+6HA}p|tZR@E4#_1ib*uDtU3)7rp*N3O7uNPt?ar|MwvH?a6jDlem!aDo z&ld1k!!AS@zQ3wS6$+=a7z7+oK zyVyv6*w|dn^2lQL&vv5OhvwcLwWgvb5WVtYgAdB8=xp@+UVPgWsi(S~A5i}B6 zjqkS*^L6OPb+>=0dn(sMpN0tkaw>gNvI9Gxd)-1xf`V9&kuw`U7y*s~jBsT!FWm4M zO^qV?n=D41knxCOl;vjHu>02q(}E;+g`&&!(S<+#fEXSYn58lD*wQ^CB}H)U@}6s! zJF_%b42#^Vg?Wg>Z{?R6YlbElkm0*U%3`KFu>yiZF0pX!+zj0xCgQ!jru;rThVD{? z1@|s8$8*w?rfswD6XM>dd;G)`27xX)Oy z49a|5%4sr-SR~9aJ+wcN%I2zW#{}xDIR=8uKKJx$je_t_dSx+t46{m<2U^FDum9{U z1D!Ru+$jw7nl1>;#yLsw_zVciB!#|)7{#cNv@u5TEBoc%%Tl5?7->f`ntK?Nx<_F(vyOlZJr~ z_V-0V=}X1^T=Th8;+h`cY-q1DM`3Csbd-_LEa>!#-d8`CIJF=x_RW1d)DI2sZJsaX zHMV{^XAOFzix4~FA5jIB;aV`&a=6Ya+$LnkhVAV!IKjW>mi6t+@yu+mA;AfgCOfg6 z*>HjgWdhaRE`Rq5c-LlKPj323s?w#EpM_TqDB)+M93$S}tIu;Eyl}B|<%a#^{D47c zQEB^13&rGD>9v)S51kq~*eJH}+aYd2INqZK20qS2YkDxkhL<a^Q*0khiv|=sPtaRNO_l*R7t_>D$Dcovz z6F41(d6%M<@_S@Z`fD?H)Z&b!Bm$T3I%rz{xmMiBN9uegCt@SsGUn8K@=%sF#wXxK z$G!OIm;&~V$^^Mrtz~|ac9lIkMDrqjI_TKCcBh!yrRhICk>2)}# zSY$;V(rWx!sMRHZf=!*g^hj-$pL{RlhCTCLgV&L`({+I#c%!4E3!RPK)^(FOqg2Zt zC+Kp&`NA@X6)ms#ZiQKf*Gu&2%H|Bv_n}O;cR$(~>aOlN-TO;4^cuqz<`ZXz!CY)t z6$hG`O?`N>Z^Z8;OLR>k8MWx>WJOA+KcjXw7r|*PYi-1|Ef;ZrEOt zsF+X5eyX}}iOb9ZON!(Sw{7a3hbO=s=S!`-2yZ!IHmN$k(n695&St*EqKF% V659%C*l99!+jD6bz1FIc{x6~x&wc;^ delta 1600 zcmV-G2EX}{Ah!;XA_4&Nkt9JW9%*cEV*mgE07L))0RRC200031009~R00tcZ001ay zX>Mi!000000g;>?k?d&}1|@A|VRRAz3JEwRay-~TLqVi6jSQ2I2{3;oi|ja&nr%tA z3fh;(7tV^=51B3Lxt>LFq(F|Z|W_gRgBzG%sX4$_T zmXyO(Z5Q_XakN?V;!U#e$m_kW(F6nMDGL}MbJ*qz!U-`BV0Pk3alIj}&{O`$Vs^v^ z-=NRKLY4{W`msc2{3CyF2IY3I!+!^v!AUvI<9No1Rq$_*5u&SzoLUK$PUVKyMyfTj z_?F%=W9Kvq56Nxz^?GWKUq7KcG~X z181@h-vNbL&X4+Z>JJMQIkctNgAv4C9F$zUxcs}LU}pM8VXukYJg`u|5{FC9vt!Zs>L`DTAvo_qypKkWw=aUWVjamt z{PnM>TU9WHBK6QULfsO@#>Mm#${6BVY$>%Pr?V_aEt~mqZS}>rwfx@8Y(WMto?2n72M7yPt=8$tm7DC;eF3h=Wraz-;w zUA>dEcrHX-4cifjWTE@;5j39g&U`a!S@U})&FO!?K*ZxtJ?Cax8Q7NxUG0WYzF5PS zm_SFPMdR3$jUcfJnurYK8bXnS5v9k29@G{dD@65K5uPwzJ)`p;L#8Jmz1f?~-9*?wm7Y62tM=skFs3+r_o|;4BK03ed19tPwgxO#JH- z_bA9L%wJ#4%ye&ySykYg#l}5GC`1ORTC<9zcBnMB+&+~}@jFX=rvCa;diPy*KewbO z7%uGN9OU%jZniVPBs$^V6E~sd)>7cK0V2BFgsLvsEQ?pi17=tmn#N;Y!YW>!NqNPsIgf~*A#4zKE ziZkQ7@X!v?-en!zZYbp7bf{EV&4GmD{Er4?iFh)|q0^jEC6%4-e3#-5-AMSp2cLhn zK6zNRKX7?0RR;Dq`g#B-A&u%6`w0`4ny9m5-NL{IBIn3H(#HR^>e_*CTzcp=YMlDapgMPV)jWPhGBnk-~$Xw#WbK}?jT|h;{o;f(iz#`CLVB14RR_P9^ Date: Thu, 4 Apr 2024 19:10:55 +0200 Subject: [PATCH 442/908] update list of contributors --- CONTRIBUTIONS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CONTRIBUTIONS.md b/CONTRIBUTIONS.md index 20a1140..f4056e5 100644 --- a/CONTRIBUTIONS.md +++ b/CONTRIBUTIONS.md @@ -21,6 +21,7 @@ for details! * [Ben Harris](mailto:mail@bharr.is) (@bharrisau) * [Daniel Ziegenberg](mailto:daniel@ziegenberg.at) (@ziegenberg) * [Michael Gisbers](mailto:michael@gisbers.de) (@mgisbers) +* @netravnen * [netztrip](mailto:dave-tvg@netztrip.de) (@netztrip) * [Stefan Müller](mailto:stefan.mueller.83@gmail.com) (@PackElend) From 86d0f71acb760793c8ccd5320351320f684ce052 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 4 Apr 2024 21:14:17 +0200 Subject: [PATCH 443/908] README: update screenshot on lease script setup --- README.d/12-setup-lease-script.avif | Bin 1686 -> 7642 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/README.d/12-setup-lease-script.avif b/README.d/12-setup-lease-script.avif index 365e0e8d05470af99aef604d1ec24c292113d926..fb4024e2a730947774c6f165c7c5e3b191a4804c 100644 GIT binary patch literal 7642 zcmbVubyOT*v+dyS4g*YZ3j}uy!6Cth;BJG%3=Y9bg1d#_?hsrOd~gVEL4#We!R^D^+Q3X#fC$ z*TE8I`jmS#78?tD*MBGg;0!T`{hL2|dx+V;+u%AwU=DwC2#IqMUln__Te;NP)xaJm6^S@g@ZE6c~c6EOA$`EIBr$LnVQ>Jb0gp>$5N8L|r`)3<01%K75QC8c z0N{HE3)8Ofdkh{8{qOZK_pl1USCUhdd)(;npa8(bB0vU!j*5zg zih_=YhK7NGj)_f-gN=oSO+iS6M@&sgOG8Zw1cDeinL%_M^gtksAS=fUZazLfT4rH! zAs#VKUOt|uCI}c97}!|Yc%s&;cMo2XG-gilqY}5+EQEAUyN{XdmZ9 zLHKL`NO=;9gp7iUhK_-W^;l4k|8!DFh{#AND9De8j^Ov02Otxm5I*CUMkP`=MWb^e z<_V0;L8pIN(@CQ7{TBnTnQIURCMg*?1tlXBGYcylAHRU0kg$l%D_J>t1w|!IEwJ`m z9bG+h3rj0&8;C6w=H~9<>E#_95*qgY!^iOWgv6xel+?8J+`RmP!lL4m(%LU|^$m?p z%`IKsJ-vPK{(-@X$*Jj?*}3_Jwe^jkn_JsEyL%_UPyd{qUtC^YKk0hX`EUD2+5e@B z;87PMGBOe}+LJB>M2{!o1js1QxKRnE)zM5{i0F6%(TQKi<?U(fd!FO@gFu^( zl*EcL5Gx@J+O&<$dz@A*Uo=Ny-tz12uz2|e)60C?65-uUk+;?kE_k8Uh2aZsK%2TKq;T>gycxM#E;- zb*)nMQ8iLu3tEI>g0C}h<|=1=B3vhuPO5Eg+f3?E(wtW~U1mMRMQC`uwc6}H){VUC zTo<*w)W-N2nkR1)Mw?NFkUWIFy5YHcR-R~oWS;{u+U73;#i(UoUcOsb#<0M{#L}cI zJ?f_rBbeMj)GkU4UC@;l&Go} zUfbAowY*|SX#7>NR37ET(R+B2h6`URjr1mjcEATFb4sC#Yj>;$hL>i06!SpV*kq~N zzGYp|w`GLbb5QVjG{;UzWeM!r2?MLEc?_(I_?;0lp*50+C|P6>Kpd)L#Kba@q6+5f zRCcylq}h^qD^~I&6jX`+XG}^J`h}|$-g+}XZoDuzFOAXgE9#GPO}xPneo{kf8tO*8 z9C?|^1~MU_OywTv)4xrF_YFedFnq#6CGfcyTAe`@rr9Ah>UD_Tl6lV@|Au0LC7F*4 zr%P@znxtP`GBR_X{76<~O22=auHBeSZ%DiwMZ(}&GKidHg8>^K*Y7=_j~sJI@ZSA7 z!+DG4S>5@$5z!RkmJsT1QYcmAa4zO`P3l|WkP?K762Q+V!cT#(6(J(bA9v1mj_&Hex zIMzpSN0zWD_KR&QzyY6&BHfaY9A2jvmVdfxO}h|z{~k02yW)W5aBzP}-yh*R&0sYt zHMm$3?%!Q315Npgqvn`0pUVt55eB<#aX+UI>_l?s&aj}|F3z`s=_MV9Ij$w@K^g_1 zb&-R69)M;cDrNJVyu~b2ZU1^-de#+*kIoh>*{LgLM*!?YWZa%Rud_;xaKMg}8y976QXjkqZHU=9^V~_n|fAhS*^2C=$W4zfXVXzhIq>B`zcD)&-~v) z>dxX|=LGw_hD`LdmbBbUX$W%qz{n=#?ez6F*XR^i3^8t+uw}DNLRk|}@fX=Qv~Hl= z`4Zd`jJo=If5N?wPUkjxcIte+=r)N8P4obwq>lcD+%j7-0m=_4hnaL!oPEF4i+F^` zUVGqnGtbuR1>0T-Z+?ul92&gea{m(1UG{RLOQ816IkZL7In_wVZ81|G7~PDN!_3K5 zAF=N_7WUlL%(=nNg?#y|g)W+{hY;MJ`%pK1rrw_4Eqtg)q)VTH9QSuWy6~tlRWvjs z%QQ=+*$t8x-lyzmbywt*LL|7rbQ2)kn1Ksz&1MdSD-9?e&G2isHQSGfn=$H-P+5n? zFPn=V2c&kXyfaRrZ}d+!$AObPA6%*|LWt-VNao;lXhcn?!(&D-azgofK_Nu@qt{He z>{HoYf~|+9o^JoU{^Mo~H66=ZR8RG#?E>AV)-Unr^nxF_j-=*JwiLM|PkLkkL1KigVPkuKF@2x1=w}gJ4o-!4aFJ>?$alfi;eaSV5HZ*oRR>GfF zq-yQp#Ku|g?{u1xub+p_9l2^f6|GRze-mG$ZhKpGWGz#=djXwSJaW-Dj17=KGDYt7Ya3*w~uPsB_uWIS|vcIu6VtU7B$9j7(B&0AEp!B@8zUGR5iE*LAI@jwt2qkKC-DkGaZu z`)5uk>G}v-R}~h_q}00G-lyNoQIiy&Un{gkX`h>87<}>a!z=W@4=WVVGvh-WZnAVr z8<1Owi2mlmoTU_F-zwQOw#c>V59Kbd(Eq^qL59shnVlV9DKl?zv-1HUZfAZY*jWi5 zo^b>@aZu-yfdszC4O&&QVN(p7si|;)$;rT&W4#B<=1ygn&g3n(gPqGc zj^cKcNfoY#LuV)bky~dU#s)Cs*NdQqtMd+03l^~@>u1elPDM(jySQw3N_E;9?h8IL zz%h<+$r$t=q`*FxV>KD-Pn}Fx?gLxCpWkiGNTlvJuB4a7o!cI+Olm5s+b&eK70D8t zWURvWH7tlVZ`0h-ey>1~gX>lURlyvcT7-%nNbLYd;%rh7Kv4|90t%8Qr!VFMBx)Sk zZ$L(QBi;L;S87_7f{2fQm7;2h>aSlx$k|w}!~qmcpQNZqKixH!$dfm`SBh77#qD2i zZ9*zutf&ogP6gq+z5!5X&cJ&_l0Hu_X}3sx2fYRREq(%-kTCj${=82biHN}^Ah1)e z9s-(9d-EbAjB$6qel@-6n=4_lhk09-ZV1H^gI+Kv2)M?NgD zE6~R&eR=U?fE@1c2+f$;4kMHPBzF=SuO}bq@CmO@j=^(uUPM4b^TPl2YhD9J$0COE z51BMcicm$vPsYFEf1uNc=q(_S8%9+pBg2H5t0=NP(+`-wqf~D*9NK4Q_#I`yE+pzB zWF;Y->(>Ren}YspY^^=P2gy3ILGsDY+>`Ax&~^5*M3(WzO1TMj1v4HzgY69SU0q`J zL&hai!f+3DzR_mqQN!GT8ngKYpY#36#W_ur8Rj6}pZFbpW(AEULVYgLeh&a?-6@R{ zK@G8lX=>ht5><_qt`={~Q_t`{H5ZgRivU5n5FlP(h0Q(B6igZNEQkss)5;A=`uGze zn%o6WtGRD*Mv}wh+y=$)TnnP4Vu_naamn?u*b&8%X1{+WD(E1fe?|r_eitu zx7$TO#o06Kzb4PPr=rBo0epuuLuidn!NvLO>0gNB61)a!M4W|p``AUo8`0~n>i9FjvXDJUXQhEOWp1af z6f%^|2s&<}xzZ!3N)R&`C~erR)^Rpwa2=@2rzJwX*dBRbrF6U0lAbJb_9L_>As5aN z)0id*1ay8t630-_a#H${u#Pj1-`?=a8hdY-zF+WmxYZ@*lTg>{&y206J@!}e->Djw z%lG`(M8A>N=vRbgkm6_Rd#UIuZP-~fs>!+f+}R4ZITb5g&8*K1^2p!`6I@iv@nD!C zP&aKblaD~PGzliSA|3N42}d{%Yc^B!&08-bHobIKBV7hA;3{UH@uJ;?9M@78b^2p_ z%oJ#dHUnGf1LWBN>SLG^`KNqpXwpTVU5{Vmw8d0TW4+x+0it$&3h?557&Ieen>oG4 zZNn~NgzfjBp+FD+fblY$;2^+$mC%bJI7{s{#!uHjYG@Dh073vJh7jX#VF7&naR|=< zg^C5@4?Y>Q<>jw23@MsS^|0cy_!3U8?Sn0bmoID5L{E*IIy85*EK01$@+l;k$vbUwH z_Hd^zr#eS`@5ZVhRjq}0x|j3+Krxw<;*uxU@S?CIs~G#kgkA}XFp7&&YC-(Wo#~@F zvCue$STyY#F@lR%0hr>_$kJM0@)#|42UpM1T_Nvq@gBr#vTGj8R!M92y2hc<2PABm zWqz8}4F#UpK#Ai!BIbP+hjcivx-JAU^`1}G(&kIIOjdovqZ_F+30J z0T|g8!LpgO!ow_Xbtr}4nyYwo(oik7Z zc0!JxL@X!^+r;kJW*>=Lr!qeYTi+^a<~9c6Wop0p(5Jja8%7S;m!Y>cqXAyv4>tuf zOc|+^B4VNq%B}p`=xYu~0(QEmmKgsjGpAx?dR>BDk=K1rD&2Kj>Sz<07Cn5IKD3eag3nhUlNo!ad?vvqD@kbiaw}Q+Ft=L(?VX6;gJg>yFP7*6 zH=wXNn@u?U9SalH#2xT(uj0#rnBLpS>DOUfK{Cf!<+8!Q@n>LXmwF^rt0c^5d?`%n z?Aw>LHW9a^U#T4zVjb$DfD~S_OS)4^nCjkTcInZi0=z@Idm3Mb1byNzkABFBq*OKn z6A5_5b$$#C|C*kqOl%{SDc(yUgYX0;L7W8Z0^ef15O3^$Jrs-Q&c>QrVRtZ3IlJ|l z+j8KTqQl%QI>%N%*mJU(4TY1Y+|sX`N~g_D4`HBH%bODIq5k!i6Hn@wpe{>tNFngR zQ*$ponK()!YqrdUw1jb(HR96K=A zUkH1PM?_-z8-`i*U;5@AAQtROd&);|_JrF1aCAy}2ID#WNhCAgw?+$)N4@~(yn8z~ z;^GXRv?r&YfbwZRc!{QQb|sH+ms24=$Cb#X9r{%_(2t**{6MU0z4N>jc5_tfPj&Va zzaJJ#O9#*`&@bo;qrWp+g)}ptB-0Jmd)p|nyH`mM(Twuyx4HjSO zC%m%@#bH@3QiRV*D_1^Ha_Qd4DzJ=b*w`~TzV$%_o6lT&;vV}3! z^D|`Fy3Aon;X+b!kE+*3g;tzuLp(wCW};0+q-8{5J?xjM|lwTziD}L|=HbQd0zR589nr*mk&c8RJ z0b`k_zE3xP@IXGQb9Ch6h8J_*BVGn*anv4_TXr^bO@DYu5433ev*p;Qv9U;+C zO-d|(V{NE24vUw2f6csoOh_qbqkv%|&}mO!xi`kz56u3N694`5yleCwU@o2ShcB`Fh>)J0q9p`QSzcdc z|Bv^1j44q=B$Eg4^nByXd&#bCEQ7B3DZWKKb^Los;z!=IMZKUp;|+P$d4>kqEE$<6{34qtV$}_&0l_pOw_Q@J$?d{5tL4yCBlUDF+i?2aDcL@nt^!)44Yr zV#j}aY3_DZQr{A7@7JzjUb4mSmnW5A5pZQl34Rrf?;AQpMXixOhF5Hn7_O;s%WmDU z-L~L6uGI_TeCjP7adk|GsM3!w{SLcQ!jCEUo69TuzHPW9+44qZXE?5=kzyytC>7iw z^7*`EkgvmqR!Xv8yfwvX16B+EK2f_)w4t_jGi9k_N$aivHH6PW(ksLB(Z|0*twXaHS7qPG68RbrVZz=Nh=rx;dHL4L9*%==i;`JBCbp)o70%Q6VAcrBJN4X~qaE%mE!i*{8tHlH=tx#~KsKWDy;o)J+W(+AKIZG*lxJY~ zuF^;KB09gaK@KF)BjQ_D@8U1^Qgx`qIoKUHaE0;uQ4zrk$|n?+`d@oR=<2#Nn=^ z_b;YNr{ekVm!v>Txieu20uqhgjOHO&qKCw#sz3YiE(}>%G3UL{Dw!5u{Hng*+S`>Q zp2xbE8dF#w%8-pxhW&gFKPO4dVI2bm$%4yaW_B*mSV=;OjfH-Vn%+@36EQ`TX^Upo zf}dOElnv;V-?34MJUqiVf^BA#f?BIHrd9T?m%-?6*7%vkmSxN~W=Sx<2d*gG1uy#AJC+TQA_4&Nkt9JW9%*cEV*mgE07L))0RRC200031009~R00n#i001ay zX>Mi!000000g;>?k?bG=G?NVhNPh){ZDe6|5&#MbI3;pC*g!);q%!OZOvnV>gQg@` z_m7YztkP9q=ekxVu<1Gnw{Y@2QjB#Wb{x0cv%|CQJD zfI?jxVb&8{G=dd~A~jn%q$=xKpO$;*?8GNb)oBhZKVLArpD)X%<(?rIx_`u2##|5d zgN_rfP;O+Dp#J6_rug_ozF>ii&dBkRfeM#|&4b`KpKFdP8hqRb&`CyCvYPk+`_T-^^dGtZ_{>0Twwj7z+g>11dzW(Lu!|$PNgmGLp#v6}?39QLE4lIC_b?lR>;5{(W^ zT_}uJ{MCL>E@C4HV!k1)DRpZnf zqn-5GILy_pgz$?2Yk#2yKuTdw6}$Med7If_=%P_T<)=zpdh!@1^U*v^L8DWT%ymy3 zJ&SMTpwvUAF5K^R5}Z|B+OmuIE%Amis+L2Lni?nNQ;XbfY`nzl&+hNmAB?%CPF1r# z*6n#&-Lq?uCk8t~O$^=JGY(W!$Bw6;BoN1QchomRg!?t}2!CJ;4^QS4L8dO&YXsY! z8)F=;F#9gIEZgTxcW%jiANDLTtZ|um*rX8&Xg<$dSt@uR0?iP@C~J-#d@n(QoKYij zwV-c$M(ttIB72O6k(wyhBP%CW`CANTCfnS^e zs8A^h1d5&)NWGFQWz)J{^uZRFWG$1Y4bUkjpr^sv+byDH7(C|XBBm@Zk14CoXT(q zgue|MJ8e_gD+bOuIUkB&G_KltbOt$U4|=u@^ncuY`+K*70wg$W9_`$|hfi^aD}_P_i8@R+ZB55$_M{kLjC}svjEN$iI86=c;fEX qpRpEGf%k!RYtL1(Tlxu`Kmw1H3yMicM-BQDcAJXi@h Date: Wed, 27 Mar 2024 23:01:38 +0100 Subject: [PATCH 444/908] global-functions: introduce $FetchHuge --- README.md | 2 +- global-functions.rsc | 39 ++++++++++++++++++++++++++++++++++++++- 2 files changed, 39 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 5109173..4516736 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ RouterOS Scripts [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/global-functions.rsc b/global-functions.rsc index e19ed65..bd35cdf 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # global functions # https://git.eworm.de/cgit/routeros-scripts/about/ @@ -32,6 +32,7 @@ :global DownloadPackage; :global EitherOr; :global EscapeForRegEx; +:global FetchHuge; :global FetchUserAgentStr; :global FormatLine; :global FormatMultiLines; @@ -389,6 +390,42 @@ :return $Return; } +# fetch huge data to file, read in chunks +:set FetchHuge do={ + :local ScriptName [ :tostr $1 ]; + :local Url [ :tostr $2 ]; + + :global GetRandom20CharAlNum; + :global LogPrint; + :global MkDir; + :global WaitForFile; + + :if ([ $MkDir "tmpfs/" . $ScriptName ] = false) do={ + $LogPrint error $0 ("Failed creating directory!"); + :return false; + } + + :local FileName ("tmpfs/" . $ScriptName . "/" . $0 . "-" . [ $GetRandom20CharAlNum ]); + + :do { + /tool/fetch check-certificate=yes-without-crl $Url dst-path=$FileName as-value; + } on-error={ + $LogPrint debug $0 ("Failed downloading from: " . $Url); + :return false; + } + $WaitForFile $FileName; + + :local FileSize [ /file/get $FileName size ]; + :local Return ""; + :local VarSize 0; + :while ($VarSize < $FileSize) do={ + :set Return ($Return . ([ /file/read offset=$VarSize chunk-size=32768 file=$FileName as-value ]->"data")); + :set VarSize [ :len $Return ]; + } + /file/remove $FileName; + :return $Return; +} + # generate user agent string for fetch :set FetchUserAgentStr do={ :local Caller [ :tostr $1 ]; From ab6fd8855881681d7c69af3e5ce18b3a6e2e69fb Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 27 Mar 2024 23:37:31 +0100 Subject: [PATCH 445/908] global-functions: $FetchHuge: use custom user agent string --- global-functions.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index bd35cdf..0ea7120 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -395,6 +395,7 @@ :local ScriptName [ :tostr $1 ]; :local Url [ :tostr $2 ]; + :global FetchUserAgentStr; :global GetRandom20CharAlNum; :global LogPrint; :global MkDir; @@ -408,7 +409,8 @@ :local FileName ("tmpfs/" . $ScriptName . "/" . $0 . "-" . [ $GetRandom20CharAlNum ]); :do { - /tool/fetch check-certificate=yes-without-crl $Url dst-path=$FileName as-value; + /tool/fetch check-certificate=yes-without-crl $Url dst-path=$FileName \ + http-header-field=({ [ $FetchUserAgentStr $ScriptName ] }) as-value; } on-error={ $LogPrint debug $0 ("Failed downloading from: " . $Url); :return false; From 2edf983698a18d45de1c9e7823dad0959bff2504 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 27 Mar 2024 23:35:01 +0100 Subject: [PATCH 446/908] global-functions: $FetchHuge: control check-certificate with parameter --- global-functions.rsc | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 0ea7120..65dd06e 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -392,15 +392,19 @@ # fetch huge data to file, read in chunks :set FetchHuge do={ - :local ScriptName [ :tostr $1 ]; - :local Url [ :tostr $2 ]; + :local ScriptName [ :tostr $1 ]; + :local Url [ :tostr $2 ]; + :local CheckCert [ :tobool $3 ]; :global FetchUserAgentStr; :global GetRandom20CharAlNum; + :global IfThenElse; :global LogPrint; :global MkDir; :global WaitForFile; + :set CheckCert [ $IfThenElse ($CheckCert = false) "no" "yes-without-crl" ]; + :if ([ $MkDir "tmpfs/" . $ScriptName ] = false) do={ $LogPrint error $0 ("Failed creating directory!"); :return false; @@ -409,7 +413,7 @@ :local FileName ("tmpfs/" . $ScriptName . "/" . $0 . "-" . [ $GetRandom20CharAlNum ]); :do { - /tool/fetch check-certificate=yes-without-crl $Url dst-path=$FileName \ + /tool/fetch check-certificate=$CheckCert $Url dst-path=$FileName \ http-header-field=({ [ $FetchUserAgentStr $ScriptName ] }) as-value; } on-error={ $LogPrint debug $0 ("Failed downloading from: " . $Url); From 61ee5cbd6cbce28385857f9cca184387234fe326 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 3 Apr 2024 17:03:27 +0200 Subject: [PATCH 447/908] global-functions: $FetchHuge: make sure to work with clean file names --- global-functions.rsc | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 65dd06e..3c14f22 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -396,6 +396,7 @@ :local Url [ :tostr $2 ]; :local CheckCert [ :tobool $3 ]; + :global CleanName; :global FetchUserAgentStr; :global GetRandom20CharAlNum; :global IfThenElse; @@ -405,13 +406,13 @@ :set CheckCert [ $IfThenElse ($CheckCert = false) "no" "yes-without-crl" ]; - :if ([ $MkDir "tmpfs/" . $ScriptName ] = false) do={ + :local FileName ("tmpfs/" . [ $CleanName $ScriptName ]); + :if ([ $MkDir $FileName ] = false) do={ $LogPrint error $0 ("Failed creating directory!"); :return false; } - :local FileName ("tmpfs/" . $ScriptName . "/" . $0 . "-" . [ $GetRandom20CharAlNum ]); - + :set FileName ($FileName . "/" . [ $CleanName $0 ] . "-" . [ $GetRandom20CharAlNum ]); :do { /tool/fetch check-certificate=$CheckCert $Url dst-path=$FileName \ http-header-field=({ [ $FetchUserAgentStr $ScriptName ] }) as-value; From 402f847db2b7446a67634d3720d824a7e6b87e71 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 3 Apr 2024 17:36:47 +0200 Subject: [PATCH 448/908] global-functions: $FetchHuge: remove file on failed download --- global-functions.rsc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 3c14f22..ab8860f 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -417,6 +417,9 @@ /tool/fetch check-certificate=$CheckCert $Url dst-path=$FileName \ http-header-field=({ [ $FetchUserAgentStr $ScriptName ] }) as-value; } on-error={ + :if ([ $WaitForFile $FileName 500ms ] = true) do={ + /file/remove $FileName; + } $LogPrint debug $0 ("Failed downloading from: " . $Url); :return false; } From c3809f240d292e80c936e104e8aa9414b3dd3367 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 27 Mar 2024 23:39:55 +0100 Subject: [PATCH 449/908] fw-addr-lists: use $FetchHuge --- doc/fw-addr-lists.md | 6 +++++- fw-addr-lists.rsc | 18 ++++++------------ 2 files changed, 11 insertions(+), 13 deletions(-) diff --git a/doc/fw-addr-lists.md b/doc/fw-addr-lists.md index 70ca6e9..ac34c88 100644 --- a/doc/fw-addr-lists.md +++ b/doc/fw-addr-lists.md @@ -4,7 +4,7 @@ Download, import and update firewall address-lists [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) @@ -29,6 +29,10 @@ see situation when the lists are not populated. To mitigate man-in-the-middle attacks with altered lists the server's certificate is checked. +> ⚠️ **Warning**: The script does not limit the size of a list, but keep in +> mind that huge lists can exhaust your device's resources (RAM and CPU), +> and may take a long time to process. + Requirements and installation ----------------------------- diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 68775b4..66f8581 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2023-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # download, import and update firewall address-lists # https://git.eworm.de/cgit/routeros-scripts/about/doc/fw-addr-lists.md @@ -19,7 +19,7 @@ :global CertificateAvailable; :global EitherOr; - :global FetchUserAgentStr; + :global FetchHuge; :global LogPrint; :global LogPrintOnce; :global ScriptLock; @@ -50,12 +50,12 @@ :local Failure false; :foreach List in=$FwList do={ - :local CheckCertificate "no"; + :local CheckCertificate false; :local Data false; :local TimeOut [ $EitherOr [ :totime ($List->"timeout") ] $FwAddrListTimeOut ]; :if ([ :len ($List->"cert") ] > 0) do={ - :set CheckCertificate "yes-without-crl"; + :set CheckCertificate true; :if ([ $CertificateAvailable ($List->"cert") ] = false) do={ $LogPrint warning $ScriptName ("Downloading required certificate failed, trying anyway."); } @@ -63,10 +63,8 @@ :for I from=1 to=5 do={ :if ($Data = false) do={ - :do { - :set Data ([ /tool/fetch check-certificate=$CheckCertificate output=user \ - http-header-field=({ [ $FetchUserAgentStr $ScriptName ] }) ($List->"url") as-value ]->"data"); - } on-error={ + :set Data [ $FetchHuge $ScriptName ($List->"url") $CheckCertificate ]; + :if ($Data = false) do={ :if ($I < 5) do={ $LogPrint debug $ScriptName ("Failed downloading, " . $I . ". try: " . $List->"url"); :delay (($I * $I) . "s"); @@ -81,10 +79,6 @@ $LogPrint warning $ScriptName ("Failed downloading list from: " . $List->"url"); } - :if ([ :len $Data ] > 63000) do={ - $LogPrintOnce warning $ScriptName ("The list is huge and may be truncated: " . $List->"url"); - } - :while ([ :len $Data ] != 0) do={ :local Line [ :pick $Data 0 [ :find $Data "\n" ] ]; :local Address ([ :pick $Line 0 [ $FindDelim $Line ] ] . ($List->"cidr")); From 4b6d0c02f134f4c6535d4df44016dc9ae2ae5db2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 5 Apr 2024 00:20:33 +0200 Subject: [PATCH 450/908] fw-addr-lists: try with less regexp matches --- fw-addr-lists.rsc | 23 +++++++++++++++-------- 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 66f8581..7e7ee38 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -82,14 +82,21 @@ :while ([ :len $Data ] != 0) do={ :local Line [ :pick $Data 0 [ :find $Data "\n" ] ]; :local Address ([ :pick $Line 0 [ $FindDelim $Line ] ] . ($List->"cidr")); - :if ($Address ~ "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}(/[0-9]{1,2})?\$" || \ - $Address ~ "^[\\.a-zA-Z0-9-]+\\.[a-zA-Z]{2,}\$") do={ - :set ($IPv4Addresses->$Address) $TimeOut; - } - :if ($Address ~ "^[0-9a-zA-Z]*:[0-9a-zA-Z:\\.]+(/[0-9]{1,3})?\$" || \ - $Address ~ "^[\\.a-zA-Z0-9-]+\\.[a-zA-Z]{2,}\$") do={ - :set ($IPv6Addresses->$Address) $TimeOut; - } + :do { + :if ($Address ~ "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}(/[0-9]{1,2})?\$") do={ + :set ($IPv4Addresses->$Address) $TimeOut; + :error true; + } + :if ($Address ~ "^[0-9a-zA-Z]*:[0-9a-zA-Z:\\.]+(/[0-9]{1,3})?\$") do={ + :set ($IPv6Addresses->$Address) $TimeOut; + :error true; + } + :if ($Address ~ "^[\\.a-zA-Z0-9-]+\\.[a-zA-Z]{2,}\$") do={ + :set ($IPv4Addresses->$Address) $TimeOut; + :set ($IPv6Addresses->$Address) $TimeOut; + :error true; + } + } on-error={ } :set Data [ :pick $Data ([ :len $Line ] + 1) [ :len $Data ] ]; } } From af6556bdba9d68174b45561215ea3be2e098e349 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 4 Apr 2024 19:37:38 +0200 Subject: [PATCH 451/908] fw-addr-lists: add debug message on successful download --- fw-addr-lists.rsc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 7e7ee38..5cdd379 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -20,6 +20,7 @@ :global CertificateAvailable; :global EitherOr; :global FetchHuge; + :global HumanReadableNum; :global LogPrint; :global LogPrintOnce; :global ScriptLock; @@ -77,6 +78,8 @@ :set Data ""; :set Failure true; $LogPrint warning $ScriptName ("Failed downloading list from: " . $List->"url"); + } else={ + $LogPrint debug $ScriptName ("Downloaded " . [ $HumanReadableNum [ :len $Data ] 1024 ] . "B from: " . $List->"url"); } :while ([ :len $Data ] != 0) do={ From 70cc1ff53b7d113f8aff24034e5f5a25efb8b261 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 5 Apr 2024 23:41:17 +0200 Subject: [PATCH 452/908] fw-addr-lists: rework log messages, always include list name --- fw-addr-lists.rsc | 39 ++++++++++++++++++++++++++------------- 1 file changed, 26 insertions(+), 13 deletions(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 5cdd379..c9f894b 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -58,7 +58,8 @@ :if ([ :len ($List->"cert") ] > 0) do={ :set CheckCertificate true; :if ([ $CertificateAvailable ($List->"cert") ] = false) do={ - $LogPrint warning $ScriptName ("Downloading required certificate failed, trying anyway."); + $LogPrint warning $ScriptName ("Downloading required certificate (" . $FwListName . \ + " / " . $List->"url" . ") failed, trying anyway."); } } @@ -67,7 +68,8 @@ :set Data [ $FetchHuge $ScriptName ($List->"url") $CheckCertificate ]; :if ($Data = false) do={ :if ($I < 5) do={ - $LogPrint debug $ScriptName ("Failed downloading, " . $I . ". try: " . $List->"url"); + $LogPrint debug $ScriptName ("Failed downloading for list '" . $FwListName . \ + "', " . $I . ". try from: " . $List->"url"); :delay (($I * $I) . "s"); } } @@ -77,9 +79,11 @@ :if ($Data = false) do={ :set Data ""; :set Failure true; - $LogPrint warning $ScriptName ("Failed downloading list from: " . $List->"url"); + $LogPrint warning $ScriptName ("Failed downloading for list '" . $FwListName . \ + "' from: " . $List->"url"); } else={ - $LogPrint debug $ScriptName ("Downloaded " . [ $HumanReadableNum [ :len $Data ] 1024 ] . "B from: " . $List->"url"); + $LogPrint debug $ScriptName ("Downloaded " . [ $HumanReadableNum [ :len $Data ] 1024 ] . \ + "B for list '" . $FwListName . "' from: " . $List->"url"); } :while ([ :len $Data ] != 0) do={ @@ -107,13 +111,15 @@ :foreach Entry in=[ /ip/firewall/address-list/find where list=$FwListName comment=$ListComment ] do={ :local Address [ /ip/firewall/address-list/get $Entry address ]; :if ([ :typeof ($IPv4Addresses->$Address) ] = "time") do={ - $LogPrint debug $ScriptName ("Renewing IPv4 address for " . ($IPv4Addresses->$Address) . ": " . $Address); + $LogPrint debug $ScriptName ("Renewing IPv4 address in list '" . $FwListName . \ + "' with " . ($IPv4Addresses->$Address) . ": " . $Address); /ip/firewall/address-list/set $Entry timeout=($IPv4Addresses->$Address); :set ($IPv4Addresses->$Address); :set CntRenew ($CntRenew + 1); } else={ :if ($Failure = false) do={ - $LogPrint debug $ScriptName ("Removing IPv4 address: " . $Address); + $LogPrint debug $ScriptName ("Removing IPv4 address from list '" . $FwListName . \ + "': " . $Address); /ip/firewall/address-list/remove $Entry; :set CntRemove ($CntRemove + 1); } @@ -123,13 +129,15 @@ :foreach Entry in=[ /ipv6/firewall/address-list/find where list=$FwListName comment=$ListComment ] do={ :local Address [ /ipv6/firewall/address-list/get $Entry address ]; :if ([ :typeof ($IPv6Addresses->$Address) ] = "time") do={ - $LogPrint debug $ScriptName ("Renewing IPv6 address for " . ($IPv6Addresses->$Address) . ": " . $Address); + $LogPrint debug $ScriptName ("Renewing IPv6 address in list '" . $FwListName . \ + "' with " . ($IPv6Addresses->$Address) . ": " . $Address); /ipv6/firewall/address-list/set $Entry timeout=($IPv6Addresses->$Address); :set ($IPv6Addresses->$Address); :set CntRenew ($CntRenew + 1); } else={ :if ($Failure = false) do={ - $LogPrint debug $ScriptName ("Removing: " . $Address); + $LogPrint debug $ScriptName ("Removing IPv6 address from list '" . $FwListName . \ + "': " . $Address); /ipv6/firewall/address-list/remove $Entry; :set CntRemove ($CntRemove + 1); } @@ -137,27 +145,32 @@ } :foreach Address,Timeout in=$IPv4Addresses do={ - $LogPrint debug $ScriptName ("Adding IPv4 address for " . $Timeout . ": " . $Address); + $LogPrint debug $ScriptName ("Adding IPv4 address to list '" . $FwListName . \ + "' with " . $Timeout . ": " . $Address); :do { /ip/firewall/address-list/add list=$FwListName comment=$ListComment address=$Address timeout=$Timeout; :set ($IPv4Addresses->$Address); :set CntAdd ($CntAdd + 1); } on-error={ - $LogPrint warning $ScriptName ("Failed to add IPv4 address " . $Address . " to list '" . $FwListName . "'."); + $LogPrint warning $ScriptName ("Failed to add IPv4 address to list '" . $FwListName . \ + "': " . $Address); } } :foreach Address,Timeout in=$IPv6Addresses do={ - $LogPrint debug $ScriptName ("Adding IPv6 address for " . $Timeout . ": " . $Address); + $LogPrint debug $ScriptName ("Adding IPv6 address to list '" . $FwListName . \ + "' with " . $Timeout . ": " . $Address); :do { /ipv6/firewall/address-list/add list=$FwListName comment=$ListComment address=$Address timeout=$Timeout; :set ($IPv6Addresses->$Address); :set CntAdd ($CntAdd + 1); } on-error={ - $LogPrint warning $ScriptName ("Failed to add IPv6 address " . $Address . " to list '" . $FwListName . "'."); + $LogPrint warning $ScriptName ("Failed to add IPv6 address to list '" . $FwListName . \ + "': " . $Address); } } - $LogPrint info $ScriptName ("list: " . $FwListName . " -- added: " . $CntAdd . " - renewed: " . $CntRenew . " - removed: " . $CntRemove); + $LogPrint info $ScriptName ("list: " . $FwListName . " -- added: " . $CntAdd . \ + " - renewed: " . $CntRenew . " - removed: " . $CntRemove); } } on-error={ } From 491d85000d607db09b7abd67d6002c9ca1a870f2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Sun, 7 Apr 2024 20:54:41 +0200 Subject: [PATCH 453/908] fw-addr-lists: human readable numbers for counts --- fw-addr-lists.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index c9f894b..15d292e 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -170,7 +170,9 @@ } } - $LogPrint info $ScriptName ("list: " . $FwListName . " -- added: " . $CntAdd . \ - " - renewed: " . $CntRenew . " - removed: " . $CntRemove); + $LogPrint info $ScriptName ("list: " . $FwListName . \ + " -- added: " . [ $HumanReadableNum $CntAdd 1000 ] . \ + " - renewed: " . [ $HumanReadableNum $CntRenew 1000 ] . \ + " - removed: " . [ $HumanReadableNum $CntRemove 1000 ]); } } on-error={ } From 19c52ed2a7a59c7ecfb472a9f0bbf4843fc5d713 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Sun, 7 Apr 2024 22:50:04 +0200 Subject: [PATCH 454/908] fw-addr-lists: show count of active addresses --- fw-addr-lists.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 15d292e..ab417cd 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -171,6 +171,7 @@ } $LogPrint info $ScriptName ("list: " . $FwListName . \ + " (" . [ $HumanReadableNum ($CntAdd + $CntRenew) 1000 ] . ")" . \ " -- added: " . [ $HumanReadableNum $CntAdd 1000 ] . \ " - renewed: " . [ $HumanReadableNum $CntRenew 1000 ] . \ " - removed: " . [ $HumanReadableNum $CntRemove 1000 ]); From c4d2ea19dda3434c92f604605c1d3f06ec8148c2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 5 Apr 2024 23:53:05 +0200 Subject: [PATCH 455/908] fw-addr-lists: break long lines --- fw-addr-lists.rsc | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index ab417cd..007282c 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -108,7 +108,8 @@ } } - :foreach Entry in=[ /ip/firewall/address-list/find where list=$FwListName comment=$ListComment ] do={ + :foreach Entry in=[ /ip/firewall/address-list/find where \ + list=$FwListName comment=$ListComment ] do={ :local Address [ /ip/firewall/address-list/get $Entry address ]; :if ([ :typeof ($IPv4Addresses->$Address) ] = "time") do={ $LogPrint debug $ScriptName ("Renewing IPv4 address in list '" . $FwListName . \ @@ -126,7 +127,8 @@ } } - :foreach Entry in=[ /ipv6/firewall/address-list/find where list=$FwListName comment=$ListComment ] do={ + :foreach Entry in=[ /ipv6/firewall/address-list/find where \ + list=$FwListName comment=$ListComment ] do={ :local Address [ /ipv6/firewall/address-list/get $Entry address ]; :if ([ :typeof ($IPv6Addresses->$Address) ] = "time") do={ $LogPrint debug $ScriptName ("Renewing IPv6 address in list '" . $FwListName . \ @@ -148,7 +150,8 @@ $LogPrint debug $ScriptName ("Adding IPv4 address to list '" . $FwListName . \ "' with " . $Timeout . ": " . $Address); :do { - /ip/firewall/address-list/add list=$FwListName comment=$ListComment address=$Address timeout=$Timeout; + /ip/firewall/address-list/add list=$FwListName comment=$ListComment \ + address=$Address timeout=$Timeout; :set ($IPv4Addresses->$Address); :set CntAdd ($CntAdd + 1); } on-error={ @@ -161,7 +164,8 @@ $LogPrint debug $ScriptName ("Adding IPv6 address to list '" . $FwListName . \ "' with " . $Timeout . ": " . $Address); :do { - /ipv6/firewall/address-list/add list=$FwListName comment=$ListComment address=$Address timeout=$Timeout; + /ipv6/firewall/address-list/add list=$FwListName comment=$ListComment \ + address=$Address timeout=$Timeout; :set ($IPv6Addresses->$Address); :set CntAdd ($CntAdd + 1); } on-error={ From 009674b5bcf27589cd3469bc418dea72c9b4e979 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 4 Apr 2024 21:45:02 +0200 Subject: [PATCH 456/908] bump RouterOS requirement for all scripts and modules... ... now that global-functions requires RouterOS 7.13 anyway. --- BRANCHES.md | 2 +- CONTRIBUTIONS.md | 2 +- INITIAL-COMMANDS.md | 2 +- accesslist-duplicates.capsman.rsc | 2 +- accesslist-duplicates.local.rsc | 2 +- accesslist-duplicates.template.rsc | 2 +- accesslist-duplicates.wifi.rsc | 2 +- backup-cloud.rsc | 2 +- backup-email.rsc | 2 +- backup-partition.rsc | 2 +- backup-upload.rsc | 2 +- capsman-download-packages.capsman.rsc | 2 +- capsman-download-packages.template.rsc | 2 +- capsman-download-packages.wifi.rsc | 2 +- capsman-rolling-upgrade.capsman.rsc | 2 +- capsman-rolling-upgrade.template.rsc | 2 +- capsman-rolling-upgrade.wifi.rsc | 2 +- certificate-renew-issued.rsc | 2 +- check-certificates.rsc | 2 +- check-health.rsc | 2 +- check-lte-firmware-upgrade.rsc | 2 +- check-routeros-update.rsc | 2 +- collect-wireless-mac.capsman.rsc | 2 +- collect-wireless-mac.local.rsc | 2 +- collect-wireless-mac.template.rsc | 2 +- collect-wireless-mac.wifi.rsc | 2 +- daily-psk.capsman.rsc | 2 +- daily-psk.local.rsc | 2 +- daily-psk.template.rsc | 2 +- daily-psk.wifi.rsc | 2 +- dhcp-lease-comment.capsman.rsc | 2 +- dhcp-lease-comment.local.rsc | 2 +- dhcp-lease-comment.template.rsc | 2 +- dhcp-lease-comment.wifi.rsc | 2 +- dhcp-to-dns.rsc | 2 +- doc/accesslist-duplicates.md | 2 +- doc/backup-cloud.md | 2 +- doc/backup-email.md | 2 +- doc/backup-partition.md | 2 +- doc/backup-upload.md | 2 +- doc/capsman-download-packages.md | 2 +- doc/capsman-rolling-upgrade.md | 2 +- doc/certificate-renew-issued.md | 2 +- doc/check-certificates.md | 2 +- doc/check-health.md | 2 +- doc/check-lte-firmware-upgrade.md | 2 +- doc/check-routeros-update.md | 2 +- doc/collect-wireless-mac.md | 2 +- doc/daily-psk.md | 2 +- doc/dhcp-lease-comment.md | 2 +- doc/dhcp-to-dns.md | 2 +- doc/firmware-upgrade-reboot.md | 2 +- doc/global-wait.md | 2 +- doc/gps-track.md | 2 +- doc/hotspot-to-wpa.md | 2 +- doc/ip-addr-bridge.md | 2 +- doc/ipsec-to-dns.md | 2 +- doc/ipv6-update.md | 2 +- doc/lease-script.md | 2 +- doc/leds-mode.md | 2 +- doc/log-forward.md | 2 +- doc/mod/bridge-port-to.md | 2 +- doc/mod/bridge-port-vlan.md | 2 +- doc/mod/inspectvar.md | 2 +- doc/mod/ipcalc.md | 2 +- doc/mod/notification-email.md | 2 +- doc/mod/notification-ntfy.md | 2 +- doc/mod/scriptrunonce.md | 2 +- doc/mod/ssh-keys-import.md | 2 +- doc/mode-button.md | 2 +- doc/netwatch-dns.md | 2 +- doc/netwatch-notify.md | 2 +- doc/ospf-to-leds.md | 2 +- doc/ppp-on-up.md | 2 +- doc/sms-action.md | 2 +- doc/sms-forward.md | 2 +- doc/super-mario-theme.md | 2 +- doc/unattended-lte-firmware-upgrade.md | 2 +- doc/update-gre-address.md | 2 +- doc/update-tunnelbroker.md | 2 +- firmware-upgrade-reboot.rsc | 2 +- global-wait.rsc | 2 +- gps-track.rsc | 2 +- hotspot-to-wpa-cleanup.capsman.rsc | 2 +- hotspot-to-wpa-cleanup.template.rsc | 2 +- hotspot-to-wpa-cleanup.wifi.rsc | 2 +- hotspot-to-wpa.capsman.rsc | 2 +- hotspot-to-wpa.template.rsc | 2 +- hotspot-to-wpa.wifi.rsc | 2 +- ipsec-to-dns.rsc | 2 +- ipv6-update.rsc | 2 +- lease-script.rsc | 2 +- log-forward.rsc | 2 +- mod/bridge-port-to.rsc | 2 ++ mod/bridge-port-vlan.rsc | 2 ++ mod/inspectvar.rsc | 2 ++ mod/ipcalc.rsc | 2 ++ mod/notification-email.rsc | 2 +- mod/notification-ntfy.rsc | 2 ++ mod/scriptrunonce.rsc | 2 ++ mod/ssh-keys-import.rsc | 2 +- mode-button.rsc | 2 +- netwatch-dns.rsc | 2 +- netwatch-notify.rsc | 2 +- ospf-to-leds.rsc | 2 +- ppp-on-up.rsc | 2 +- sms-action.rsc | 2 +- sms-forward.rsc | 2 +- update-gre-address.rsc | 2 +- update-tunnelbroker.rsc | 2 +- 110 files changed, 116 insertions(+), 104 deletions(-) diff --git a/BRANCHES.md b/BRANCHES.md index 0fdbdb4..f1062bb 100644 --- a/BRANCHES.md +++ b/BRANCHES.md @@ -4,7 +4,7 @@ Installing from branches [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/CONTRIBUTIONS.md b/CONTRIBUTIONS.md index f4056e5..13d0508 100644 --- a/CONTRIBUTIONS.md +++ b/CONTRIBUTIONS.md @@ -4,7 +4,7 @@ Past Contributions [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/INITIAL-COMMANDS.md b/INITIAL-COMMANDS.md index 0de50ae..0320fe8 100644 --- a/INITIAL-COMMANDS.md +++ b/INITIAL-COMMANDS.md @@ -4,7 +4,7 @@ Initial commands [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/accesslist-duplicates.capsman.rsc b/accesslist-duplicates.capsman.rsc index 2ce8302..781ae78 100644 --- a/accesslist-duplicates.capsman.rsc +++ b/accesslist-duplicates.capsman.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # print duplicate antries in wireless access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md diff --git a/accesslist-duplicates.local.rsc b/accesslist-duplicates.local.rsc index 51ef6f3..b79a724 100644 --- a/accesslist-duplicates.local.rsc +++ b/accesslist-duplicates.local.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # print duplicate antries in wireless access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md diff --git a/accesslist-duplicates.template.rsc b/accesslist-duplicates.template.rsc index 770fb30..b8067c8 100644 --- a/accesslist-duplicates.template.rsc +++ b/accesslist-duplicates.template.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # print duplicate antries in wireless access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md diff --git a/accesslist-duplicates.wifi.rsc b/accesslist-duplicates.wifi.rsc index 65f8aaa..c05e02c 100644 --- a/accesslist-duplicates.wifi.rsc +++ b/accesslist-duplicates.wifi.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # print duplicate antries in wireless access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md diff --git a/backup-cloud.rsc b/backup-cloud.rsc index cccb41b..9a062f2 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: backup-script, order=40 -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # upload backup to MikroTik cloud # https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-cloud.md diff --git a/backup-email.rsc b/backup-email.rsc index 64ca69c..c32eb27 100644 --- a/backup-email.rsc +++ b/backup-email.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: backup-script, order=20 -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # create and email backup and config file # https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-email.md diff --git a/backup-partition.rsc b/backup-partition.rsc index 503d382..fc186c0 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: backup-script, order=70 -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # save configuration to fallback partition # https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-partition.md diff --git a/backup-upload.rsc b/backup-upload.rsc index ef5b7c7..18223bb 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: backup-script, order=50 -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # create and upload backup and config file # https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-upload.md diff --git a/capsman-download-packages.capsman.rsc b/capsman-download-packages.capsman.rsc index a3bd4a5..f5695f4 100644 --- a/capsman-download-packages.capsman.rsc +++ b/capsman-download-packages.capsman.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # download and cleanup packages for CAP installation from CAPsMAN # https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-download-packages.md diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index cad3bcb..762dbb6 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # download and cleanup packages for CAP installation from CAPsMAN # https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-download-packages.md diff --git a/capsman-download-packages.wifi.rsc b/capsman-download-packages.wifi.rsc index 909688f..79aa9a7 100644 --- a/capsman-download-packages.wifi.rsc +++ b/capsman-download-packages.wifi.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # download and cleanup packages for CAP installation from CAPsMAN # https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-download-packages.md diff --git a/capsman-rolling-upgrade.capsman.rsc b/capsman-rolling-upgrade.capsman.rsc index 11bfd69..2c9ae3d 100644 --- a/capsman-rolling-upgrade.capsman.rsc +++ b/capsman-rolling-upgrade.capsman.rsc @@ -5,7 +5,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: capsman-rolling-upgrade -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # upgrade CAPs one after another # https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-rolling-upgrade.md diff --git a/capsman-rolling-upgrade.template.rsc b/capsman-rolling-upgrade.template.rsc index e0effd4..2098bc0 100644 --- a/capsman-rolling-upgrade.template.rsc +++ b/capsman-rolling-upgrade.template.rsc @@ -5,7 +5,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: capsman-rolling-upgrade -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # upgrade CAPs one after another # https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-rolling-upgrade.md diff --git a/capsman-rolling-upgrade.wifi.rsc b/capsman-rolling-upgrade.wifi.rsc index 8ec6f26..36b8c0f 100644 --- a/capsman-rolling-upgrade.wifi.rsc +++ b/capsman-rolling-upgrade.wifi.rsc @@ -5,7 +5,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: capsman-rolling-upgrade -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # upgrade CAPs one after another # https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-rolling-upgrade.md diff --git a/certificate-renew-issued.rsc b/certificate-renew-issued.rsc index 45805c5..77ed3d0 100644 --- a/certificate-renew-issued.rsc +++ b/certificate-renew-issued.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # renew locally issued certificates # https://git.eworm.de/cgit/routeros-scripts/about/doc/certificate-renew-issued.md diff --git a/check-certificates.rsc b/check-certificates.rsc index 20e2902..e9235f1 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # check for certificate validity # https://git.eworm.de/cgit/routeros-scripts/about/doc/check-certificates.md diff --git a/check-health.rsc b/check-health.rsc index 2a97ad6..1e8fcc0 100644 --- a/check-health.rsc +++ b/check-health.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # check for RouterOS health state # https://git.eworm.de/cgit/routeros-scripts/about/doc/check-health.md diff --git a/check-lte-firmware-upgrade.rsc b/check-lte-firmware-upgrade.rsc index e7f06f3..3a25f83 100644 --- a/check-lte-firmware-upgrade.rsc +++ b/check-lte-firmware-upgrade.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # check for LTE firmware upgrade, send notification # https://git.eworm.de/cgit/routeros-scripts/about/doc/check-lte-firmware-upgrade.md diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index c9ab93b..6dca99a 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # check for RouterOS update, send notification and/or install # https://git.eworm.de/cgit/routeros-scripts/about/doc/check-routeros-update.md diff --git a/collect-wireless-mac.capsman.rsc b/collect-wireless-mac.capsman.rsc index dcb303c..74c0754 100644 --- a/collect-wireless-mac.capsman.rsc +++ b/collect-wireless-mac.capsman.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=40 -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # collect wireless mac adresses in access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md diff --git a/collect-wireless-mac.local.rsc b/collect-wireless-mac.local.rsc index 7c1122c..8a60fea 100644 --- a/collect-wireless-mac.local.rsc +++ b/collect-wireless-mac.local.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=40 -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # collect wireless mac adresses in access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md diff --git a/collect-wireless-mac.template.rsc b/collect-wireless-mac.template.rsc index b8c5ff8..c5cf74a 100644 --- a/collect-wireless-mac.template.rsc +++ b/collect-wireless-mac.template.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=40 -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # collect wireless mac adresses in access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md diff --git a/collect-wireless-mac.wifi.rsc b/collect-wireless-mac.wifi.rsc index b8ad939..12c3361 100644 --- a/collect-wireless-mac.wifi.rsc +++ b/collect-wireless-mac.wifi.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=40 -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # collect wireless mac adresses in access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md diff --git a/daily-psk.capsman.rsc b/daily-psk.capsman.rsc index 43651d0..64e8ce7 100644 --- a/daily-psk.capsman.rsc +++ b/daily-psk.capsman.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # update daily PSK (pre shared key) # https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md diff --git a/daily-psk.local.rsc b/daily-psk.local.rsc index 2dbc61b..48e2b8d 100644 --- a/daily-psk.local.rsc +++ b/daily-psk.local.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # update daily PSK (pre shared key) # https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md diff --git a/daily-psk.template.rsc b/daily-psk.template.rsc index e190ffb..5097b00 100644 --- a/daily-psk.template.rsc +++ b/daily-psk.template.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # update daily PSK (pre shared key) # https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md diff --git a/daily-psk.wifi.rsc b/daily-psk.wifi.rsc index ee3e1b0..9d7f285 100644 --- a/daily-psk.wifi.rsc +++ b/daily-psk.wifi.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # update daily PSK (pre shared key) # https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md diff --git a/dhcp-lease-comment.capsman.rsc b/dhcp-lease-comment.capsman.rsc index 4ac228b..b7f3589 100644 --- a/dhcp-lease-comment.capsman.rsc +++ b/dhcp-lease-comment.capsman.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=60 -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # update dhcp-server lease comment with infos from access-list # https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md diff --git a/dhcp-lease-comment.local.rsc b/dhcp-lease-comment.local.rsc index a49f74f..e35bbe7 100644 --- a/dhcp-lease-comment.local.rsc +++ b/dhcp-lease-comment.local.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=60 -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # update dhcp-server lease comment with infos from access-list # https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md diff --git a/dhcp-lease-comment.template.rsc b/dhcp-lease-comment.template.rsc index 0f0975b..d4323ad 100644 --- a/dhcp-lease-comment.template.rsc +++ b/dhcp-lease-comment.template.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=60 -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # update dhcp-server lease comment with infos from access-list # https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md diff --git a/dhcp-lease-comment.wifi.rsc b/dhcp-lease-comment.wifi.rsc index c9c091b..f67ce6e 100644 --- a/dhcp-lease-comment.wifi.rsc +++ b/dhcp-lease-comment.wifi.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=60 -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # update dhcp-server lease comment with infos from access-list # https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md diff --git a/dhcp-to-dns.rsc b/dhcp-to-dns.rsc index 5b6e64a..a3d41c9 100644 --- a/dhcp-to-dns.rsc +++ b/dhcp-to-dns.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=20 -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # check DHCP leases and add/remove/update DNS entries # https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-to-dns.md diff --git a/doc/accesslist-duplicates.md b/doc/accesslist-duplicates.md index 109bebf..a1f9198 100644 --- a/doc/accesslist-duplicates.md +++ b/doc/accesslist-duplicates.md @@ -4,7 +4,7 @@ Find and remove access list duplicates [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/backup-cloud.md b/doc/backup-cloud.md index 03d5953..be6e06d 100644 --- a/doc/backup-cloud.md +++ b/doc/backup-cloud.md @@ -4,7 +4,7 @@ Upload backup to Mikrotik cloud [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/backup-email.md b/doc/backup-email.md index 56b0540..a506543 100644 --- a/doc/backup-email.md +++ b/doc/backup-email.md @@ -4,7 +4,7 @@ Send backup via e-mail [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/backup-partition.md b/doc/backup-partition.md index e2ca8e0..ba20657 100644 --- a/doc/backup-partition.md +++ b/doc/backup-partition.md @@ -4,7 +4,7 @@ Save configuration to fallback partition [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/backup-upload.md b/doc/backup-upload.md index 953ac93..f524adb 100644 --- a/doc/backup-upload.md +++ b/doc/backup-upload.md @@ -4,7 +4,7 @@ Upload backup to server [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/capsman-download-packages.md b/doc/capsman-download-packages.md index 20fb007..c68900e 100644 --- a/doc/capsman-download-packages.md +++ b/doc/capsman-download-packages.md @@ -4,7 +4,7 @@ Download packages for CAP upgrade from CAPsMAN [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/capsman-rolling-upgrade.md b/doc/capsman-rolling-upgrade.md index 8362794..27d855f 100644 --- a/doc/capsman-rolling-upgrade.md +++ b/doc/capsman-rolling-upgrade.md @@ -4,7 +4,7 @@ Run rolling CAP upgrades from CAPsMAN [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/certificate-renew-issued.md b/doc/certificate-renew-issued.md index 2df8be3..91a1914 100644 --- a/doc/certificate-renew-issued.md +++ b/doc/certificate-renew-issued.md @@ -4,7 +4,7 @@ Renew locally issued certificates [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/check-certificates.md b/doc/check-certificates.md index 62b9ceb..636f719 100644 --- a/doc/check-certificates.md +++ b/doc/check-certificates.md @@ -4,7 +4,7 @@ Renew certificates and notify on expiration [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/check-health.md b/doc/check-health.md index ee52b61..f94a0bf 100644 --- a/doc/check-health.md +++ b/doc/check-health.md @@ -4,7 +4,7 @@ Notify about health state [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/check-lte-firmware-upgrade.md b/doc/check-lte-firmware-upgrade.md index bec3177..59a62c7 100644 --- a/doc/check-lte-firmware-upgrade.md +++ b/doc/check-lte-firmware-upgrade.md @@ -4,7 +4,7 @@ Notify on LTE firmware upgrade [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/check-routeros-update.md b/doc/check-routeros-update.md index dbb2b89..f9d485c 100644 --- a/doc/check-routeros-update.md +++ b/doc/check-routeros-update.md @@ -4,7 +4,7 @@ Notify on RouterOS update [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/collect-wireless-mac.md b/doc/collect-wireless-mac.md index b0a2298..57032d8 100644 --- a/doc/collect-wireless-mac.md +++ b/doc/collect-wireless-mac.md @@ -4,7 +4,7 @@ Collect MAC addresses in wireless access list [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/daily-psk.md b/doc/daily-psk.md index f723617..3894d52 100644 --- a/doc/daily-psk.md +++ b/doc/daily-psk.md @@ -4,7 +4,7 @@ Use wireless network with daily psk [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/dhcp-lease-comment.md b/doc/dhcp-lease-comment.md index 4831b8c..f95b124 100644 --- a/doc/dhcp-lease-comment.md +++ b/doc/dhcp-lease-comment.md @@ -4,7 +4,7 @@ Comment DHCP leases with info from access list [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/dhcp-to-dns.md b/doc/dhcp-to-dns.md index e7f3b88..13d5ef3 100644 --- a/doc/dhcp-to-dns.md +++ b/doc/dhcp-to-dns.md @@ -4,7 +4,7 @@ Create DNS records for DHCP leases [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/firmware-upgrade-reboot.md b/doc/firmware-upgrade-reboot.md index 420dfe1..bac17a7 100644 --- a/doc/firmware-upgrade-reboot.md +++ b/doc/firmware-upgrade-reboot.md @@ -4,7 +4,7 @@ Automatically upgrade firmware and reboot [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/global-wait.md b/doc/global-wait.md index a3fe6d6..4b42717 100644 --- a/doc/global-wait.md +++ b/doc/global-wait.md @@ -4,7 +4,7 @@ Wait for global functions and modules [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/gps-track.md b/doc/gps-track.md index 03f79a7..7006fb3 100644 --- a/doc/gps-track.md +++ b/doc/gps-track.md @@ -4,7 +4,7 @@ Send GPS position to server [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/hotspot-to-wpa.md b/doc/hotspot-to-wpa.md index 6ce4421..275fe4d 100644 --- a/doc/hotspot-to-wpa.md +++ b/doc/hotspot-to-wpa.md @@ -4,7 +4,7 @@ Use WPA network with hotspot credentials [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/ip-addr-bridge.md b/doc/ip-addr-bridge.md index 8bb9811..941a8ae 100644 --- a/doc/ip-addr-bridge.md +++ b/doc/ip-addr-bridge.md @@ -4,7 +4,7 @@ Manage IP addresses with bridge status [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/ipsec-to-dns.md b/doc/ipsec-to-dns.md index ca5b86c..0a91960 100644 --- a/doc/ipsec-to-dns.md +++ b/doc/ipsec-to-dns.md @@ -4,7 +4,7 @@ Create DNS records for IPSec peers [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/ipv6-update.md b/doc/ipv6-update.md index a5661fc..20265fe 100644 --- a/doc/ipv6-update.md +++ b/doc/ipv6-update.md @@ -4,7 +4,7 @@ Update configuration on IPv6 prefix change [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/lease-script.md b/doc/lease-script.md index f346621..4d2f3bc 100644 --- a/doc/lease-script.md +++ b/doc/lease-script.md @@ -4,7 +4,7 @@ Run other scripts on DHCP lease [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/leds-mode.md b/doc/leds-mode.md index 5dd5f63..90ea418 100644 --- a/doc/leds-mode.md +++ b/doc/leds-mode.md @@ -4,7 +4,7 @@ Manage LEDs dark mode [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/log-forward.md b/doc/log-forward.md index 4183d7b..44409dc 100644 --- a/doc/log-forward.md +++ b/doc/log-forward.md @@ -4,7 +4,7 @@ Forward log messages via notification [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/bridge-port-to.md b/doc/mod/bridge-port-to.md index 838d1e0..5c8bebc 100644 --- a/doc/mod/bridge-port-to.md +++ b/doc/mod/bridge-port-to.md @@ -4,7 +4,7 @@ Manage ports in bridge [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/bridge-port-vlan.md b/doc/mod/bridge-port-vlan.md index 5660b9d..d23d5b5 100644 --- a/doc/mod/bridge-port-vlan.md +++ b/doc/mod/bridge-port-vlan.md @@ -4,7 +4,7 @@ Manage VLANs on bridge ports [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/inspectvar.md b/doc/mod/inspectvar.md index 7ec74f2..d4e59b3 100644 --- a/doc/mod/inspectvar.md +++ b/doc/mod/inspectvar.md @@ -4,7 +4,7 @@ Inspect variables [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/ipcalc.md b/doc/mod/ipcalc.md index 5b24952..cb655bc 100644 --- a/doc/mod/ipcalc.md +++ b/doc/mod/ipcalc.md @@ -4,7 +4,7 @@ IP address calculation [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/notification-email.md b/doc/mod/notification-email.md index 76816c1..2138e31 100644 --- a/doc/mod/notification-email.md +++ b/doc/mod/notification-email.md @@ -4,7 +4,7 @@ Send notifications via e-mail [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/notification-ntfy.md b/doc/mod/notification-ntfy.md index a3fdf88..afa3109 100644 --- a/doc/mod/notification-ntfy.md +++ b/doc/mod/notification-ntfy.md @@ -4,7 +4,7 @@ Send notifications via Ntfy [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/scriptrunonce.md b/doc/mod/scriptrunonce.md index 6619efb..c5fa891 100644 --- a/doc/mod/scriptrunonce.md +++ b/doc/mod/scriptrunonce.md @@ -4,7 +4,7 @@ Download script and run it once [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/ssh-keys-import.md b/doc/mod/ssh-keys-import.md index 3d81566..db8e322 100644 --- a/doc/mod/ssh-keys-import.md +++ b/doc/mod/ssh-keys-import.md @@ -4,7 +4,7 @@ Import ssh keys for public key authentication [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mode-button.md b/doc/mode-button.md index 22ec215..8734352 100644 --- a/doc/mode-button.md +++ b/doc/mode-button.md @@ -4,7 +4,7 @@ Mode button with multiple presses [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/netwatch-dns.md b/doc/netwatch-dns.md index e00ccd0..443106f 100644 --- a/doc/netwatch-dns.md +++ b/doc/netwatch-dns.md @@ -4,7 +4,7 @@ Manage DNS and DoH servers from netwatch [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/netwatch-notify.md b/doc/netwatch-notify.md index 806bb3a..90cd830 100644 --- a/doc/netwatch-notify.md +++ b/doc/netwatch-notify.md @@ -4,7 +4,7 @@ Notify on host up and down [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/ospf-to-leds.md b/doc/ospf-to-leds.md index a7d4e9a..121f77b 100644 --- a/doc/ospf-to-leds.md +++ b/doc/ospf-to-leds.md @@ -4,7 +4,7 @@ Visualize OSPF state via LEDs [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/ppp-on-up.md b/doc/ppp-on-up.md index 418f05e..21847c7 100644 --- a/doc/ppp-on-up.md +++ b/doc/ppp-on-up.md @@ -4,7 +4,7 @@ Run scripts on ppp connection [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/sms-action.md b/doc/sms-action.md index 18ca574..b4678af 100644 --- a/doc/sms-action.md +++ b/doc/sms-action.md @@ -4,7 +4,7 @@ Act on received SMS [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/sms-forward.md b/doc/sms-forward.md index 2fe9486..597410b 100644 --- a/doc/sms-forward.md +++ b/doc/sms-forward.md @@ -4,7 +4,7 @@ Forward received SMS [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/super-mario-theme.md b/doc/super-mario-theme.md index ec59b39..e4bae2e 100644 --- a/doc/super-mario-theme.md +++ b/doc/super-mario-theme.md @@ -4,7 +4,7 @@ Play Super Mario theme [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/unattended-lte-firmware-upgrade.md b/doc/unattended-lte-firmware-upgrade.md index a6bf994..6680447 100644 --- a/doc/unattended-lte-firmware-upgrade.md +++ b/doc/unattended-lte-firmware-upgrade.md @@ -4,7 +4,7 @@ Install LTE firmware upgrade [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/update-gre-address.md b/doc/update-gre-address.md index fba2a65..80902b9 100644 --- a/doc/update-gre-address.md +++ b/doc/update-gre-address.md @@ -4,7 +4,7 @@ Update GRE configuration with dynamic addresses [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/update-tunnelbroker.md b/doc/update-tunnelbroker.md index 5aca581..2539e2f 100644 --- a/doc/update-tunnelbroker.md +++ b/doc/update-tunnelbroker.md @@ -4,7 +4,7 @@ Update tunnelbroker configuration [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.12-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/firmware-upgrade-reboot.rsc b/firmware-upgrade-reboot.rsc index 038f74e..169a2e0 100644 --- a/firmware-upgrade-reboot.rsc +++ b/firmware-upgrade-reboot.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2022-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # install firmware upgrade, and reboot # https://git.eworm.de/cgit/routeros-scripts/about/doc/firmware-upgrade-reboot.md diff --git a/global-wait.rsc b/global-wait.rsc index f8c767b..239f575 100644 --- a/global-wait.rsc +++ b/global-wait.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # wait for global-functions to finish # https://git.eworm.de/cgit/routeros-scripts/about/doc/global-wait.md diff --git a/gps-track.rsc b/gps-track.rsc index 1aeab84..dbca38a 100644 --- a/gps-track.rsc +++ b/gps-track.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # track gps data by sending json data to http server # https://git.eworm.de/cgit/routeros-scripts/about/doc/gps-track.md diff --git a/hotspot-to-wpa-cleanup.capsman.rsc b/hotspot-to-wpa-cleanup.capsman.rsc index 0540ad5..8f55d71 100644 --- a/hotspot-to-wpa-cleanup.capsman.rsc +++ b/hotspot-to-wpa-cleanup.capsman.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=80 -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # manage and clean up private WPA passphrase after hotspot login # https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc index 6f3b3e1..7ac996c 100644 --- a/hotspot-to-wpa-cleanup.template.rsc +++ b/hotspot-to-wpa-cleanup.template.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=80 -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # manage and clean up private WPA passphrase after hotspot login # https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md diff --git a/hotspot-to-wpa-cleanup.wifi.rsc b/hotspot-to-wpa-cleanup.wifi.rsc index 9c79628..39c9f25 100644 --- a/hotspot-to-wpa-cleanup.wifi.rsc +++ b/hotspot-to-wpa-cleanup.wifi.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=80 -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # manage and clean up private WPA passphrase after hotspot login # https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md diff --git a/hotspot-to-wpa.capsman.rsc b/hotspot-to-wpa.capsman.rsc index 37c8464..113c95d 100644 --- a/hotspot-to-wpa.capsman.rsc +++ b/hotspot-to-wpa.capsman.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # add private WPA passphrase after hotspot login # https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md diff --git a/hotspot-to-wpa.template.rsc b/hotspot-to-wpa.template.rsc index cbce42a..10f0c7e 100644 --- a/hotspot-to-wpa.template.rsc +++ b/hotspot-to-wpa.template.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # add private WPA passphrase after hotspot login # https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md diff --git a/hotspot-to-wpa.wifi.rsc b/hotspot-to-wpa.wifi.rsc index 86aeed7..dbf50e0 100644 --- a/hotspot-to-wpa.wifi.rsc +++ b/hotspot-to-wpa.wifi.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # add private WPA passphrase after hotspot login # https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md diff --git a/ipsec-to-dns.rsc b/ipsec-to-dns.rsc index dd40ca2..8894eee 100644 --- a/ipsec-to-dns.rsc +++ b/ipsec-to-dns.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2021-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # and add/remove/update DNS entries from IPSec mode-config # https://git.eworm.de/cgit/routeros-scripts/about/doc/ipsec-to-dns.md diff --git a/ipv6-update.rsc b/ipv6-update.rsc index 65bb959..ec9a03a 100644 --- a/ipv6-update.rsc +++ b/ipv6-update.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # update firewall and dns settings on IPv6 prefix change # https://git.eworm.de/cgit/routeros-scripts/about/doc/ipv6-update.md diff --git a/lease-script.rsc b/lease-script.rsc index 8e1e8f6..a9d4b68 100644 --- a/lease-script.rsc +++ b/lease-script.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # run scripts on DHCP lease # https://git.eworm.de/cgit/routeros-scripts/about/doc/lease-script.md diff --git a/log-forward.rsc b/log-forward.rsc index a919d8f..7abcb4d 100644 --- a/log-forward.rsc +++ b/log-forward.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # forward log messages via notification # https://git.eworm.de/cgit/routeros-scripts/about/doc/log-forward.md diff --git a/mod/bridge-port-to.rsc b/mod/bridge-port-to.rsc index 567a762..000532a 100644 --- a/mod/bridge-port-to.rsc +++ b/mod/bridge-port-to.rsc @@ -3,6 +3,8 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.13 +# # reset bridge ports to default bridge # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/bridge-port-to.md diff --git a/mod/bridge-port-vlan.rsc b/mod/bridge-port-vlan.rsc index aee5ef9..760e8a6 100644 --- a/mod/bridge-port-vlan.rsc +++ b/mod/bridge-port-vlan.rsc @@ -3,6 +3,8 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.13 +# # manage VLANs on bridge ports # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/bridge-port-vlan.md diff --git a/mod/inspectvar.rsc b/mod/inspectvar.rsc index 577abf3..5adca0a 100644 --- a/mod/inspectvar.rsc +++ b/mod/inspectvar.rsc @@ -3,6 +3,8 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.13 +# # inspect variables # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/inspectvar.md diff --git a/mod/ipcalc.rsc b/mod/ipcalc.rsc index b098b44..128ca54 100644 --- a/mod/ipcalc.rsc +++ b/mod/ipcalc.rsc @@ -3,6 +3,8 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.13 +# # ip address calculation # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/ipcalc.md diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index 0d83d69..dbd648b 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # send notifications via e-mail # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/notification-email.md diff --git a/mod/notification-ntfy.rsc b/mod/notification-ntfy.rsc index 6d48a59..5da575a 100644 --- a/mod/notification-ntfy.rsc +++ b/mod/notification-ntfy.rsc @@ -3,6 +3,8 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.13 +# # send notifications via Ntfy (ntfy.sh) # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/notification-ntfy.md diff --git a/mod/scriptrunonce.rsc b/mod/scriptrunonce.rsc index 85d465a..c3972a0 100644 --- a/mod/scriptrunonce.rsc +++ b/mod/scriptrunonce.rsc @@ -3,6 +3,8 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.13 +# # download script and run it once # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/scriptrunonce.md diff --git a/mod/ssh-keys-import.rsc b/mod/ssh-keys-import.rsc index 6716958..f37c28b 100644 --- a/mod/ssh-keys-import.rsc +++ b/mod/ssh-keys-import.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # import ssh keys for public key authentication # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/ssh-keys-import.md diff --git a/mode-button.rsc b/mode-button.rsc index f453f11..4994f6b 100644 --- a/mode-button.rsc +++ b/mode-button.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # act on multiple mode and reset button presses # https://git.eworm.de/cgit/routeros-scripts/about/doc/mode-button.md diff --git a/netwatch-dns.rsc b/netwatch-dns.rsc index 50c2b4c..09365ba 100644 --- a/netwatch-dns.rsc +++ b/netwatch-dns.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2022-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # monitor and manage dns/doh with netwatch # https://git.eworm.de/cgit/routeros-scripts/about/doc/netwatch-dns.md diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index bdabe2e..0b6c366 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # monitor netwatch and send notifications # https://git.eworm.de/cgit/routeros-scripts/about/doc/netwatch-notify.md diff --git a/ospf-to-leds.rsc b/ospf-to-leds.rsc index a22e5a5..0932815 100644 --- a/ospf-to-leds.rsc +++ b/ospf-to-leds.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # visualize ospf instance state via leds # https://git.eworm.de/cgit/routeros-scripts/about/doc/ospf-to-leds.md diff --git a/ppp-on-up.rsc b/ppp-on-up.rsc index 61766c0..4ed92c5 100644 --- a/ppp-on-up.rsc +++ b/ppp-on-up.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # run scripts on ppp up # https://git.eworm.de/cgit/routeros-scripts/about/doc/ppp-on-up.md diff --git a/sms-action.rsc b/sms-action.rsc index 4c37565..70bfb28 100644 --- a/sms-action.rsc +++ b/sms-action.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # run action on received SMS # https://git.eworm.de/cgit/routeros-scripts/about/doc/sms-action.md diff --git a/sms-forward.rsc b/sms-forward.rsc index b0966c3..477d11e 100644 --- a/sms-forward.rsc +++ b/sms-forward.rsc @@ -4,7 +4,7 @@ # Anatoly Bubenkov # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # forward SMS to e-mail # https://git.eworm.de/cgit/routeros-scripts/about/doc/sms-forward.md diff --git a/update-gre-address.rsc b/update-gre-address.rsc index 74967cd..76d0c81 100644 --- a/update-gre-address.rsc +++ b/update-gre-address.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # update gre interface remote address with dynamic address from # ipsec remote peer diff --git a/update-tunnelbroker.rsc b/update-tunnelbroker.rsc index c76b7ec..364dc08 100644 --- a/update-tunnelbroker.rsc +++ b/update-tunnelbroker.rsc @@ -5,7 +5,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: ppp-on-up -# requires RouterOS, version=7.12 +# requires RouterOS, version=7.13 # # update local address of tunnelbroker interface # https://git.eworm.de/cgit/routeros-scripts/about/doc/update-tunnelbroker.md From 36cf4d028bcf9597143249aed238dc5e131fda50 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 18 Mar 2024 10:30:32 +0100 Subject: [PATCH 457/908] global-functions: drop $LogPrintExit2 --- global-functions.rsc | 22 ---------------------- 1 file changed, 22 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index ab8860f..c8fec8d 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -50,7 +50,6 @@ :global IsMacLocallyAdministered; :global IsTimeSync; :global LogPrint; -:global LogPrintExit2; :global LogPrintOnce; :global MAX; :global MIN; @@ -744,27 +743,6 @@ } } -# log and print with same text, optionally exit -# Deprectated! - TODO: remove later -:set LogPrintExit2 do={ - :local Severity [ :tostr $1 ]; - :local Name [ :tostr $2 ]; - :local Message [ :tostr $3 ]; - :local Exit [ :tostr $4 ]; - - :global LogPrint; - :global LogPrintOnce; - - $LogPrintOnce warning $0 \ - ("This function is deprecated and will be removed. Please make your adjustments!"); - - $LogPrint $1 $2 $3; - - :if ($Exit = "true") do={ - :error ("Hard error to exit."); - } -} - # log and print, once until reboot :set LogPrintOnce do={ :local Severity [ :tostr $1 ]; From 3015743b19883d2e19605b819fd2bbcbc6597d8f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Sun, 7 Apr 2024 21:11:03 +0200 Subject: [PATCH 458/908] global-functions: $HumanReadableNum: indicate binary base... ... and update scripts to match the change. --- backup-cloud.rsc | 2 +- backup-upload.rsc | 2 +- check-health.rsc | 6 +++--- global-functions.rsc | 8 ++++++-- 4 files changed, 11 insertions(+), 7 deletions(-) diff --git a/backup-cloud.rsc b/backup-cloud.rsc index 9a062f2..8e29c67 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -71,7 +71,7 @@ message=("Uploaded backup for " . $Identity . " to cloud.\n\n" . \ [ $DeviceInfo ] . "\n\n" . \ [ $FormatLine "Name" ($Cloud->"name") ] . "\n" . \ - [ $FormatLine "Size" ([ $HumanReadableNum ($Cloud->"size") 1024 ] . "iB") ] . "\n" . \ + [ $FormatLine "Size" ([ $HumanReadableNum ($Cloud->"size") 1024 ] . "B") ] . "\n" . \ [ $FormatLine "Download key" ($Cloud->"secret-download-key") ]); silent=true }); } else={ $SendNotification2 ({ origin=$ScriptName; \ diff --git a/backup-upload.rsc b/backup-upload.rsc index 18223bb..63e5b7f 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -140,7 +140,7 @@ :return \ [ $IfThenElse ([ :typeof $File ] = "array") \ ($Name . ":\n" . [ $FormatLine " name" ($File->"name") ] . "\n" . \ - [ $FormatLine " size" ([ $HumanReadableNum ($File->"size") 1024 ] . "iB") ]) \ + [ $FormatLine " size" ([ $HumanReadableNum ($File->"size") 1024 ] . "B") ]) \ [ $FormatLine $Name $File ] ]; } diff --git a/check-health.rsc b/check-health.rsc index 1e8fcc0..a769fa8 100644 --- a/check-health.rsc +++ b/check-health.rsc @@ -64,9 +64,9 @@ $SendNotification2 ({ origin=$ScriptName; \ subject=([ $SymbolForNotification "card-file-box,chart-increasing" ] . "Health warning: RAM utilization"); \ message=("The RAM utilization on " . $Identity . " is at " . $CheckHealthRAMUtilization . "%!\n\n" . \ - [ $FormatLine "total" ([ $HumanReadableNum ($Resource->"total-memory") 1024 ] . "iB") 8 ] . "\n" . \ - [ $FormatLine "used" ([ $HumanReadableNum ($Resource->"total-memory" - $Resource->"free-memory") 1024 ] . "iB") 8 ] . "\n" . \ - [ $FormatLine "free" ([ $HumanReadableNum ($Resource->"free-memory") 1024 ] . "iB") 8 ]) }); + [ $FormatLine "total" ([ $HumanReadableNum ($Resource->"total-memory") 1024 ] . "B") 8 ] . "\n" . \ + [ $FormatLine "used" ([ $HumanReadableNum ($Resource->"total-memory" - $Resource->"free-memory") 1024 ] . "B") 8 ] . "\n" . \ + [ $FormatLine "free" ([ $HumanReadableNum ($Resource->"free-memory") 1024 ] . "B") 8 ]) }); :set CheckHealthRAMUtilizationNotified true; } :if ($CheckHealthRAMUtilization < 70 && $CheckHealthRAMUtilizationNotified = true) do={ diff --git a/global-functions.rsc b/global-functions.rsc index c8fec8d..aa39118 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -578,11 +578,13 @@ :local Base [ :tonum $2 ]; :global EitherOr; + :global IfThenElse; :local Prefix "kMGTPE"; :local Pow 1; :set Base [ $EitherOr $Base 1024 ]; + :local Bin [ $IfThenElse ($Base = 1024) "i" "" ]; :if ($Input < $Base) do={ :return $Input; @@ -595,9 +597,11 @@ :local Tmp1 ($Input * 100 / $Pow); :local Tmp2 ($Tmp1 / 100); :if ($Tmp2 >= 100) do={ - :return ($Tmp2 . $Prefix); + :return ($Tmp2 . $Prefix . $Bin); } - :return ($Tmp2 . "." . [ :pick $Tmp1 [ :len $Tmp2 ] ([ :len $Tmp1 ] - [ :len $Tmp2 ] + 1) ] . $Prefix); + :return ($Tmp2 . "." . \ + [ :pick $Tmp1 [ :len $Tmp2 ] ([ :len $Tmp1 ] - [ :len $Tmp2 ] + 1) ] . \ + $Prefix . $Bin); } } } From c5a5fb58363805efb824fb3336e95a1f6bf3dbb8 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 10 Apr 2024 08:27:55 +0200 Subject: [PATCH 459/908] global-functions: $SendNotification: set origin --- global-functions.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index aa39118..c98a012 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1299,7 +1299,7 @@ :set SendNotification do={ :global SendNotification2; - $SendNotification2 ({ subject=$1; message=$2; link=$3; silent=$4 }); + $SendNotification2 ({ origin=$0; subject=$1; message=$2; link=$3; silent=$4 }); } # send notification via NotificationFunctions - expects one array argument From 012d259ca1421e31390358cb6749fda80ef4e3ab Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 9 Apr 2024 23:59:00 +0200 Subject: [PATCH 460/908] mod/notification-email: $SendEMail: set origin --- mod/notification-email.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index dbd648b..df2e81a 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -227,7 +227,7 @@ :set SendEMail do={ :global SendEMail2; - $SendEMail2 ({ subject=$1; message=$2; link=$3 }); + $SendEMail2 ({ origin=$0; subject=$1; message=$2; link=$3 }); } # send notification via e-mail - expects one array argument From a9b9f853ffb6b6a9b331f055d47463654bd2a5e2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 9 Apr 2024 23:58:29 +0200 Subject: [PATCH 461/908] mod/notification-matrix: $SendMatrix: set origin --- mod/notification-matrix.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mod/notification-matrix.rsc b/mod/notification-matrix.rsc index 5a08146..477bb09 100644 --- a/mod/notification-matrix.rsc +++ b/mod/notification-matrix.rsc @@ -168,7 +168,7 @@ :set SendMatrix do={ :global SendMatrix2; - $SendMatrix2 ({ subject=$1; message=$2; link=$3 }); + $SendMatrix2 ({ origin=$0; subject=$1; message=$2; link=$3 }); } # send notification via Matrix - expects one array argument From 9e2b72ccdc59bc6abc936bf271d9bfaf2a986107 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 9 Apr 2024 23:56:36 +0200 Subject: [PATCH 462/908] mod/notification-ntfy: $SendNtfy: set origin --- mod/notification-ntfy.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mod/notification-ntfy.rsc b/mod/notification-ntfy.rsc index 5da575a..dc03903 100644 --- a/mod/notification-ntfy.rsc +++ b/mod/notification-ntfy.rsc @@ -125,7 +125,7 @@ :set SendNtfy do={ :global SendNtfy2; - $SendNtfy2 ({ subject=$1; message=$2; link=$3; silent=$4 }); + $SendNtfy2 ({ origin=$0; subject=$1; message=$2; link=$3; silent=$4 }); } # send notification via ntfy - expects one array argument From 9e4749a5b71e97c7732639019cff6ba7f6e84d57 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 9 Apr 2024 23:57:40 +0200 Subject: [PATCH 463/908] mod/notification-telegram: $SendTelegram: set origin --- mod/notification-telegram.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index a43ff10..c78a8ad 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -175,7 +175,7 @@ :set SendTelegram do={ :global SendTelegram2; - $SendTelegram2 ({ subject=$1; message=$2; link=$3; silent=$4 }); + $SendTelegram2 ({ origin=$0; subject=$1; message=$2; link=$3; silent=$4 }); } # send notification via telegram - expects one array argument From e53c31e9e669738fa50e45387d88d97a934f7e4d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 11 Apr 2024 13:39:40 +0200 Subject: [PATCH 464/908] global-functions: $ScriptLock: degrade message to debug --- global-functions.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index c98a012..ded34c3 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1290,8 +1290,8 @@ } $RemoveTicket $Script $MyTicket; - $LogPrint info $0 ("Script '" . $Script . "' started more than once" . [ $IfThenElse ($WaitCount > 0) \ - " and timed out waiting for lock" "" ] . "..."); + $LogPrint debug $0 ("Script '" . $Script . "' started more than once" . \ + [ $IfThenElse ($WaitCount > 0) " and timed out waiting for lock" "" ] . "..."); :return false; } From 6db3355858157aceb92af47faa7937008d9cbf28 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 11 Apr 2024 13:40:55 +0200 Subject: [PATCH 465/908] global-functions: $ScriptLock: break long lines --- global-functions.rsc | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index ded34c3..25c248d 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1278,12 +1278,15 @@ $AddTicket $Script $MyTicket; :local WaitCount 0; - :while ($WaitMax > $WaitCount && ([ $IsFirstTicket $Script $MyTicket ] = false || [ $TicketCount $Script ] < [ $JobCount $Script ])) do={ + :while ($WaitMax > $WaitCount && \ + ([ $IsFirstTicket $Script $MyTicket ] = false || \ + [ $TicketCount $Script ] < [ $JobCount $Script ])) do={ :set WaitCount ($WaitCount + 1); :delay 100ms; } - :if ([ $IsFirstTicket $Script $MyTicket ] = true && [ $TicketCount $Script ] = [ $JobCount $Script ]) do={ + :if ([ $IsFirstTicket $Script $MyTicket ] = true && \ + [ $TicketCount $Script ] = [ $JobCount $Script ]) do={ $RemoveTicket $Script $MyTicket; $CleanupTickets $Script; :return true; From 5f76c245b016125f9e56d45bef381bae38731491 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 11 Apr 2024 13:57:11 +0200 Subject: [PATCH 466/908] global-functions: $ScriptFromTerminal: check multiple invocations... ... and return false. We can not tell which job is us... So better safe than sorry. --- global-functions.rsc | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 25c248d..abb9e22 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -931,6 +931,11 @@ :local Script [ :tostr $1 ]; :global LogPrint; + :global ScriptLock; + + :if ([ $ScriptLock $Script ] = false) do={ + :return false; + } :foreach Job in=[ /system/script/job/find where script=$Script ] do={ :set Job [ /system/script/job/get $Job ]; @@ -942,8 +947,8 @@ :return true; } } - $LogPrint debug $0 ("Script " . $Script . " NOT started from terminal."); + $LogPrint debug $0 ("Script " . $Script . " NOT started from terminal."); :return false; } From ca2e5f2a017c20f272419c5539b7c234a02f45a4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 9 Apr 2024 23:46:32 +0200 Subject: [PATCH 467/908] mod/notification-ntfy: support basic auth Closes #59 --- doc/mod/notification-ntfy.md | 5 +++++ global-config.rsc | 2 ++ global-functions.rsc | 2 +- mod/notification-ntfy.rsc | 14 +++++++++++--- news-and-changes.rsc | 1 + 5 files changed, 20 insertions(+), 4 deletions(-) diff --git a/doc/mod/notification-ntfy.md b/doc/mod/notification-ntfy.md index afa3109..b2330a5 100644 --- a/doc/mod/notification-ntfy.md +++ b/doc/mod/notification-ntfy.md @@ -47,6 +47,11 @@ Then reload the configuration. > [`global-config`](../../global-config.rsc) (the one without `-overlay`) to > your local `global-config-overlay` and modify it to your specific needs. +Using a paid account or running a server on-premises allows to add additional +basic authentication. Configure `NtfyServerUser` and `NtfyServerPass` for this. +Even authentication via access token is possible, adding it as password with +a blank username. + Usage and invocation -------------------- diff --git a/global-config.rsc b/global-config.rsc index f393abb..6a37c0c 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -56,6 +56,8 @@ # install the module: # $ScriptInstallUpdate mod/notification-ntfy :global NtfyServer "ntfy.sh"; +:global NtfyServerUser []; +:global NtfyServerPass []; :global NtfyTopic ""; # It is possible to override e-mail, Telegram, Matrix and Ntfy setting diff --git a/global-functions.rsc b/global-functions.rsc index abb9e22..8f2f179 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -12,7 +12,7 @@ :local ScriptName [ :jobname ]; # expected configuration version -:global ExpectedConfigVersion 126; +:global ExpectedConfigVersion 127; # global variables not to be changed by user :global GlobalFunctionsReady false; diff --git a/mod/notification-ntfy.rsc b/mod/notification-ntfy.rsc index dc03903..ffe0c50 100644 --- a/mod/notification-ntfy.rsc +++ b/mod/notification-ntfy.rsc @@ -38,7 +38,8 @@ :if ([ :typeof $Message ] = "array" ) do={ :do { /tool/fetch check-certificate=yes-without-crl output=none http-method=post \ - ($Message->"url") http-header-field=($Message->"headers") http-data=($Message->"text") as-value; + http-header-field=($Message->"headers") http-data=($Message->"text") \ + ($Message->"url") user=($Message->"user") password=($Message->"pass") as-value; :set ($NtfyQueue->$Id); } on-error={ $LogPrint debug $0 ("Sending queued Ntfy message failed."); @@ -62,6 +63,10 @@ :global NtfyQueue; :global NtfyServer; :global NtfyServerOverride; + :global NtfyServerPass; + :global NtfyServerPassOverride; + :global NtfyServerUser; + :global NtfyServerUserOverride; :global NtfyTopic; :global NtfyTopicOverride; @@ -73,6 +78,8 @@ :global UrlEncode; :local Server [ $EitherOr ($NtfyServerOverride->($Notification->"origin")) $NtfyServer ]; + :local User [ $EitherOr ($NtfyServerUserOverride->($Notification->"origin")) $NtfyServerUser ]; + :local Pass [ $EitherOr ($NtfyServerPassOverride->($Notification->"origin")) $NtfyServerPass ]; :local Topic [ $EitherOr ($NtfyTopicOverride->($Notification->"origin")) $NtfyTopic ]; :if ([ :len $Topic ] = 0) do={ @@ -95,7 +102,7 @@ } } /tool/fetch check-certificate=yes-without-crl output=none http-method=post \ - $Url http-header-field=$Headers http-data=$Text as-value; + http-header-field=$Headers http-data=$Text $Url user=$User password=$Pass as-value; } on-error={ $LogPrint info $0 ("Failed sending ntfy notification! Queuing..."); @@ -105,7 +112,8 @@ :set Text ($Text . "\n" . [ $SymbolForNotification "alarm-clock" ] . \ "This message was queued since " . [ /system/clock/get date ] . " " . \ [ /system/clock/get time ] . " and may be obsolete."); - :set ($NtfyQueue->[ :len $NtfyQueue ]) { url=$Url; headers=$Headers; text=$Text }; + :set ($NtfyQueue->[ :len $NtfyQueue ]) \ + { url=$Url; user=$User; pass=$Pass; headers=$Headers; text=$Text }; :if ([ :len [ /system/scheduler/find where name="_FlushNtfyQueue" ] ] = 0) do={ /system/scheduler/add name="_FlushNtfyQueue" interval=1m start-time=startup \ on-event=(":global FlushNtfyQueue; \$FlushNtfyQueue;"); diff --git a/news-and-changes.rsc b/news-and-changes.rsc index 2b04c29..8ddeb91 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -51,6 +51,7 @@ 124="Added support for links in 'netwatch-notify', these are added below the formatted notification text."; 125=("April's Fool! " . [ $SymbolForNotification "smiley-partying-face" ] . "Well, you missed it... - no charge nor fees. (Anyway... Donations are much appreciated, " . [ $SymbolForNotification "smiley-smiling-face" ] . "thanks!)"); 126="Made 'telegram-chat' capable of handling large command output. Telegram messages still limit the size, so it is truncated now."; + 127="Added support for authentication to Ntfy notification module."; }; # Migration steps to be applied on script updates From fb865ba114e610bcb272d8de7c1c882705e6e06e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 9 Apr 2024 23:50:00 +0200 Subject: [PATCH 468/908] mod/notification-ntfy: use custom user agent string --- mod/notification-ntfy.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/mod/notification-ntfy.rsc b/mod/notification-ntfy.rsc index ffe0c50..4413f07 100644 --- a/mod/notification-ntfy.rsc +++ b/mod/notification-ntfy.rsc @@ -72,6 +72,7 @@ :global CertificateAvailable; :global EitherOr; + :global FetchUserAgentStr; :global IfThenElse; :global LogPrint; :global SymbolForNotification; @@ -87,7 +88,8 @@ } :local Url ("https://" . $NtfyServer . "/" . [ $UrlEncode $NtfyTopic ]); - :local Headers ({ ("Priority: " . [ $IfThenElse ($Notification->"silent") "low" "default" ]); \ + :local Headers ({ [ $FetchUserAgentStr ($Notification->"origin") ]; \ + ("Priority: " . [ $IfThenElse ($Notification->"silent") "low" "default" ]); \ ("Title: " . "[" . $IdentityExtra . $Identity . "] " . ($Notification->"subject")) }); :local Text (($Notification->"message") . "\n"); :if ([ :len ($Notification->"link") ] > 0) do={ From 9dfa11eac534019d08a5cfa289d7cde0f22c2a92 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 10 Apr 2024 11:51:47 +0200 Subject: [PATCH 469/908] mod/notification-matrix: use custom user agent string --- mod/notification-matrix.rsc | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/mod/notification-matrix.rsc b/mod/notification-matrix.rsc index 477bb09..12a0e33 100644 --- a/mod/notification-matrix.rsc +++ b/mod/notification-matrix.rsc @@ -39,7 +39,8 @@ :foreach Id,Message in=$MatrixQueue do={ :if ([ :typeof $Message ] = "array" ) do={ :do { - /tool/fetch check-certificate=yes-without-crl output=none http-method=post \ + /tool/fetch check-certificate=yes-without-crl output=none \ + http-header-field=($Message->"headers") http-method=post \ ("https://" . $Message->"homeserver" . "/_matrix/client/r0/rooms/" . $Message->"room" . \ "/send/m.room.message?access_token=" . $Message->"accesstoken") \ http-data=("{ \"msgtype\": \"m.text\", \"body\": \"" . $Message->"plain" . "\"," . \ @@ -74,6 +75,7 @@ :global MatrixRoomOverride; :global EitherOr; + :global FetchUserAgentStr; :global LogPrint; :global SymbolForNotification; @@ -115,6 +117,7 @@ :return false; } + :local Headers ({ [ $FetchUserAgentStr ($Notification->"origin") ] }); :local Plain [ $PrepareText ("## [" . $IdentityExtra . $Identity . "] " . \ ($Notification->"subject") . "\n```\n" . ($Notification->"message") . "\n```") "plain" ]; :local Formatted ("

" . [ $PrepareText ("[" . $IdentityExtra . $Identity . "] " . \ @@ -129,7 +132,8 @@ } :do { - /tool/fetch check-certificate=yes-without-crl output=none http-method=post \ + /tool/fetch check-certificate=yes-without-crl output=none \ + http-header-field=$Headers http-method=post \ ("https://" . $HomeServer . "/_matrix/client/r0/rooms/" . $Room . \ "/send/m.room.message?access_token=" . $AccessToken) \ http-data=("{ \"msgtype\": \"m.text\", \"body\": \"" . $Plain . "\"," . \ @@ -146,9 +150,9 @@ " " . [ /system/clock/get time ] . " and may be obsolete."); :set Plain ($Plain . "\\n" . $Text); :set Formatted ($Formatted . "
" . $Text); - :set ($MatrixQueue->[ :len $MatrixQueue ]) { room=$Room; \ - accesstoken=$AccessToken; homeserver=$HomeServer; \ - plain=$Plain; formatted=$Formatted }; + :set ($MatrixQueue->[ :len $MatrixQueue ]) { headers=$Headers; \ + accesstoken=$AccessToken; homeserver=$HomeServer; room=$Room; \ + plain=$Plain; formatted=$Formatted }; :if ([ :len [ /system/scheduler/find where name="_FlushMatrixQueue" ] ] = 0) do={ /system/scheduler/add name="_FlushMatrixQueue" interval=1m start-time=startup \ on-event=(":global FlushMatrixQueue; \$FlushMatrixQueue;"); @@ -185,6 +189,7 @@ :local User [ :tostr $1 ]; :local Pass [ :tostr $2 ]; + :global FetchUserAgentStr; :global LogPrint; :global MatrixAccessToken; @@ -193,6 +198,7 @@ :local Domain [ :pick $User ([ :find $User ":" ] + 1) [ :len $User] ]; :do { :local Data ([ /tool/fetch check-certificate=yes-without-crl output=user \ + http-header-field=({ [ $FetchUserAgentStr $0 ] }) \ ("https://" . $Domain . "/.well-known/matrix/client") as-value ]->"data"); :set MatrixHomeServer ([ :deserialize from=json value=$Data ]->"m.homeserver"->"base_url"); $LogPrint debug $0 ("Home server is: " . $MatrixHomeServer); @@ -207,7 +213,8 @@ :do { :local Data ([ /tool/fetch check-certificate=yes-without-crl output=user \ - http-method=post http-data=("{\"type\":\"m.login.password\", \"user\":\"" . $User . "\", \"password\":\"" . $Pass . "\"}") \ + http-header-field=({ [ $FetchUserAgentStr $0 ] }) http-method=post \ + http-data=("{\"type\":\"m.login.password\", \"user\":\"" . $User . "\", \"password\":\"" . $Pass . "\"}") \ ("https://" . $MatrixHomeServer . "/_matrix/client/r0/login") as-value ]->"data"); :set MatrixAccessToken ([ :deserialize from=json value=$Data ]->"access_token"); $LogPrint debug $0 ("Access token is: " . $MatrixAccessToken); @@ -233,6 +240,7 @@ :set SetupMatrixJoinRoom do={ :global MatrixRoom [ :tostr $1 ]; + :global FetchUserAgentStr; :global LogPrint; :global UrlEncode; @@ -242,7 +250,7 @@ :do { /tool/fetch check-certificate=yes-without-crl output=none \ - http-method=post http-data="" \ + http-header-field=({ [ $FetchUserAgentStr $0 ] }) http-method=post http-data="" \ ("https://" . $MatrixHomeServer . "/_matrix/client/r0/rooms/" . [ $UrlEncode $MatrixRoom ] . \ "/join?access_token=" . [ $UrlEncode $MatrixAccessToken ]) as-value; $LogPrint debug $0 ("Joined the room."); From 2a232ad2f5eef4b60c97306ef731bc5883bf5cfb Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 12 Apr 2024 11:03:14 +0200 Subject: [PATCH 470/908] mod/notification-matrix: generate JSON with :serialize --- mod/notification-matrix.rsc | 24 +++++++++++------------- 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/mod/notification-matrix.rsc b/mod/notification-matrix.rsc index 12a0e33..3e3a33e 100644 --- a/mod/notification-matrix.rsc +++ b/mod/notification-matrix.rsc @@ -40,12 +40,11 @@ :if ([ :typeof $Message ] = "array" ) do={ :do { /tool/fetch check-certificate=yes-without-crl output=none \ - http-header-field=($Message->"headers") http-method=post \ - ("https://" . $Message->"homeserver" . "/_matrix/client/r0/rooms/" . $Message->"room" . \ - "/send/m.room.message?access_token=" . $Message->"accesstoken") \ - http-data=("{ \"msgtype\": \"m.text\", \"body\": \"" . $Message->"plain" . "\"," . \ - "\"format\": \"org.matrix.custom.html\", \"formatted_body\": \"" . \ - $Message->"formatted" . "\" }") as-value; + http-header-field=($Message->"headers") http-method=post \ + http-data=[ :serialize to=json { "msgtype"="m.text"; "body"=($Message->"plain"); + "format"="org.matrix.custom.html"; "formatted_body"=($Message->"formatted") } ] \ + ("https://" . $Message->"homeserver" . "/_matrix/client/r0/rooms/" . $Message->"room" . \ + "/send/m.room.message?access_token=" . $Message->"accesstoken") as-value; :set ($MatrixQueue->$Id); } on-error={ $LogPrint debug $0 ("Sending queued Matrix message failed."); @@ -133,12 +132,11 @@ :do { /tool/fetch check-certificate=yes-without-crl output=none \ - http-header-field=$Headers http-method=post \ - ("https://" . $HomeServer . "/_matrix/client/r0/rooms/" . $Room . \ - "/send/m.room.message?access_token=" . $AccessToken) \ - http-data=("{ \"msgtype\": \"m.text\", \"body\": \"" . $Plain . "\"," . \ - "\"format\": \"org.matrix.custom.html\", \"formatted_body\": \"" . \ - $Formatted . "\" }") as-value; + http-header-field=$Headers http-method=post \ + http-data=[ :serialize to=json { "msgtype"="m.text"; "body"=$Plain; + "format"="org.matrix.custom.html"; "formatted_body"=$Formatted } ] \ + ("https://" . $HomeServer . "/_matrix/client/r0/rooms/" . $Room . \ + "/send/m.room.message?access_token=" . $AccessToken) as-value; } on-error={ $LogPrint info $0 ("Failed sending Matrix notification! Queuing..."); @@ -214,7 +212,7 @@ :do { :local Data ([ /tool/fetch check-certificate=yes-without-crl output=user \ http-header-field=({ [ $FetchUserAgentStr $0 ] }) http-method=post \ - http-data=("{\"type\":\"m.login.password\", \"user\":\"" . $User . "\", \"password\":\"" . $Pass . "\"}") \ + http-data=[ :serialize to=json { "type"="m.login.password"; "user"=$User; "password"=$Pass } ] \ ("https://" . $MatrixHomeServer . "/_matrix/client/r0/login") as-value ]->"data"); :set MatrixAccessToken ([ :deserialize from=json value=$Data ]->"access_token"); $LogPrint debug $0 ("Access token is: " . $MatrixAccessToken); From d31afc9ec330634a2b66b346ee2d830ea5e5d436 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 12 Apr 2024 11:10:34 +0200 Subject: [PATCH 471/908] gps-track: generate JSON with :serialize --- gps-track.rsc | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/gps-track.rsc b/gps-track.rsc index dbca38a..f78dfe7 100644 --- a/gps-track.rsc +++ b/gps-track.rsc @@ -33,11 +33,8 @@ :do { /tool/fetch check-certificate=yes-without-crl $GpsTrackUrl output=none \ http-method=post http-header-field=({ "Content-Type: application/json" }) \ - http-data=("{" . \ - "\"lat\":\"" . ($Gps->"latitude") . "\"," . \ - "\"lon\":\"" . ($Gps->"longitude") . "\"," . \ - "\"identity\":\"" . $Identity . "\"" . \ - "}") as-value; + http-data=[ :serialize to=json { "identity"=$Identity; \ + "lat"=($Gps->"latitude"); "lon"=($Gps->"longitude") } ] as-value; $LogPrint debug $ScriptName ("Sending GPS data in " . $CoordinateFormat . " format: " . \ "lat: " . ($Gps->"latitude") . " " . \ "lon: " . ($Gps->"longitude")); From 5736ecebc53a8e97e986eb50e4a1611b410dcc14 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 12 Apr 2024 11:14:01 +0200 Subject: [PATCH 472/908] gps-track: use custom user agent string --- gps-track.rsc | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/gps-track.rsc b/gps-track.rsc index f78dfe7..e2a4e16 100644 --- a/gps-track.rsc +++ b/gps-track.rsc @@ -17,6 +17,7 @@ :global GpsTrackUrl; :global Identity; + :global FetchUserAgentStr; :global LogPrint; :global ScriptLock; :global WaitFullyConnected; @@ -31,10 +32,10 @@ :if ($Gps->"valid" = true) do={ :do { - /tool/fetch check-certificate=yes-without-crl $GpsTrackUrl output=none \ - http-method=post http-header-field=({ "Content-Type: application/json" }) \ + /tool/fetch check-certificate=yes-without-crl output=none http-method=post \ + http-header-field=({ [ $FetchUserAgentStr $ScriptName ]; "Content-Type: application/json" }) \ http-data=[ :serialize to=json { "identity"=$Identity; \ - "lat"=($Gps->"latitude"); "lon"=($Gps->"longitude") } ] as-value; + "lat"=($Gps->"latitude"); "lon"=($Gps->"longitude") } ] $GpsTrackUrl as-value; $LogPrint debug $ScriptName ("Sending GPS data in " . $CoordinateFormat . " format: " . \ "lat: " . ($Gps->"latitude") . " " . \ "lon: " . ($Gps->"longitude")); From 7aa5059f6d478fb8984caae7c906154a1d598488 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 12 Apr 2024 11:18:42 +0200 Subject: [PATCH 473/908] global-functions: $CertificateAvailable: use single quotes --- global-functions.rsc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 8f2f179..17aa38f 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -107,7 +107,7 @@ } :if ([ :len [ /certificate/find where common-name=$CommonName ] ] = 0) do={ - $LogPrint info $0 ("Certificate with CommonName \"" . $CommonName . "\" not available."); + $LogPrint info $0 ("Certificate with CommonName '" . $CommonName . "' not available."); :if ([ $CertificateDownload $CommonName ] = false) do={ :return false; } @@ -116,8 +116,8 @@ :local CertVal [ /certificate/get [ find where common-name=$CommonName ] ]; :while (($CertVal->"akid") != "" && ($CertVal->"akid") != ($CertVal->"skid")) do={ :if ([ :len [ /certificate/find where skid=($CertVal->"akid") ] ] = 0) do={ - $LogPrint info $0 ("Certificate chain for \"" . $CommonName . \ - "\" is incomplete, missing \"" . ([ $ParseKeyValueStore ($CertVal->"issuer") ]->"CN") . "\"."); + $LogPrint info $0 ("Certificate chain for '" . $CommonName . \ + "' is incomplete, missing '" . ([ $ParseKeyValueStore ($CertVal->"issuer") ]->"CN") . "'."); :if ([ $CertificateDownload $CommonName ] = false) do={ :return false; } From e1781fb8053db5cdb3b26d04009c216f7d2204ac Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 12 Apr 2024 11:19:37 +0200 Subject: [PATCH 474/908] global-functions: $CertificateDownload: use single quotes --- global-functions.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 17aa38f..918ea9a 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -141,7 +141,7 @@ :global WaitForFile; $LogPrint info $0 ("Downloading and importing certificate with " . \ - "CommonName \"" . $CommonName . "\"."); + "CommonName '" . $CommonName . "'."); :do { :local FileName ([ $CleanName $CommonName ] . ".pem"); /tool/fetch check-certificate=yes-without-crl http-header-field=({ [ $FetchUserAgentStr $0 ] }) \ @@ -156,7 +156,7 @@ $CertificateNameByCN [ /certificate/get $Cert common-name ]; } } on-error={ - $LogPrint warning $0 ("Failed importing certificate with CommonName \"" . $CommonName . "\"!"); + $LogPrint warning $0 ("Failed importing certificate with CommonName '" . $CommonName . "'!"); :return false; } :return true; From 8c1543a402570278a8dfdcf8d052ab8bb6f282e5 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 12 Apr 2024 11:21:54 +0200 Subject: [PATCH 475/908] certificate-renew-issued: use single quotes --- certificate-renew-issued.rsc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/certificate-renew-issued.rsc b/certificate-renew-issued.rsc index 77ed3d0..7815443 100644 --- a/certificate-renew-issued.rsc +++ b/certificate-renew-issued.rsc @@ -36,13 +36,13 @@ /certificate/export-certificate ($CertVal->"name") type=pkcs12 \ file-name=("cert-issued/" . $CertVal->"common-name") \ export-passphrase=($CertIssuedExportPass->($CertVal->"common-name")); - $LogPrint info $ScriptName ("Issued a new certificate for \"" . $CertVal->"common-name" . \ - "\", exported to \"cert-issued/" . $CertVal->"common-name" . ".p12\"."); + $LogPrint info $ScriptName ("Issued a new certificate for '" . $CertVal->"common-name" . \ + "', exported to 'cert-issued/" . $CertVal->"common-name" . ".p12'."); } else={ $LogPrint warning $ScriptName ("Failed creating directory, not exporting certificate."); } } else={ - $LogPrint info $ScriptName ("Issued a new certificate for \"" . $CertVal->"common-name" . "\"."); + $LogPrint info $ScriptName ("Issued a new certificate for '" . $CertVal->"common-name" . "'."); } } } on-error={ } From 3a36db6de8a69cba493bdd0baf86c60401fe971c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 18 Apr 2024 08:43:41 +0200 Subject: [PATCH 476/908] mod/notification-matrix: fix double escaping That was introduced with 2a232ad2f5eef4b60c97306ef731bc5883bf5cfb when switching to :serialize... --- mod/notification-matrix.rsc | 28 +++++++++++----------------- 1 file changed, 11 insertions(+), 17 deletions(-) diff --git a/mod/notification-matrix.rsc b/mod/notification-matrix.rsc index 3e3a33e..86e6b5f 100644 --- a/mod/notification-matrix.rsc +++ b/mod/notification-matrix.rsc @@ -86,21 +86,15 @@ } :local Return ""; - :local Chars { - "plain"={ "\\"; "\""; "\n" }; - "format"={ "\\"; "\""; "\n"; "&"; "<"; ">" }; - } - :local Subs { - "plain"={ "\\\\"; "\\\""; "\\n" }; - "format"={ "\\\\"; """; "
"; "&"; "<"; ">" }; - } + :local Chars { "\""; "\n"; "&"; "<"; ">" }; + :local Subs { """; "
"; "&"; "<"; ">" }; :for I from=0 to=([ :len $Input ] - 1) do={ :local Char [ :pick $Input $I ]; - :local Replace [ :find ($Chars->$2) $Char ]; + :local Replace [ :find $Chars $Char ]; :if ([ :typeof $Replace ] = "num") do={ - :set Char ($Subs->$2->$Replace); + :set Char ($Subs->$Replace); } :set Return ($Return . $Char); } @@ -117,17 +111,17 @@ } :local Headers ({ [ $FetchUserAgentStr ($Notification->"origin") ] }); - :local Plain [ $PrepareText ("## [" . $IdentityExtra . $Identity . "] " . \ - ($Notification->"subject") . "\n```\n" . ($Notification->"message") . "\n```") "plain" ]; + :local Plain ("## [" . $IdentityExtra . $Identity . "] " . \ + ($Notification->"subject") . "\n```\n" . ($Notification->"message") . "\n```"); :local Formatted ("

" . [ $PrepareText ("[" . $IdentityExtra . $Identity . "] " . \ - ($Notification->"subject")) "format" ] . "

" . "
" . \
-    [ $PrepareText ($Notification->"message") "format" ] . "
"); + ($Notification->"subject")) ] . "

" . "
" . \
+    [ $PrepareText ($Notification->"message") ] . "
"); :if ([ :len ($Notification->"link") ] > 0) do={ :set Plain ($Plain . "\\n" . [ $SymbolForNotification "link" ] . \ - [ $PrepareText ("[" . $Notification->"link" . "](" . $Notification->"link" . ")") "plain" ]); + "[" . $Notification->"link" . "](" . $Notification->"link" . ")"); :set Formatted ($Formatted . "
" . [ $SymbolForNotification "link" ] . \ - ""link") "format" ] . "\\\">" . \ - [ $PrepareText ($Notification->"link") "format" ] . ""); + ""link") ] . "\">" . \ + [ $PrepareText ($Notification->"link") ] . ""); } :do { From b50a5b294a50729e70d96c65ed1a12657bd1adf3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 18 Apr 2024 21:47:50 +0200 Subject: [PATCH 477/908] mod/notification-matrix: ... and more double escaping --- mod/notification-matrix.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mod/notification-matrix.rsc b/mod/notification-matrix.rsc index 86e6b5f..7eae1b0 100644 --- a/mod/notification-matrix.rsc +++ b/mod/notification-matrix.rsc @@ -117,7 +117,7 @@ ($Notification->"subject")) ] . "" . "
" . \
     [ $PrepareText ($Notification->"message") ] . "
"); :if ([ :len ($Notification->"link") ] > 0) do={ - :set Plain ($Plain . "\\n" . [ $SymbolForNotification "link" ] . \ + :set Plain ($Plain . "\n" . [ $SymbolForNotification "link" ] . \ "[" . $Notification->"link" . "](" . $Notification->"link" . ")"); :set Formatted ($Formatted . "
" . [ $SymbolForNotification "link" ] . \ ""link") ] . "\">" . \ @@ -140,7 +140,7 @@ :local Text ([ $SymbolForNotification "alarm-clock" ] . \ "This message was queued since " . [ /system/clock/get date ] . \ " " . [ /system/clock/get time ] . " and may be obsolete."); - :set Plain ($Plain . "\\n" . $Text); + :set Plain ($Plain . "\n" . $Text); :set Formatted ($Formatted . "
" . $Text); :set ($MatrixQueue->[ :len $MatrixQueue ]) { headers=$Headers; \ accesstoken=$AccessToken; homeserver=$HomeServer; room=$Room; \ From 6fd0becf64184184642e719e288bc537a0bee499 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 19 Apr 2024 08:59:51 +0200 Subject: [PATCH 478/908] global-functions: introduce $ProtocolStrip --- global-functions.rsc | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 918ea9a..3b9f27c 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -58,6 +58,7 @@ :global ParseDate; :global ParseKeyValueStore; :global PrettyPrint; +:global ProtocolStrip; :global RandomDelay; :global RequiredRouterOS; :global ScriptFromTerminal; @@ -885,6 +886,17 @@ :put [ $Unix2Dos $Input ]; } +# strip protocol from from url string +:set ProtocolStrip do={ + :local Input [ :tostr $1 ]; + + :local Pos [ :find $Input "://" ]; + :if ([ :typeof $Pos ] = "nil") do={ + :return $Input; + } + :return [ :pick $Input ($Pos + 3) [ :len $Input ] ]; +} + # delay a random amount of seconds :set RandomDelay do={ :local Time [ :tonum $1 ]; From 8cd03167ca0bd47efd9b7c9b12aabebbe228b36c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 19 Apr 2024 09:04:08 +0200 Subject: [PATCH 479/908] mod/notification-matrix: string protocol for display --- mod/notification-matrix.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mod/notification-matrix.rsc b/mod/notification-matrix.rsc index 7eae1b0..9442f54 100644 --- a/mod/notification-matrix.rsc +++ b/mod/notification-matrix.rsc @@ -76,6 +76,7 @@ :global EitherOr; :global FetchUserAgentStr; :global LogPrint; + :global ProtocolStrip; :global SymbolForNotification; :local PrepareText do={ @@ -117,11 +118,12 @@ ($Notification->"subject")) ] . "" . "
" . \
     [ $PrepareText ($Notification->"message") ] . "
"); :if ([ :len ($Notification->"link") ] > 0) do={ + :local Label [ $ProtocolStrip ($Notification->"link") ]; :set Plain ($Plain . "\n" . [ $SymbolForNotification "link" ] . \ - "[" . $Notification->"link" . "](" . $Notification->"link" . ")"); + "[" . $Label . "](" . $Notification->"link" . ")"); :set Formatted ($Formatted . "
" . [ $SymbolForNotification "link" ] . \ ""link") ] . "\">" . \ - [ $PrepareText ($Notification->"link") ] . ""); + [ $PrepareText $Label ] . ""); } :do { From ee54956a6909190eceb5eae696ad8590720bc3c3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 19 Apr 2024 09:09:13 +0200 Subject: [PATCH 480/908] mod/notification-telegram: string protocol for display --- mod/notification-telegram.rsc | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index c78a8ad..745367a 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -76,6 +76,7 @@ :global EitherOr; :global IfThenElse; :global LogPrint; + :global ProtocolStrip; :global SymbolForNotification; :global UrlEncode; @@ -117,7 +118,7 @@ ($Notification->"subject")) "plain" ] . "__*\n\n"); :local LenSubject [ :len $Text ]; :local LenMessage [ :len ($Notification->"message") ]; - :local LenLink [ :len ($Notification->"link") ]; + :local LenLink ([ :len ($Notification->"link") ] * 2); :local LenSum ($LenSubject + $LenMessage + $LenLink); :if ($LenSum > 3968) do={ :set Text ($Text . [ $EscapeMD ([ :pick ($Notification->"message") 0 (3840 - $LenSubject - $LenLink) ] . "...") "body" ]); @@ -126,7 +127,9 @@ :set Text ($Text . [ $EscapeMD ($Notification->"message") "body" ]); } :if ($LenLink > 0) do={ - :set Text ($Text . "\n" . [ $SymbolForNotification "link" ] . [ $EscapeMD ($Notification->"link") "plain" ]); + :set Text ($Text . "\n" . [ $SymbolForNotification "link" ] . \ + "[" . [ $EscapeMD [ $ProtocolStrip ($Notification->"link") ] "plain" ] . "]" . \ + "(" . [ $EscapeMD ($Notification->"link") "plain" ] . ")"); } :if ($Truncated = true) do={ :set Text ($Text . "\n" . [ $SymbolForNotification "scissors" ] . \ From b0cd53f813be602edf59db2ec18e085d84fbebeb Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 19 Apr 2024 10:05:52 +0200 Subject: [PATCH 481/908] netwatch-notify: allow to suppress resolve failure --- doc/netwatch-notify.md | 9 +++++++++ netwatch-notify.rsc | 2 +- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/doc/netwatch-notify.md b/doc/netwatch-notify.md index 90cd830..2db32bb 100644 --- a/doc/netwatch-notify.md +++ b/doc/netwatch-notify.md @@ -104,6 +104,15 @@ powered off, but accessibility is of interest. Go and get your coffee ☕️ before sending the print job. +### No log on failed resolve + +A message is writting to log after three failed attemts to resolve a host. +However this can cause some noise for hosts that are expected to have +failures, for example when the name is dynamically added by +[`dhcp-to-dns`](dhcp-to-dns.md). This can be suppressed: + + /tool/netwatch/add comment="notify, name=client, resolve=client.dhcp.example.com, no-resolve-fail" host=10.0.0.0; + ### Add a note in notification For some extra information it is possible to add a text note. This is diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index 0b6c366..9b0beb9 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -116,7 +116,7 @@ } } on-error={ :set ($Metric->"resolve-failcnt") ($Metric->"resolve-failcnt" + 1); - :if ($Metric->"resolve-failcnt" = 3) do={ + :if ($Metric->"resolve-failcnt" = 3 && $HostInfo->"no-resolve-fail" != true) do={ $LogPrint warning $ScriptName ("Resolving name '" . $HostInfo->"resolve" . [ $IfThenElse \ ($HostInfo->"resolve" != $HostInfo->"name") ("' for " . $Type . " '" . \ $HostInfo->"name") "" ] . "' failed."); From 0f2a4aedab31a7f697158d3d34ac6ce08756ebce Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 19 Apr 2024 11:34:35 +0200 Subject: [PATCH 482/908] global-functions: $CertificateDownload: remove with find... ... to make sure this does not break when the file does no longer exist. Starting with RouterOS 7.15rc1 the file is automatically removed on import. --- global-functions.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 3b9f27c..66765bf 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -151,7 +151,7 @@ $WaitForFile $FileName; /certificate/import file-name=$FileName passphrase="" as-value; :delay 1s; - /file/remove $FileName; + /file/remove [ find where name=$FileName ]; :foreach Cert in=[ /certificate/find where name~("^" . $FileName . "_[0-9]+\$") ] do={ $CertificateNameByCN [ /certificate/get $Cert common-name ]; From e42f8843bd3e25657d7af1ced4a4ce0270817358 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 19 Apr 2024 11:53:32 +0200 Subject: [PATCH 483/908] INITIAL-COMMANDS: remove the certificate file with find Required as RouterOS 7.15rc1 removes it automatically. --- INITIAL-COMMANDS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/INITIAL-COMMANDS.md b/INITIAL-COMMANDS.md index 0320fe8..4a12197 100644 --- a/INITIAL-COMMANDS.md +++ b/INITIAL-COMMANDS.md @@ -23,7 +23,7 @@ Run the complete base installation: :if ([ :len [ /certificate/find where fingerprint="46494e30379059df18be52124305e606fc59070e5b21076ce113954b60517cda" or fingerprint="69729b8e15a86efc177a57afb7171dfc64add28c2fca8cf1507e34453ccb1470" ] ] != 2) do={ :error "Something is wrong with your certificates!"; }; - /file/remove "letsencrypt-E1.pem"; + /file/remove [ find where name="letsencrypt-E1.pem" ]; :delay 1s; /system/script/set name=("global-config-overlay-" . [ /system/clock/get date ] . "-" . [ /system/clock/get time ]) [ find where name="global-config-overlay" ]; :foreach Script in={ "global-config"; "global-config-overlay"; "global-functions" } do={ From de8da38a0cf60be3f79f5a64ad766343c18cb2a2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 19 Apr 2024 11:59:03 +0200 Subject: [PATCH 484/908] README: remove left over certificate file But use find as RouterOS 7.15rc1 removes it automatically. --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 4516736..a92f71d 100644 --- a/README.md +++ b/README.md @@ -91,11 +91,12 @@ a sensitive property, the passphrase. For basic verification we rename the certificates and print them by fingerprint. Make sure exactly these two certificates ("*E1*" and -"*ISRG-Root-X2*") are shown. +"*ISRG-Root-X2*") are shown. Also remove the left over file. /certificate/set name="E1" [ find where common-name="E1" ]; /certificate/set name="ISRG-Root-X2" [ find where common-name="ISRG Root X2" ]; /certificate/print proplist=name where fingerprint="46494e30379059df18be52124305e606fc59070e5b21076ce113954b60517cda" or fingerprint="69729b8e15a86efc177a57afb7171dfc64add28c2fca8cf1507e34453ccb1470"; + /file/remove [ find where name="letsencrypt-E1.pem" ]; ![screenshot: check certs](README.d/03-check-certs.avif) From b0e4449e4f3f6318bbe9ad83fe1b8e30a77ea1ab Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 19 Apr 2024 12:00:13 +0200 Subject: [PATCH 485/908] README: show fingerprints in output This is not scrictly necessary, as we filter by fingerprint already... But it gives better overview and feeling. --- README.d/03-check-certs.avif | Bin 9339 -> 12089 bytes README.md | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/README.d/03-check-certs.avif b/README.d/03-check-certs.avif index 33bdc408e4dcd3c35e95c87109926d801f8c9fe8..0477c398b41b439ec6eff03c8bcd2357f2637857 100644 GIT binary patch delta 10851 zcmV-pDxB5(NV#5+dK4Ic000)c00IC2009610b2k77bKC6egVXj4FMSeA(JNoE&?s) zlUD&a0X~zE0Y?Iv7L(ZlumL`^iUQUFf3PD}+000C+fFjaE%S4R8Kz4PpXJSs0_{*g zPvTR@zHyJkCaeiTTWy;Bal|2ma+4b|K2m3}#@uY@C*=B4ODq2S{wiph_i*@3Fv#uo z=Q-#)S42|f{{V(Odh(aHdj2x~6@$cZTQ7)6e+|uP7m~S#AUSVQu)-QPI$>bH~0ABwROp2e-dxD@hPAE90744Rsd)2u z`<#~OKNE~pzC<2%sJGB=Grc^+e=5Ek*8rRh`_yo{e`;zZ>cy3u?VN#`+b8BByJJ6? zsqP9HEPVZNN~-bgSfgLvez+Lv-n%34{{X`r)tmOMU;h9~?d72Bc$00p8d9`nW6QFp zU*vw7IOl`w$33bvg3}ipG+V6VO|0nHjdmWnY!W*E04j7cKpxn(rdCa{e~*=;3ZEnQ z$8MPa0BgNTy9sl@T#12c4%JAY;b`!wfWX}G;&7jTNy$~J;?x%rZ}%5UK46>Z&&{S0O6%mf7nh@sP)^c{MY1a zYB~`<09zuDJ2IBlT83lbSENGgOM%U@2O4jixfq+0rkRTb_IU_vh z80N3r>sQHTXsfSzX#{zW9kG&*RE{(GbL-cdv7f3BTwZ-=3o{gXNv<XUo@DLdTsf@T;v{u47{E>K8B@j9BEo) zGHRMjCgOLq%%HY1a0cwD#yG&~S3F51vH22@6~U@HPF#6Wpeex14te{l^7rDbUs+h| z_lauWCQ^~zNpB373XaU905(?yhUcDh#c5glRcEKBpOEW6e{7PLo|=9~GbplX@fM!S z^Qikd^GP|$1d*Ryenzz{AH%Vbx0)T*!SYc^jz%B60ES{i^ehSJFe=Rc7P7aV-rxQb zXddP{mK2F0QqhuGj(&bHLC>Ky$TXcQ3GXde#PR;-Br7mQ2-yXSfLQN5S0P2 zwA=YIRT?c?e@Rc!3Fq-$vx%zKZJubH>z=z3&eXCKt1%)3OF16|%!xK#)X zkVqcA@INZ#nsJ{hZr-fmsTT?IrtQ;NU+^tnCXsspf0sn?#-aw|LzZ_?27bBinzI{D zH0WWU!&fbL_E{tI2ADF^nF&|UGH^DoG1{o3B_2&NoBY=*> zQIc8Se|;|L%K(RMsrgRf*a3rpM{0&`8&i#)n@hZn2R}8tj12MAS6yoyi7nN{UNVg_ zBtltCE3}{9D&sBGDz^ZC5c<=t^#;~$qFes}7s&(?6!VdmGXs9;YdZU-FaoL5P7bi4TOtna*8 zEY|HRu#e4*midS-Uv4@mAx9tpJu9j%=FeBMpSjU@*KJjEn^aC&>x z6G1J!tsKZvm5PvkLBaiNy1UVQEpUF=fBNf9b1bE%{q#$YdE;*+{ztBAE8Q2vCge1l z^ISBSA$Lb4L*-@#nUA(xpKb;^&%JWAvBObawEh+F+pV~_@hmYjMp{;t(ZDzd0|Xr8 zk>96o`P#mbp;~DM;>!J|xh?{y+9Pf|lA{EEy+^(%ld4!Bf+Q58v$=mCJ!3Q`M&PO(%HmLE-s%o~Q zG5IcrZ!x0?`5+zK1CGPKG0iTwai`hD>1X2IPU>a^5Q zt|HV#Ho6X#xjf5Z6jxbI!H}@pf2c-&ah^IU>58c|I>_u^3+BX8$!|Xb};JBA?xrQkvFXl9j^8vs)U7Zd|u7kqjCcS6ZE_Ht@ zN#PMl!r@v-#`61oyybz~Mo&!lpbnTxtw(Qj6uKp-fRgPaUYx3?1_2AWe`Fpzwx3#7`#JkVL}qs08HWI{7~pg`H=` z$&j~ci8mv1eoTx6IVYc#e-3%dYMQO&Ru?z-8g+oOmuzx`xqOB=WyTXDh9KZ_7RqfI|c$sT+9`U9vQv z>%rvb{f^lu>x0^$@ujzht)fw-yr%femJX9C^0N5IkPqSVx_`CpTx})hH*4s2(fIlV zwvqE ziefseZx`D_ECjkVe{=nZh>Vg3VlXkdl_!SD7{KHVa4RcY)#KG}%(m8RV+#+O2;VBr zl6M{lIKccXDvAKTdw(6wv9uO&+p2T5R2-jvI(t_5@r|VS?LGd9Z*Y%wB+RZuZAK#q z2HwC9c+NXlB}HWD!KAE3T5+oHJ^t^=>+U>NqP*&m_;S)ae{nLiNMb`HAkIcHfJr02 z7^qjpwrg{C%i;Sqx0*Fnw@{%_f%lKg^K;KVF+S^DN;BXG!I$?3#n&T*~BM8M= z8>MKdt&!Z1e~5^F(6eaCJaUBrWtbhiNF(?;IURcR>57ba_T4WM>MaTg=Mn6ARzO|O zRDwxE(`fDebH!0qGq;1s*4D`4EdmiE$Q|S}WuFupo(01 z$`~_AfZaCCN)SvL2 zM39ApNJyPsqy=Z%rb02eg;BfsbCPlw+?wO)pbpFa6N^NKTWEYeYZaub;h|R;EKFrv zJ9~M5`1W&=nyoL4nnq_9TV=$Eht0@TaEpQp{KP7CVtF~oL0q*I0ocEeAuvl4Xt0Hv zQzW~ce@T4Eu0i=a5W7By+Jy1FvNHjo+q7*5l2x1>4l%TC+6G2Q+k#KwTy+!y+sEVU zNIbu@czzpk8Zsz~RT#+x^RqoiU~aZ_-9?#d|`EYr$cR` z+kpw5LnIHifsquCz2A3E<0HLt+LP#ssHgl(FKq4J#{p!E=kp09NC9D$#xc)o6|5uF zu2%C#xQI5MJeZc;~u ze{{@!j(Yo61b-PkOA=e6+v&K4gK-m$_yl3F{W;DCIRd$@Ye=}4QJQ@}Mbu!jDi|b| zth+EU-n?WU^_ZGv{Fdo(mNzW}=VXf$6>f3C#t%GD1?2Gq!K=rq+Syw{aH37XZ)9TO zhel(717Hts{VR7#_?@lj_L18|ZKuf^f5On8HYO#*79^Z7=jJ^yE0ldQ{yAca?511) z`}`@ayzxi`%&`))a5|ji{orsh)DD#`%o+>Z-aB|dS%E@=vMfvj5uE2ILEOee>vX#(0mykKwypSth=Qceo@4h!O@B zSdiTa`PRBgm&3X8WAKKqE0IvDX{&21xb&X|~Vd$rV)iKU9&{MgXO`JI6T4 z-PatDJvz__ozY%}0r0kb#_+bWAV=r-9Bs}HaKoI8eMuDtn7SX?_TPA8QkHgr?hsnG z)nd*A48C!a26+3l0m4yT^e}jOB)37~oo&wiW=n0xR=~>r@25<4&$TiXf6&$eB%T)3 zfa#q0Q)&Cz)0K64cNd2 zFg-qD=xW#=ACe~WydSHdf4jC%vy;GVImYZ~AF0P2PzRn-UV>uq`!$c7;Vou6f}3ST zw>V}ha#R-QoRObF=s}89@cb^yd^M^dcV@(vjg?Z3v=82Yx_<(D@BzWmUWsy^95dX< z{{RS%wF)vZP%X%Kv5t9fP1(;(4_+!sr|7Z9%O8eyu`59*GFveLf3w2{-<%8(dG-7N zIBF}i$8U&MCSmYT1ZWo3V77nTWz`8GH_fm^zxSy%r)y4m16rkw&lYn!4^O7 zlZ@l1J!-f1)}4rpXpt9=IFmcn0#yQ&fV}P?vCeru)Q_xbe{JRgp+u_ZAbG!cr$e{X z{A*RoZGTgSqr`K*TigEK{awzJRMz!aH4$kKi>3BtW5PJSlVula+ zNTOl4ZW1)wm>hF~*p7PV-Dy|EI?cRuBwFR7qm?YF3_u;AV1c)cZ5YR(u11QrI9pi$ zEa`;d7}`<0?sZf6vtE|wUpHBbLmVe-2qMFOv(p{VuYX#S*T!BTb%=j%Buozf0GbGf z(hfN|fA`PfT#Xe8r6$_buqnd#<! z{{RUEkXZK1l!`D*DKY_oIRTiQcRjjSB}HdZIZE+%MipZz%J6)vw*LT`*V=2Ew6oah zpYV{|!D?c{%43WOKvF;_93DF7IW@62_JP}UfBrSn8d#LZsstp3B?-Xk_mxl4c=WG0 zqM^cXX?_TaQ>g7}{s`+VwJVK6Ni1d7qqp3y?JUtkBX5&#-1Qky7a8a}R@d9LJBErc z_)KgDBvMO9Zh;7qWK*2-19EZbK-??NXsr^lyLV@#3$0BeU7k170wkVZ&9MLh?~dRP ze?V|}9CKDyZE|Zkbqk*s*~M#eV#JbK!=IQhP;9ChyVZy=s(Fc z#CO&@js4xVnVZGd5j0X5QZsKBU|pk}w%+&|85sbAdq6(CHr!DhzM3T(PRPuS3kq( z2jnS@<1KxWlxUv#k;p0e?)x$@0JH+A$;IQp4e*o+nt=ey%mv`gLCeK!X^P{J)W+%t*2KvNc;4F zcc@$X*a4V#;23E2M1%|KFQ~sd4^h1N?MpTz049J^B0ty%aIa7@G;M-SThk zObM>mcxS9Whmeubhv51Aqm4NS_#wh0B$*Zf$NBqkO@D#MX4n~{dnt9go?N48@#Ku5 zWxZ^L*CmpDJa#EfAhuEZHE_^qkEJx(=HS|nhG*Paa!w4B=;FXKOU z&7K)9+|bBenFdAWtxEK zAwtQNi-gToo&2nR^6BhAM4u>ev(nwTmD5m^eW)J{ zz<;3>3LKIp45n@M-ec3|?l4Zo{$|bWZ51#rERXNlAOwD9AkhQGjzw%Jz%+ERV}bGn zSd7H@{6r7i50nllQi04{{F8iGF$5fk&eXmzyfoa|qHVkbOMl4PGSrAm1;3vYy=e$&m^h9N)U4vOr}i8gs~*0O#@SzP)oZWs|%}D#_{3= z0svZb{A*6Bk@vm&J6{_0h4{f+{1up00hTa>Bd&=YqT0KjPDu0ifHPJW3*4bp#zunX$G)%Q}!N5bNu@bm&_bUOQopdiH za7d~E5}FGiCL9C;V^d=WwRDN$2@jT*jMS)ypIu_?lex@MeY%qDoiy|qr*b$48S`Xp zatY6+w5?y#v(=vF@0U-
~Ad|OiebR&nCfD=zhGjc}pM}Lf+ZgAF-v1})sNey4t zdOXQe!0V@-g20;MNsD+l^)JpdZB%TVx*%u=oVUZKlc;TdDO=fUr~r7T@V1dftI2cV zeo6hq&=ZGAwvC7__C?Nf_QZH;hU8Xo7A%{xpxWD-G?4!0u{{`UsawTzv_mLanXCWo z-*xzB}n6Zef!mpUqWi2`%Ar|J}_zcAC zDtu!!heBI8U#ql+`8!RVA6NMTonNPUz!xh1bb_$b(|=;7B_W<4Y}D%oK$_eE5xZGQ zy}(@7^T-E_eq<|%4tp(26<{rf?UA{$lOp?KLW9F6iZwHoFmbkM=r!2tx6}WVX&7LY z1z$6==_Bea^h$h5yKVjYq(M6P_M3Ngn8L>QDla$KV!zM12Eb#!31{=7ikP~D5mTMh zjfS#3{(t91pS~aMzio`;Uf|4D_|$r)KQ|a?6gr2f@3Lz2g}#|H5P!}JP8f&1dOVi< zUzsbSH?t;Elw6f~KY_+((OLC$#cAxEFZ-(0JxTi%3Y6v=-j12!QkF^B|BvN_>sL&? zZ~s@nYpAOol6>s4H*{QOpQ7`S+U$S^pykKVYkw_SvKQ1~xieh?e;NMNt3DDu$@jfg zw>sOkYkj(jzj@z)ft!;9zzzGIXQ`{NcdFe97CwG<> z){)ldV(Ign%3V8Ym@{rwTSgcqcSU~1Mc$MLJRStt9o8U`3Yf0nT82trw~2@|`7;fJ z-Y2SIUc*{oqxU5H)-spGGlM(h4W!W*`d4)*x66U`;2Ym z;UH83J9}wNbXNyP$QO-2&%ec|6o9A)BHu5R-}6;I1o=P2ox7l9nZD~Inig9n7|u9} z)c*j{5Uv)<3gabNKNj*PGhfMjv{SlMvkKNs^lT=EBrD_O#c88cMTlYun@6RO^M6J< zo?Zj^85o8`jHdxcyM#@XU)f8efoxcbWG-SA4XHr0+wXwK%~?}}>}@==7~m}-cpPv> zh@73hi6Lef8)Fz*h=s*rTdTf$$y|L(dUp- z<2PHWGO`Rh^rOY=paE?$24E)Ecv!HPriFU{)ems&X0GU9?tJ&(D>Ts$r5ylL%^XM= zZEO1K*D`32UE2xaxN{>gyr$8+P;N2S_qc(dIt^_u3^h%$Qw1Cw<)D7T|DMc7;P=D4 zw6fZ%OO147nI`YJ*F0};I)84{h97ONR}eAJV>{E?cEcHh)22ZZ`t&Q=evUVCX&GR5|m3X!^jj66d`pHc}?@kDlUqi~maZ zah@yyAEHk=@~1BTX-hz2<>%rkrV`_rDS$LAY2H@pwJ5ux?rs)G;>WJ-Wt4kafQujp znoQrP&E6#ZnaTwGNJ(5lTe2`oY=(#a4;DO^5%Hv6Uc&_2UVmDk@rEP+ZC-HsJk(s< zjb3=B*`~c|=EkHnGQb}^cAuw;7Qi=3HTv9akwY_f@Q`$uP5Do;j(tVZN?{PTqvG5D zMAe1?O{jv#g{wA`g8yI;&GPs{6_zD zAV%0IwvmfHmT9NC%Qeum-fz+#>Yh!JZKQbHYYZA;xx5!;eIo*)s3p|LyW_1&L3|<*F zzUzu5x=M*b#z@Zp5@UWe6o;ok3&=x`$mkhPz<*Th!BF?&I$Z8M>eFpKI@{`v$g{fX zF4ofea}4fEyOGE)+Lg!4(oD>MsR#Kyqh|J(}=Ok%KwNmU#R+f6m(z`Rn~ z9sH6tI}9oAR?^Edt-Zd<+vhg;>@(#?e-(oW%734T`)n4Fj*OIC$3N=9 zi&Ss~FAlgPGbf>;)y*fiJQ_O&ue(nF^fhcf zpgF=~Ij=t5ZE+8a+rOoxUxOGHn6)SfK-4C$X4Ofk{F64|a?JpWy{nMs=;%ED9?D!2 zDf)zBs}b79AiWO9v=TM`b2f0Jgphc02vW+dY*&kaB~sIP0Yd7%O&e$6o`2!fqGN%0 z!gKw8d)D6=TU z)u}=iOQmzEO%FRraI!yF;D6X@8>Kr)NnU+b*zFP(L-SN=B%iG~3rL=KlDqcx6}|V( zM`YOGz)_M(lF)Q`L)-V&#j5OZ6G?wEDl7Ef&omM9kL}loE zaMH4&7>0&I^~vcHMN{QXr0NGsv#7B?4wz5+ENbCF9dIC;i2e{j5tMuB%dTb#Ek56q z%*hyQI1f4X!>X&+suokzo{(+^$0etwqiql*hm55tiLN*A3e5JsPk;JKob>IPmDmsU zjGhw%=n@gLGEmBQ%zwG|=VmdD!~W!$wd=|8kobUwb6uS31F8G%58)6>sa>r2?zpYA zIT$Y{K*&li0M#wen;|DyID19xg( z!bL+IKn=Ygpa;YyPyrA;#Wl9FAoi069BpT903(A{3wtfew{fKtOr91Jmg}C z;G|(#7&F1C)6(Aa3eP!l#KZ2n2yqkO`B(Tbm8(3|3HJ%ZwCR}6j~e5dw?<_EuHHzx!OQ|F2Bz32?NGSs;1p) z*xJr&f7{2v!3e9p3_Vj?@?tx+yqsE%a)FkiV_vQSZ;?XQGZ&>RPbOTYCy*|8)Nj_x z1-sAU>lfr4%ksL~&sm8fa z3*n0ML7GDSw^cvuRq3f;!UHf(&eW5CUeNR5#bD@%Xs!r#Ha%cOVV3(DDXY6NiK8^Y zO)m|VXq8u7zc#tt3Wj2Y!0yYXXw!K}R0U`vi$HGsZC6y)z(E=Jg}695>`iueP&hm1 t_scl#3gMHt{jdQvEef-5xOB1#+kDLcOCypKCW4HA?P+EuBU(&JnNS#?H^u+} delta 8079 zcmb7IWlx-q7Tm=hiWHZ^;_kAzLvbiB#fnqh;lYZ#ySo*4C=LY*ZE<%NcZb4#|H4gX zGMNu2b248}aypEk5izOb=#*qhUza z0SkZylM}#laBVorOW=C2U{e&_JQ%p3`Ly&}iDh6jqPzF%=rkz8m^4`a=xQ$BrG-87 zkaBsRV}9|o8ct1n<;xE;XOz#YB_q1|jNFUnj(neYUvlnBvUEf}U$p*kpN;v^5m|UV zUFS>u?W9g;f8pF&Na<->xJ*B&p`Zy~@{^Q$u(gx#PRuZahxW)0wh`6*G?M`u|BBb6 zXD`WKMWDyXJU61!$0T0^KpeAyQ5yXv-SbyG()b%E#GxP}aGnkg{C5#%x-SuWhac~T z&Dt8%VwJ?HhIIX~ki025X?E*~#MZ?g=nIv9*v`Fy#2&u3+p7<`8~vA2f`)FkdSz;~ z4ih{OxD}}Miv~nz4G#Db&H?3D+g{QIP!7iPrP8;BX9IPy<(1T&?adu-K2>^8$MUPn zGc;oR?tgBI)ev88hJ|~RIwT>_y0I6ri&0*Wf7Lo~pub(-)~ww&jjOQ?!j@(ejb$c# zfM!e{_II+oG8x1?`lTYH_e0qqi%khlkJI{TzHbc+5r4pR_@T*6^$x&JEk?^{$-P`D ze?jk&uaWj7y^Bti5_CV)FJ7=`kiRqhyD;HjzEUTB*RaCE-T#-b0TeY8#=+I8V~ zK3$kE{i`p~5;4cqqPx3B6ue_cOdg~~r4Sb*A^gfqUc0th1QTixW+?fjZK>G>tp`3R zN8wnt{cx}*jFMmbXwIO3+(Gp&US&OXmwCWJ`Sj=wv`NNO1^A-=)Cw>%+5bVKqjB;2 zy`tadUw%o6I&Wtr=PunHC1(I>9Li12j}v8ugpIOzW`m)kwG=A)Nfar`5cW3xwWq-Fzibql9gnf#i(h%5y#K|(3 z<;r&$L%-A10jU8F<})2BJeAwJ``J>RMyGp~UgIx)Y%bUmVPyFx=GvsvuRrT!TO1&T zj^xW*NGb{-%q3*X@tTL+Jqd*H;k2jX==}7FSP7*#laQG`VsdPxYFp`}fi?DS34{^e zy-Y%?ww^9yIG}>b+h1q0i6ZI5$rT;m`1JPO&fLx!c z@^+LRz8Csdg--tU)e_}OZ0f<#;`1ha{9O+-&mqI><;0#VbZgfC9@16)1~MYL zNgrqe4DG`Qbtd1D2}Ne?4ctz>jtYB@z1ZpVg*CJ-zwrA^eld$BPR@8WDtK87xN|;Y zy0T8tw}l(QelKZk&OC1ZO|ejmWhK&4$o%+I5(9l#7XPIXJVI2Y(^#P{SMIQ^Hzm_` z;zktgtIqgZkELtugwEK13XH|wx*4o!C(8mCBgL_>`)_NhT3DIHuu|R7DHgLZ*r2Df z3u|di`wWuOw@95S@S}u!j7Jr{rV!4R+duXF(4y2&TA0^NO@52^euHPv@J3#9tV4Gy z>jH^I)@}0r=9pawn~WyOi8*Z*tZ9f(TNd3$R&VC65IeZ%GzEknSx zbLpC(1(SG-FvTbl(cyAIw#@7fm*C%X4Gy1{u0SOJlI3@BcBAIVIV1^j|l=#%nBYZlHF70diWSp zkT=HJoCqs85z)o9xk(1+ z+TtV<=8LvuyqwkLCXoFdkFc$L(C~cP*Z6XDhWQJaiAb)5uZjQ6NnaNPYxy_fJcW{8=DS5#Tu{t*&mlr2ggh z*?KpNm`W8Y63ih;26Ax;$Sk7?@0qFNxxYG-wxcJON!5*s3F#L$r_7b$!R_0ll`P@Z z%*#YZ&bwV*x9%nBo|A49{Q%JJds-#`ig?U*PAW!GHB6k|k%5K3a0=_G;uPlQTA ze|>jQoU=66Yr9qw9}E0S75nfLLdLElFoII;$)8o*)1|VkoWxoZ4=GsXb|0$2!b7lM z?bx-5+d-a&%{iX2^1OkV4SJKjafY2iS=#=?D+OYVh#pSZbgeI3X^n=$KDSfVcY-BR z5Voce76JcFlzWSRt8mUSzY(o2we!CUwyR?6cXd}nTr%MamVqS!T6l}R(xyjemDbB6 z{RZos!lY787#oLC#%0s@Nm-x!W33l;o5Ep#7oP0x`3Bh{bWhysVoOgra%97X1k ztenfm8q*?Ch3Ah2Y@TN{#W+HU!W6I>{M4t|mBJaBorlz2ZfotUNOM#w8}7Vrj7qSR zkNG9f-9ret6=)A~laa|&ed z7;4_~28#08`ISAr1E>Dn{ljR}1{r23jg@73w z@ePDEsr^3d4HRyrQ1wu>{Dcs-Al=-gmAVU-tS1eQKMO`#7Mz}?;QVjF*t~Rtwnc>W zcY_cU8=E)-X9zCmtcB;#WkI4k+@P95@#6A=5_1qAiS<-57BOvJy~fv+E?6?`;nf4qb5^9k3+s5oH&A zHDoKwc2JI^g4Vn|i zn+QF}JV0>rXk1Y%@4wZ*kQHBHV{2@mJmVY_|2#Ip}g+Dh7Wh^ zr;5Lds&`0<%QV!2ody|WHWPEKuKueFbZl{%+cL<|`Nu2|-+zL1tUOKtQb-R3#oXRk zmRt@;*LKEZ_5HBQw2Z%x^4JX4g3EyqnjsevsN?!?_U4=noke)rbD8$46-pe81kE`c zC^uQBoaxb=7yd-iP~OvYs3!Y-jla^yWB1?Lm8P$FVXM|t|I&YLKliI$k-=%`)V{n421Z1Q|Jie=Co%bP z>a0pwRxr41LvN)g9i7_m)dms?V&Q5Z4VbO!^z%u%T(@phN3N$(`iSSKC$4RSmNvBx zIiI0a1Fs*8VlC9t8#$c0b!-FE@t_cA z^muMi3?F6ruN({)L|6ThSf{7Z8JlIcQpCL9{j{x4I`EjsBNFF&(Pbt*orbir6B2YD z^3-OvAt50#6kY{L8%Ej3hjm#D+guH1i7?xLTneK*pN?j1+I~XRds4@{3o>Sh`q~jf zg5sPcUMkx>2-6T{fW4Btz1M>*uFNM3HAEkVqCm9&lR^evh_jd_=_GsE2(90c{F)g` z;T^!L(2ou<I|7H(`ui1CDtwE;fYwomk;=p$ z^4IFxqxq-6=8)m}1)JSX#e|_M{KUk>5#QS>$$-x`QajsTaq2gEF$Wfot5v%>56Nvp zPm5O>*$zJT<)2dTNXy(KoUAS4#j}Q3T?v&0zTyvQ99!bbAA_pvC}$_f#O5<5b!)-0$@!lC0q%Tey6JDfk!77_n`{e-&Cu@M}w*k{>FtGc@`3C;#9@ zYeF0Jo^t+l1~T_g_uTv|8+~)tJi!pp+~KH0vu)d+5M+rrgLtiAREbID?Tf`Mp##Q? z)$vB+pAdZ+O@s?{>T$vy`MVEColMy*uLekSijBSqh>u5Gy=*K`s+u?}h;XQ%!sr5> zC(p5v)d`hXY#(N`tnU`dB1=VPc2J)838B>?N?!b%&H28A z2$N~)m%i~?ZA%_lfqLKZJsGrq5oo*`qP~~bA^XDnVNUT!lwdr8$*183Nxg*C6q!Ml z)~zf(&tW97dMXa+v)E=xA32&-{U5RX$NBxb&54o23cvLGLlOU;S#HA#YF@o%@7~IX`h@?sqfZlm{@9FHDGNXW*OG2Oac+%zREroS zIIMeo-OjW6E_^};ky)&=9l-Tuh~{)vtWikG8v{@m)5@&`?UT&e7@%$49AKNsY6=b0 zh4X`N(WUFR_`1+>1W!)qH05Q0slWj`c-G`NJ)eBJ-`nTPoRQdnS$ZC3VYOUXJW}p@;|C6iVd250yOTR^5ssi%21&vvez|71%x*Oj>y%CP^FQ8BBE3~{>r>YrTnAV z`;n;akvUhCG^`Cd6|)t>J$1#xWS(y9GPdR&V;Yv06I4G`y0&S{7M2Zsu|~Y z8`0&@8hq&e`GR8B%e|ze#Hf*e3w~s+_f0ukTZc;H* zgB_!7ofRbp0LH=i(KCUY?q5OtTX=5QflA7Rw^u|$t^ot*NJeKgmvvr+sE+LS*ur)? z<3*8A_=cQkrGQFrm5$($q)_1->@NEv&wj(bHmVsqgFqmqwpL=j-uerBR%JU%Q2^7wgMZAV4lt4x-i$Aiu25N;F7D}SZO(pE3?WW`mh=Db|` zUBjI`A&oxB-pk2-%Gq3&#Vgrk;CoMkka%XY#e?6=q-?W_rL21}�Ibb~WfBjIbKo zifkkfG){P~t}rzz^1sD8z6PJ91Z|A6FyWwmb6!S~KUmLhL^$WSwO0TkUmue%=OE#! z*uzT@YN?d7O3SIVX_wVRSvUpt9$>!s4MA5mnGK~Ju+1K8x-J*>n^m4GB6&PVw3L*d z2Y6TgoQ}8&eY$uT(bu?kt|HQctP6|fhNb^|EaHlUbV(?{>ubmTGuPs_}7-r44x1^s2 zly#4OZ>s5Dp%0tXQc#lkO|AvoD@YP*;PQ#n=Xb2}X1?gk`>W^@r6=@n%`xl7aEmmP zDr#?kF&BjKicc8Y2DY`2#p)KgS+p|h(Ti$^oD9P*F0AU1d5?@J(e?np!bp;o`(}+x zoj>BEGnhRE?6;<-*e@IRexX=awWSF_Nr9i9lWFqUAEjtx0Iw`7>sb3Yv z^zi55JY-9Gk8GMD_{7DBL5;~Tu^(KeotVZmS$X@pDM^m}$4J{57OS095Pg-+7M6+p zL*si(_FRVhW1;G34pM4IQUAoXD?Iw&GYt=(x;d0upkiQnBlD67*V&6DG_BPDBpL5c zb;U@WKIsgqw`AXMz15CmuB2oSIL2B+PfTSR@RMSjd=wOJMUrxlex99=evLS4d=OcC zIHdijmEvA<-(ou_69;J{G`T>1`e$OVPr!MxnEd!PbZAEY$VH*gRsF@P~ zj4ynfzwm(k#T$MEC(8o(DVM~~-zAOgQu9;HAEt6p&COS%c1={^OvEa~`_-Bzh;^ur z`vgw_LM;q;C+UdgIlfPjaSmnK*L!O_)XK0&{nYgDT{l@pM6S@*R%xjeo^}fok3E&Z3VxCC8n}KXkkOLl zW8jw&{qXIyQf&D;cPJ^m1U~C9?oQ4RS1qB7Ao$mk6rXTP4cpIr-G{*^zJfA+!R`ax zwjO`0gYVz5LWq6<_(IPGvn*4;GO&P~-yI^OgCwYF+67WY&oLUh=wn~zhQ?7=iG!JQ z&5vrNc`F}iK9e9M_eOmDq44z^+Dx4LPmfpbIn&^l`80v9eiCEu#=`0+SJQiBwfSnM z1T_;Xm>=V(T0UQ*q~G)K2c^mchAg8O-g*MQRLFS8Uk2r=04ZUAM;8eN7{NI6ldZO~7fXz6tUuS``M{Kp9EhuChu zZogg#t_LTs08k_w@G>6&+3aW43CONHISj=)3dKGK!c*MwDvAvYuT?mRxYfp&|d5Q$OVI|pR`Hz zeg)0SjJRo{izN72x{_aJ;f{q?2@4Ol*LC^v`82o3wI+vj^$K$f1m zd&LvHo#44GL^APLzdddKoN0LK)BK0cj8OO3LRI@&ywZ~EoBn0 zLD+82AG-iwxCzMs1|#d_)`N;KiT8BmJWyFq&GWKFP&(YVCO=HFj1*Z%Crl+Av!jOw zatc1`^%5j31n@FQq%fJ!2P4r^Kl&WBJ9cOSlEE2^)B0MSB&gVgr(Xr(28tmwZ~^~VZQVKpusFtBdFdGg4&8FsJ`Mc9 z=@we66ZjS)(VAP0$C1aL`Mzu~WQB&5SLTlQ$z3*QOa?nKFrm9Kw)?YS67Ut9S2;82Jm_1&hfa%sb5P>$1)n(o3z?_y_OoY7aWE z%?zwTiZ$|Z0*%o#-o0|sM}@khccChE=nUdcQgG&Df=!-+e`s2BAc&vab7eXd0U`ZO z_@Z`;lS}A1Ke>vlI3&w|xo+c-9U2s4dT@u{S&yxrPSmthJ~JW}s3vX*Y6g@W9&mo= ze^U+&HC)oNP!*l^y0%@1`nfZHFL^H036XqQ%M76UY`QPniInW|3b~eCv~b8o#8Z0323R8Yd8`SWBO?(_^eW$DEZz$j?RKPN{VqN1qNewG z+gR0gEhJb*D@?ApfK`7#UKLGL!!ydilFonq`As;*xl?Eq@^y|E#l3k4lVw!w#8%kndld&N*^8-Q10R?50Ri^NReMkl6%x;2BjapJ6gEHL#1ci?_UtDc4= zG9apUfuM`v)z@%}QsKruBUYAz8BrqD07ag2>cqBvZxfZpp~}}0fmFlW89zrg52X`~ z=ZKN#TV(fe)6{KXmaIBzf_tRIf@>ulUV7||(f4g+fwlzdr<5R$>YI85_JmQI>h?FK zXVI8Gu_p?9o*ltj#KX;CZ7jVav6-U|zqd!41YA^A*n3OmiL6p-i%-gG%-LmC*t?OG g9gomMY$x< Date: Tue, 23 Apr 2024 10:43:19 +0200 Subject: [PATCH 486/908] netwatch-notify: log to debug... ... instead of discarding the message completely. --- netwatch-notify.rsc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index 9b0beb9..17682f0 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -116,8 +116,9 @@ } } on-error={ :set ($Metric->"resolve-failcnt") ($Metric->"resolve-failcnt" + 1); - :if ($Metric->"resolve-failcnt" = 3 && $HostInfo->"no-resolve-fail" != true) do={ - $LogPrint warning $ScriptName ("Resolving name '" . $HostInfo->"resolve" . [ $IfThenElse \ + :if ($Metric->"resolve-failcnt" = 3) do={ + $LogPrint [ $IfThenElse ($HostInfo->"no-resolve-fail" != true) warning debug ] \ + $ScriptName ("Resolving name '" . $HostInfo->"resolve" . [ $IfThenElse \ ($HostInfo->"resolve" != $HostInfo->"name") ("' for " . $Type . " '" . \ $HostInfo->"name") "" ] . "' failed."); } From db1faf1091ed300931793e2e198acf83e8eca4d2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 23 Apr 2024 13:41:36 +0200 Subject: [PATCH 487/908] backup-upload: remove temporary directory --- backup-upload.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/backup-upload.rsc b/backup-upload.rsc index 63e5b7f..1b9058d 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -158,4 +158,5 @@ :set PackagesUpdateBackupFailure true; :error false; } + /file/remove $DirName; } on-error={ } From b3b7643661b13856437ff75cca0bb48f1e1aa0bc Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 29 Apr 2024 18:03:08 +0200 Subject: [PATCH 488/908] backup-upload: no early exit... --- backup-upload.rsc | 1 - 1 file changed, 1 deletion(-) diff --git a/backup-upload.rsc b/backup-upload.rsc index 1b9058d..1dc98d5 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -156,7 +156,6 @@ :if ($Failed = 1) do={ :set PackagesUpdateBackupFailure true; - :error false; } /file/remove $DirName; } on-error={ } From 505074e6d333f9696eb1b2e6afc90a59a5e1e1d6 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 23 Apr 2024 14:09:21 +0200 Subject: [PATCH 489/908] backup-cloud: no early exit... ... as we want to make sure the directory (and its content) is removed. --- backup-cloud.rsc | 1 - 1 file changed, 1 deletion(-) diff --git a/backup-cloud.rsc b/backup-cloud.rsc index 8e29c67..1085f05 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -79,7 +79,6 @@ message=("Failed uploading backup for " . $Identity . " to cloud!\n\n" . [ $DeviceInfo ]) }); $LogPrint error $ScriptName ("Failed uploading backup for " . $Identity . " to cloud!"); :set PackagesUpdateBackupFailure true; - :error false; } /file/remove "tmpfs/backup-cloud"; } on-error={ } From 5f1656b7ce439e6567803299eaddca215e8cb7cf Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 23 Apr 2024 13:53:04 +0200 Subject: [PATCH 490/908] backup-cloud: clean up and simplify code --- backup-cloud.rsc | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/backup-cloud.rsc b/backup-cloud.rsc index 1085f05..bdc6c34 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -49,13 +49,11 @@ :execute { :global BackupPassword; - # we are not interested in output, but print is - # required to fetch information from cloud - /system/backup/cloud/print as-value; - :delay 20ms; - :if ([ :len [ /system/backup/cloud/find ] ] > 0) do={ + + :local Backup ([ /system/backup/cloud/find ]->0); + :if ([ :typeof $Backup ] = "id") do={ /system/backup/cloud/upload-file action=create-and-upload \ - password=$BackupPassword replace=[ get ([ find ]->0) name ]; + password=$BackupPassword replace=$Backup; } else={ /system/backup/cloud/upload-file action=create-and-upload \ password=$BackupPassword; From 57ebcfb41cbd078ba62c7d4e7e921ffdae834521 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 29 Apr 2024 17:37:28 +0200 Subject: [PATCH 491/908] backup-cloud: retry on error... MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Let's see if brute force helps. 🤪 --- backup-cloud.rsc | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/backup-cloud.rsc b/backup-cloud.rsc index bdc6c34..88dd345 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -47,19 +47,23 @@ :error false; } - :execute { - :global BackupPassword; + :local I 5; + :do { + :execute { + :global BackupPassword; - :local Backup ([ /system/backup/cloud/find ]->0); - :if ([ :typeof $Backup ] = "id") do={ - /system/backup/cloud/upload-file action=create-and-upload \ - password=$BackupPassword replace=$Backup; - } else={ - /system/backup/cloud/upload-file action=create-and-upload \ - password=$BackupPassword; - } - /file/add name="tmpfs/backup-cloud/done"; - } as-string; + :local Backup ([ /system/backup/cloud/find ]->0); + :if ([ :typeof $Backup ] = "id") do={ + /system/backup/cloud/upload-file action=create-and-upload \ + password=$BackupPassword replace=$Backup; + } else={ + /system/backup/cloud/upload-file action=create-and-upload \ + password=$BackupPassword; + } + /file/add name="tmpfs/backup-cloud/done"; + } as-string; + :set I ($I - 1); + } while=([ $WaitForFile "tmpfs/backup-cloud/done" 200ms ] = false && $I > 0); :if ([ $WaitForFile "tmpfs/backup-cloud/done" ] = true) do={ :local Cloud [ /system/backup/cloud/get ([ find ]->0) ]; From 4006d07222511b94fd84aa4578a0b857a59639d5 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 23 Apr 2024 14:20:30 +0200 Subject: [PATCH 492/908] global-functions: $FetchHuge: remove temporary directory --- global-functions.rsc | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 66765bf..b0bde7e 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -406,13 +406,13 @@ :set CheckCert [ $IfThenElse ($CheckCert = false) "no" "yes-without-crl" ]; - :local FileName ("tmpfs/" . [ $CleanName $ScriptName ]); - :if ([ $MkDir $FileName ] = false) do={ + :local DirName ("tmpfs/" . [ $CleanName $ScriptName ]); + :if ([ $MkDir $DirName ] = false) do={ $LogPrint error $0 ("Failed creating directory!"); :return false; } - :set FileName ($FileName . "/" . [ $CleanName $0 ] . "-" . [ $GetRandom20CharAlNum ]); + :local FileName ($DirName . "/" . [ $CleanName $0 ] . "-" . [ $GetRandom20CharAlNum ]); :do { /tool/fetch check-certificate=$CheckCert $Url dst-path=$FileName \ http-header-field=({ [ $FetchUserAgentStr $ScriptName ] }) as-value; @@ -421,6 +421,7 @@ /file/remove $FileName; } $LogPrint debug $0 ("Failed downloading from: " . $Url); + /file/remove $DirName; :return false; } $WaitForFile $FileName; @@ -432,7 +433,7 @@ :set Return ($Return . ([ /file/read offset=$VarSize chunk-size=32768 file=$FileName as-value ]->"data")); :set VarSize [ :len $Return ]; } - /file/remove $FileName; + /file/remove $DirName; :return $Return; } From f1ad80873498e314bbc04f3f2be5feff33d7e9ff Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 23 Apr 2024 14:26:05 +0200 Subject: [PATCH 493/908] mod/ssh-keys-import: create directory later --- mod/ssh-keys-import.rsc | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/mod/ssh-keys-import.rsc b/mod/ssh-keys-import.rsc index f37c28b..e920762 100644 --- a/mod/ssh-keys-import.rsc +++ b/mod/ssh-keys-import.rsc @@ -38,11 +38,6 @@ :return false; } - :if ([ $MkDir "tmpfs/ssh-keys-import" ] = false) do={ - $LogPrint warning $0 ("Creating directory 'tmpfs/ssh-keys-import' failed!"); - :return false; - } - :local FingerPrintMD5 [ :convert from=base64 transform=md5 to=hex ($KeyVal->1) ]; :if ([ :len [ /user/ssh-keys/find where user=$User key-owner~("\\bmd5=" . $FingerPrintMD5 . "\\b") ] ] > 0) do={ @@ -51,6 +46,11 @@ :return false; } + :if ([ $MkDir "tmpfs/ssh-keys-import" ] = false) do={ + $LogPrint warning $0 ("Creating directory 'tmpfs/ssh-keys-import' failed!"); + :return false; + } + :local FileName ("tmpfs/ssh-keys-import/key-" . [ $GetRandom20CharAlNum 6 ] . ".pub"); /file/add name=$FileName contents=($Key . ", md5=" . $FingerPrintMD5); $WaitForFile $FileName; From b0f58696f334c9c378229f68f7e5e6d69a4b6af7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 23 Apr 2024 14:30:42 +0200 Subject: [PATCH 494/908] mod/ssh-keys-import: remove temporary directory --- mod/ssh-keys-import.rsc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/mod/ssh-keys-import.rsc b/mod/ssh-keys-import.rsc index e920762..6272a93 100644 --- a/mod/ssh-keys-import.rsc +++ b/mod/ssh-keys-import.rsc @@ -59,8 +59,10 @@ /user/ssh-keys/import public-key-file=$FileName user=$User; $LogPrint info $0 ("Imported ssh public key (" . $KeyVal->2 . ", " . $KeyVal->0 . ", " . \ "MD5:" . $FingerPrintMD5 . ") for user '" . $User . "'."); + /file/remove "tmpfs/ssh-keys-import"; } on-error={ $LogPrint warning $0 ("Failed importing key."); + /file/remove "tmpfs/ssh-keys-import"; :return false; } } From 755db5d66db8e24872fb7bf959e09b047f7cd5f9 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 23 Apr 2024 14:50:57 +0200 Subject: [PATCH 495/908] global-functions: $CleanName: do not start with a dash --- global-functions.rsc | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index b0bde7e..5135fc1 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -230,11 +230,19 @@ :for I from=0 to=([ :len $Input ] - 1) do={ :local Char [ :pick $Input $I ]; :if ([ :typeof [ find "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-" $Char ] ] = "nil") do={ - :set Char "-"; - } - :if ($Char != "-" || [ :pick $Return ([ :len $Return ] - 1) ] != "-") do={ - :set Return ($Return . $Char); + :do { + :if ([ :len $Return ] = 0) do={ + :error true; + } + :if ([ :pick $Return ([ :len $Return ] - 1) ] = "-") do={ + :error true; + } + :set Char "-"; + } on-error={ + :set Char ""; + } } + :set Return ($Return . $Char); } :return $Return; } From e7cdb2d7f454fa093b6b9be3e38a86a90d344d55 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 25 Apr 2024 23:59:11 +0200 Subject: [PATCH 496/908] mod/notification-matrix: format date & time italic --- mod/notification-matrix.rsc | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/mod/notification-matrix.rsc b/mod/notification-matrix.rsc index 9442f54..196633a 100644 --- a/mod/notification-matrix.rsc +++ b/mod/notification-matrix.rsc @@ -139,11 +139,12 @@ :if ([ :typeof $MatrixQueue ] = "nothing") do={ :set MatrixQueue ({}); } - :local Text ([ $SymbolForNotification "alarm-clock" ] . \ - "This message was queued since " . [ /system/clock/get date ] . \ - " " . [ /system/clock/get time ] . " and may be obsolete."); - :set Plain ($Plain . "\n" . $Text); - :set Formatted ($Formatted . "
" . $Text); + :local Symbol [ $SymbolForNotification "alarm-clock" ]; + :local DateTime ([ /system/clock/get date ] . " " . [ /system/clock/get time ]); + :set Plain ($Plain . "\n" . $Symbol . "This message was queued since *" . \ + $DateTime . "* and may be obsolete."); + :set Formatted ($Formatted . "
" . $Symbol . "This message was queued since " . \ + $DateTime . " and may be obsolete."); :set ($MatrixQueue->[ :len $MatrixQueue ]) { headers=$Headers; \ accesstoken=$AccessToken; homeserver=$HomeServer; room=$Room; \ plain=$Plain; formatted=$Formatted }; From d6e315580bf354e7a5620955c707e604d3cdaf9e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 26 Apr 2024 00:18:07 +0200 Subject: [PATCH 497/908] mod/notification-telegram: capitalize Telegram in message --- mod/notification-telegram.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index 745367a..440e0dd 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -149,7 +149,7 @@ "&parse_mode=MarkdownV2&text=" . [ $UrlEncode $Text ]) as-value ]->"data"); :set ($TelegramMessageIDs->[ :tostr ([ :deserialize from=json value=$Data ]->"result"->"message_id") ]) 1; } on-error={ - $LogPrint info $0 ("Failed sending telegram notification! Queuing..."); + $LogPrint info $0 ("Failed sending Telegram notification! Queuing..."); :if ([ :typeof $TelegramQueue ] = "nothing") do={ :set TelegramQueue ({}); From 4b6cd7ba2911b44f8d0890c19c5342ce28a6b3a8 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 26 Apr 2024 08:15:56 +0200 Subject: [PATCH 498/908] mod/notification-telegram: use proper variable naming... ... in local escaping function. --- mod/notification-telegram.rsc | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index 440e0dd..efde85a 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -81,24 +81,26 @@ :global UrlEncode; :local EscapeMD do={ + :local Text [ :tostr $1 ]; + :local Mode [ :tostr $2 ]; + :global CharacterReplace; :global IfThenElse; - :local Return $1; :local Chars { - "body"={ "\\"; "`" }; + "body"={ "\\"; "`" }; "plain"={ "_"; "*"; "["; "]"; "("; ")"; "~"; "`"; ">"; "#"; "+"; "-"; "="; "|"; "{"; "}"; "."; "!" }; } - :foreach Char in=($Chars->$2) do={ - :set Return [ $CharacterReplace $Return $Char ("\\" . $Char) ]; + :foreach Char in=($Chars->$Mode) do={ + :set Text [ $CharacterReplace $Text $Char ("\\" . $Char) ]; } - :if ($2 = "body") do={ - :return ("```\n" . $Return . "\n```"); + :if ($Mode = "body") do={ + :return ("```\n" . $Text . "\n```"); } - :return $Return; + :return $Text; } :local ChatId [ $EitherOr ($Notification->"chatid") \ From f8856ae7423d2b969b02094cc002e75388ee6374 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 26 Apr 2024 08:24:06 +0200 Subject: [PATCH 499/908] mod/notification-telegram: support excluding characters from escaping... ... to support formatting in plain text. Handle with care, this can break the request if done wrong! --- mod/notification-telegram.rsc | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index efde85a..858ab1b 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -83,6 +83,7 @@ :local EscapeMD do={ :local Text [ :tostr $1 ]; :local Mode [ :tostr $2 ]; + :local Excl [ :tostr $3 ]; :global CharacterReplace; :global IfThenElse; @@ -93,7 +94,9 @@ "#"; "+"; "-"; "="; "|"; "{"; "}"; "."; "!" }; } :foreach Char in=($Chars->$Mode) do={ - :set Text [ $CharacterReplace $Text $Char ("\\" . $Char) ]; + :if ([ :typeof [ :find $Excl $Char ] ] = "nil") do={ + :set Text [ $CharacterReplace $Text $Char ("\\" . $Char) ]; + } } :if ($Mode = "body") do={ From 0fd1e506badcce5580fc6505c423e4fe65db4d1e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 25 Apr 2024 23:59:38 +0200 Subject: [PATCH 500/908] mod/notification-telegram: format date & time italic --- mod/notification-telegram.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index 858ab1b..4c2fd94 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -160,8 +160,8 @@ :set TelegramQueue ({}); } :set Text ($Text . "\n" . [ $SymbolForNotification "alarm-clock" ] . \ - [ $EscapeMD ("This message was queued since " . [ /system/clock/get date ] . \ - " " . [ /system/clock/get time ] . " and may be obsolete.") "plain" ]); + [ $EscapeMD ("This message was queued since _" . [ /system/clock/get date ] . \ + " " . [ /system/clock/get time ] . "_ and may be obsolete.") "plain" "_" ]); :set ($TelegramQueue->[ :len $TelegramQueue ]) { chatid=$ChatId; tokenid=$TokenId; text=$Text; silent=($Notification->"silent"); replyto=($Notification->"replyto") }; :if ([ :len [ /system/scheduler/find where name="_FlushTelegramQueue" ] ] = 0) do={ From 40f13b6ca45a15def2e63bab22d87ddf398c3cc7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 29 Apr 2024 13:34:30 +0200 Subject: [PATCH 501/908] mod/notification-telegram: format percentage italic --- mod/notification-telegram.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index 4c2fd94..9a628ce 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -138,8 +138,8 @@ } :if ($Truncated = true) do={ :set Text ($Text . "\n" . [ $SymbolForNotification "scissors" ] . \ - [ $EscapeMD ("The message was too long and has been truncated, cut off " . \ - (($LenSum - [ :len $Text ]) * 100 / $LenSum) . "%!") "plain" ]); + [ $EscapeMD ("The message was too long and has been truncated, cut off _" . \ + (($LenSum - [ :len $Text ]) * 100 / $LenSum) . "%_!") "plain" "_" ]); } :do { From 6ba1faca4c156097448c766098688cc5c4ef6045 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 26 Apr 2024 20:50:08 +0200 Subject: [PATCH 502/908] telegram-chat: shorten the message --- telegram-chat.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/telegram-chat.rsc b/telegram-chat.rsc index c1a1cbc..f8dcd42 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -81,7 +81,7 @@ } :if ($Data = false) do={ - $LogPrint warning $ScriptName ("Failed getting updates from Telegram."); + $LogPrint warning $ScriptName ("Failed getting updates."); :error false; } From 52ec6b7ea19256e47d9ffd1519ef9d7799ca48ba Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 29 Apr 2024 17:57:22 +0200 Subject: [PATCH 503/908] global-functions: $WaitForFile: use fewer steps --- global-functions.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 5135fc1..1c36e2a 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1520,10 +1520,10 @@ :set FileName [ $CleanFilePath $FileName ]; :local I 1; - :local Delay ([ :totime [ $EitherOr $WaitTime 2s ] ] / 20); + :local Delay ([ :totime [ $EitherOr $WaitTime 2s ] ] / 10); :while ([ :len [ /file/find where name=$FileName ] ] = 0) do={ - :if ($I >= 20) do={ + :if ($I >= 10) do={ :return false; } :delay $Delay; From 517ed7bf8cefe47e6c409915a4b27384f081715d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 29 Apr 2024 17:55:48 +0200 Subject: [PATCH 504/908] global-functions: $WaitForFile: respect minimum delay --- global-functions.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 1c36e2a..9c009ae 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1517,10 +1517,11 @@ :global CleanFilePath; :global EitherOr; + :global MAX; :set FileName [ $CleanFilePath $FileName ]; :local I 1; - :local Delay ([ :totime [ $EitherOr $WaitTime 2s ] ] / 10); + :local Delay ([ :totime [ $MAX [ $EitherOr $WaitTime 2s ] 100ms ] ] / 10); :while ([ :len [ /file/find where name=$FileName ] ] = 0) do={ :if ($I >= 10) do={ From eae8dbbb378dbfe43c83e77529895747da0e260e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 29 Apr 2024 17:59:41 +0200 Subject: [PATCH 505/908] global-functions: $WaitForFile: drop extra conversion --- global-functions.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 9c009ae..e8163ed 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1521,7 +1521,7 @@ :set FileName [ $CleanFilePath $FileName ]; :local I 1; - :local Delay ([ :totime [ $MAX [ $EitherOr $WaitTime 2s ] 100ms ] ] / 10); + :local Delay ([ $MAX [ $EitherOr $WaitTime 2s ] 100ms ] / 10); :while ([ :len [ /file/find where name=$FileName ] ] = 0) do={ :if ($I >= 10) do={ From fb7170f3121dd9e25cc320e5f0c98d1829e49d33 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 8 May 2024 12:30:13 +0200 Subject: [PATCH 506/908] global-functions: $IsTimeSync: log just once --- global-functions.rsc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index e8163ed..5cc665c 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -673,7 +673,7 @@ :global IsTimeSyncCached; :global IsTimeSyncResetNtp; - :global LogPrint; + :global LogPrintOnce; :if ($IsTimeSyncCached = true) do={ :return true; @@ -702,7 +702,7 @@ :if ([ /system/license/get ]->"level" = "free" || \ [ /system/resource/get ]->"board-name" = "x86") do={ - $LogPrint debug $0 ("No ntp client configured, relying on RTC for CHR free license and x86."); + $LogPrintOnce debug $0 ("No ntp client configured, relying on RTC for CHR free license and x86."); :return true; } @@ -714,7 +714,7 @@ :return false; } - $LogPrint debug $0 ("No time source configured! Returning gracefully..."); + $LogPrintOnce debug $0 ("No time source configured! Returning gracefully..."); :return true; } From 2745597b93901d34a4ade63d789c984adccd8b54 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 8 May 2024 14:25:02 +0200 Subject: [PATCH 507/908] global-functions: $IsTimeSync: add (one time) warning on failed ntp sync --- global-functions.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/global-functions.rsc b/global-functions.rsc index 5cc665c..b1833b1 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -693,6 +693,7 @@ :return false; } + $LogPrintOnce warning $0 ("The ntp client is configured, but did not sync."); :set IsTimeSyncResetNtp $Uptime; /system/ntp/client/set enabled=no; :delay 20ms; From c87a7519fe03249b8dbc5da3233e593c0290095d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 10 May 2024 13:17:02 +0200 Subject: [PATCH 508/908] fw-addr-lists: add 'strongips' list from blocklist.de --- certs/Certum-Domain-Validation-CA-SHA2.pem | 176 +++++++++++++++++++++ doc/fw-addr-lists.md | 4 +- global-config.rsc | 2 + global-functions.rsc | 2 +- news-and-changes.rsc | 1 + 5 files changed, 182 insertions(+), 3 deletions(-) create mode 100644 certs/Certum-Domain-Validation-CA-SHA2.pem diff --git a/certs/Certum-Domain-Validation-CA-SHA2.pem b/certs/Certum-Domain-Validation-CA-SHA2.pem new file mode 100644 index 0000000..0cc17ac --- /dev/null +++ b/certs/Certum-Domain-Validation-CA-SHA2.pem @@ -0,0 +1,176 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 279744 (0x444c0) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA + Validity + Not Before: Oct 22 12:07:37 2008 GMT + Not After : Dec 31 12:07:37 2029 GMT + Subject: C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:e3:fb:7d:a3:72:ba:c2:f0:c9:14:87:f5:6b:01: + 4e:e1:6e:40:07:ba:6d:27:5d:7f:f7:5b:2d:b3:5a: + c7:51:5f:ab:a4:32:a6:61:87:b6:6e:0f:86:d2:30: + 02:97:f8:d7:69:57:a1:18:39:5d:6a:64:79:c6:01: + 59:ac:3c:31:4a:38:7c:d2:04:d2:4b:28:e8:20:5f: + 3b:07:a2:cc:4d:73:db:f3:ae:4f:c7:56:d5:5a:a7: + 96:89:fa:f3:ab:68:d4:23:86:59:27:cf:09:27:bc: + ac:6e:72:83:1c:30:72:df:e0:a2:e9:d2:e1:74:75: + 19:bd:2a:9e:7b:15:54:04:1b:d7:43:39:ad:55:28: + c5:e2:1a:bb:f4:c0:e4:ae:38:49:33:cc:76:85:9f: + 39:45:d2:a4:9e:f2:12:8c:51:f8:7c:e4:2d:7f:f5: + ac:5f:eb:16:9f:b1:2d:d1:ba:cc:91:42:77:4c:25: + c9:90:38:6f:db:f0:cc:fb:8e:1e:97:59:3e:d5:60: + 4e:e6:05:28:ed:49:79:13:4b:ba:48:db:2f:f9:72: + d3:39:ca:fe:1f:d8:34:72:f5:b4:40:cf:31:01:c3: + ec:de:11:2d:17:5d:1f:b8:50:d1:5e:19:a7:69:de: + 07:33:28:ca:50:95:f9:a7:54:cb:54:86:50:45:a9: + f9:49 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + 08:76:CD:CB:07:FF:24:F6:C5:CD:ED:BB:90:BC:E2:84:37:46:75:F7 + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + Signature Algorithm: sha1WithRSAEncryption + Signature Value: + a6:a8:ad:22:ce:01:3d:a6:a3:ff:62:d0:48:9d:8b:5e:72:b0: + 78:44:e3:dc:1c:af:09:fd:23:48:fa:bd:2a:c4:b9:55:04:b5: + 10:a3:8d:27:de:0b:82:63:d0:ee:de:0c:37:79:41:5b:22:b2: + b0:9a:41:5c:a6:70:e0:d4:d0:77:cb:23:d3:00:e0:6c:56:2f: + e1:69:0d:0d:d9:aa:bf:21:81:50:d9:06:a5:a8:ff:95:37:d0: + aa:fe:e2:b3:f5:99:2d:45:84:8a:e5:42:09:d7:74:02:2f:f7: + 89:d8:99:e9:bc:27:d4:47:8d:ba:0d:46:1c:77:cf:14:a4:1c: + b9:a4:31:c4:9c:28:74:03:34:ff:33:19:26:a5:e9:0d:74:b7: + 3e:97:c6:76:e8:27:96:a3:66:dd:e1:ae:f2:41:5b:ca:98:56: + 83:73:70:e4:86:1a:d2:31:41:ba:2f:be:2d:13:5a:76:6f:4e: + e8:4e:81:0e:3f:5b:03:22:a0:12:be:66:58:11:4a:cb:03:c4: + b4:2a:2a:2d:96:17:e0:39:54:bc:48:d3:76:27:9d:9a:2d:06: + a6:c9:ec:39:d2:ab:db:9f:9a:0b:27:02:35:29:b1:40:95:e7: + f9:e8:9c:55:88:19:46:d6:b7:34:f5:7e:ce:39:9a:d9:38:f1: + 51:f7:4f:2c +-----BEGIN CERTIFICATE----- +MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM +MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D +ZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxIjAgBgNVBAMTGUNlcnR1bSBU +cnVzdGVkIE5ldHdvcmsgQ0EwHhcNMDgxMDIyMTIwNzM3WhcNMjkxMjMxMTIwNzM3 +WjB+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMg +Uy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIw +IAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEA4/t9o3K6wvDJFIf1awFO4W5AB7ptJ11/91sts1rH +UV+rpDKmYYe2bg+G0jACl/jXaVehGDldamR5xgFZrDwxSjh80gTSSyjoIF87B6LM +TXPb865Px1bVWqeWifrzq2jUI4ZZJ88JJ7ysbnKDHDBy3+Ci6dLhdHUZvSqeexVU +BBvXQzmtVSjF4hq79MDkrjhJM8x2hZ85RdKknvISjFH4fOQtf/WsX+sWn7Et0brM +kUJ3TCXJkDhv2/DM+44el1k+1WBO5gUo7Ul5E0u6SNsv+XLTOcr+H9g0cvW0QM8x +AcPs3hEtF10fuFDRXhmnad4HMyjKUJX5p1TLVIZQRan5SQIDAQABo0IwQDAPBgNV +HRMBAf8EBTADAQH/MB0GA1UdDgQWBBQIds3LB/8k9sXN7buQvOKEN0Z19zAOBgNV +HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAKaorSLOAT2mo/9i0Eidi15y +sHhE49wcrwn9I0j6vSrEuVUEtRCjjSfeC4Jj0O7eDDd5QVsisrCaQVymcODU0HfL +I9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1mS1FhIrlQgnXdAIv94nYmem8 +J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5ajZt3hrvJBW8qY +VoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI +03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw= +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 26:dd:d2:2b:46:c9:c4:4d:5a:69:4d:39:80:7e:72:ad + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA + Validity + Not Before: Sep 11 12:00:00 2014 GMT + Not After : Jun 9 10:46:39 2027 GMT + Subject: C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Domain Validation CA SHA2 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:a1:25:63:df:8d:e4:20:07:d9:54:d1:d1:04:f6: + 17:e2:3e:47:fb:c3:74:25:b8:c4:bf:12:12:bc:e0: + 70:d1:39:05:c2:17:b3:f7:82:70:a0:4e:07:fe:10: + 2a:ff:db:0d:46:5e:24:94:a3:8b:45:9f:18:9b:ce: + 42:c4:ae:db:83:33:bc:c2:bb:b4:30:b6:a7:37:87: + 78:7b:48:cb:25:2c:82:bb:0a:48:12:60:76:89:ec: + 8e:cc:8f:1e:52:48:e9:86:02:5a:c2:b0:8a:7c:85: + 3d:d9:ff:60:4f:33:6c:a6:a1:a0:85:e1:d7:53:f2: + ea:27:3d:65:a9:72:c1:08:83:cc:b0:25:9c:11:46: + 24:e0:3e:f4:a7:ef:ed:51:b1:65:93:42:b4:f6:e6: + 86:0a:10:79:32:36:58:b2:6b:a8:dc:d5:7a:1e:9d: + 14:ee:40:e7:b2:46:4c:bd:9a:29:c2:ec:f8:30:c1: + 62:02:2a:e2:1c:83:62:d0:85:36:1a:83:de:12:84: + 29:65:ef:d2:32:be:31:60:42:a8:cf:f8:dd:ea:d0: + 56:47:1d:bd:76:96:24:13:e7:be:d9:99:2b:fa:30: + 64:f1:8a:38:7a:a6:e1:2a:96:02:b0:9d:ba:d8:8f: + 6d:4e:7a:94:69:7d:b0:93:aa:74:e5:93:90:13:fa: + a2:99 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + E5:31:AD:BF:3A:11:96:F4:83:BC:50:3C:D4:B7:90:9B:90:EE:DE:25 + X509v3 Authority Key Identifier: + 08:76:CD:CB:07:FF:24:F6:C5:CD:ED:BB:90:BC:E2:84:37:46:75:F7 + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 CRL Distribution Points: + Full Name: + URI:http://crl.certum.pl/ctnca.crl + Authority Information Access: + OCSP - URI:http://subca.ocsp-certum.com + CA Issuers - URI:http://repository.certum.pl/ctnca.cer + X509v3 Certificate Policies: + Policy: X509v3 Any Policy + CPS: http://www.certum.pl/CPS + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + ba:bf:f0:e1:dd:4d:2b:42:43:64:58:df:64:f3:ff:80:1a:5f: + 56:be:3b:a9:b2:76:f7:54:7a:4c:30:c1:99:24:4b:72:d2:ca: + d4:fa:08:c6:90:de:88:12:ed:f8:90:f9:fc:a9:84:fd:92:f2: + 78:e5:db:c9:22:57:ab:41:30:42:6b:0b:9f:d7:73:33:fb:01: + 67:1c:42:5c:8f:27:67:c7:6e:07:03:8d:0e:96:cb:0a:03:cc: + 3e:f8:87:3c:35:30:cd:18:8c:d5:71:dd:cd:dd:61:b0:13:a3: + 64:46:4e:fe:71:4e:6b:65:e9:14:04:f2:3f:a8:bd:0c:36:3d: + 2a:5d:9e:07:f2:c2:4f:90:c5:5e:4d:18:37:d1:27:28:80:a4: + 36:e5:ca:93:6a:65:0e:f8:93:b9:af:52:58:4b:7a:71:d8:ba: + f3:ef:d2:f3:f6:a2:97:e4:5d:14:02:9a:cb:e5:ae:b6:93:e1: + 23:9f:9b:3f:46:f7:ee:8e:a1:00:5b:66:c3:1e:68:23:86:0f: + 5d:77:ba:53:ad:f9:52:fb:70:15:c5:75:eb:cf:79:ad:49:7c: + f2:76:62:ae:44:2f:c5:5f:51:34:25:41:6a:12:0a:5f:8e:ae: + 10:c4:43:89:35:fd:ec:ff:31:e6:ec:1e:87:e9:3a:7c:29:50: + 45:41:a3:14 +-----BEGIN CERTIFICATE----- +MIIEzjCCA7agAwIBAgIQJt3SK0bJxE1aaU05gH5yrTANBgkqhkiG9w0BAQsFADB+ +MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMgUy5B +LjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIwIAYD +VQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMB4XDTE0MDkxMTEyMDAwMFoX +DTI3MDYwOTEwNDYzOVowgYUxCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRv +IFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlv +biBBdXRob3JpdHkxKTAnBgNVBAMTIENlcnR1bSBEb21haW4gVmFsaWRhdGlvbiBD +QSBTSEEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSVj343kIAfZ +VNHRBPYX4j5H+8N0JbjEvxISvOBw0TkFwhez94JwoE4H/hAq/9sNRl4klKOLRZ8Y +m85CxK7bgzO8wru0MLanN4d4e0jLJSyCuwpIEmB2ieyOzI8eUkjphgJawrCKfIU9 +2f9gTzNspqGgheHXU/LqJz1lqXLBCIPMsCWcEUYk4D70p+/tUbFlk0K09uaGChB5 +MjZYsmuo3NV6Hp0U7kDnskZMvZopwuz4MMFiAiriHINi0IU2GoPeEoQpZe/SMr4x +YEKoz/jd6tBWRx29dpYkE+e+2Zkr+jBk8Yo4eqbhKpYCsJ262I9tTnqUaX2wk6p0 +5ZOQE/qimQIDAQABo4IBPjCCATowDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU +5TGtvzoRlvSDvFA81LeQm5Du3iUwHwYDVR0jBBgwFoAUCHbNywf/JPbFze27kLzi +hDdGdfcwDgYDVR0PAQH/BAQDAgEGMC8GA1UdHwQoMCYwJKAioCCGHmh0dHA6Ly9j +cmwuY2VydHVtLnBsL2N0bmNhLmNybDBrBggrBgEFBQcBAQRfMF0wKAYIKwYBBQUH +MAGGHGh0dHA6Ly9zdWJjYS5vY3NwLWNlcnR1bS5jb20wMQYIKwYBBQUHMAKGJWh0 +dHA6Ly9yZXBvc2l0b3J5LmNlcnR1bS5wbC9jdG5jYS5jZXIwOQYDVR0gBDIwMDAu +BgRVHSAAMCYwJAYIKwYBBQUHAgEWGGh0dHA6Ly93d3cuY2VydHVtLnBsL0NQUzAN +BgkqhkiG9w0BAQsFAAOCAQEAur/w4d1NK0JDZFjfZPP/gBpfVr47qbJ291R6TDDB +mSRLctLK1PoIxpDeiBLt+JD5/KmE/ZLyeOXbySJXq0EwQmsLn9dzM/sBZxxCXI8n +Z8duBwONDpbLCgPMPviHPDUwzRiM1XHdzd1hsBOjZEZO/nFOa2XpFATyP6i9DDY9 +Kl2eB/LCT5DFXk0YN9EnKICkNuXKk2plDviTua9SWEt6cdi68+/S8/ail+RdFAKa +y+WutpPhI5+bP0b37o6hAFtmwx5oI4YPXXe6U635UvtwFcV16895rUl88nZirkQv +xV9RNCVBahIKX46uEMRDiTX97P8x5uweh+k6fClQRUGjFA== +-----END CERTIFICATE----- diff --git a/doc/fw-addr-lists.md b/doc/fw-addr-lists.md index ac34c88..e9a8ff7 100644 --- a/doc/fw-addr-lists.md +++ b/doc/fw-addr-lists.md @@ -19,8 +19,8 @@ Description This script downloads, imports and updates firewall address-lists. Its main purpose is to block attacking ip addresses, spam hosts, command-and-control servers and similar malicious entities. The default configuration contains -lists from [abuse.ch](https://abuse.ch/) and -[dshield.org](https://dshield.org/), and +lists from [abuse.ch](https://abuse.ch/), [dshield.org](https://dshield.org/) +and [blocklist.de](https://www.blocklist.de/), and lists from [spamhaus.org](https://spamhaus.org/) are prepared. The address-lists are updated in place, so after initial import you will not diff --git a/global-config.rsc b/global-config.rsc index 6a37c0c..646eddb 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -101,6 +101,8 @@ cert="GlobalSign Atlas R3 DV TLS CA 2022 Q3" }; { url="https://www.dshield.org/block.txt"; cidr="/24"; cert="R3" }; + { url="https://lists.blocklist.de/lists/strongips.txt"; + cert="Certum Domain Validation CA SHA2" }; # { url="https://www.spamhaus.org/drop/drop.txt"; # cert="Cloudflare Inc ECC CA-3" }; # { url="https://www.spamhaus.org/drop/edrop.txt"; diff --git a/global-functions.rsc b/global-functions.rsc index b1833b1..f890376 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -12,7 +12,7 @@ :local ScriptName [ :jobname ]; # expected configuration version -:global ExpectedConfigVersion 127; +:global ExpectedConfigVersion 128; # global variables not to be changed by user :global GlobalFunctionsReady false; diff --git a/news-and-changes.rsc b/news-and-changes.rsc index 8ddeb91..13a358f 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -52,6 +52,7 @@ 125=("April's Fool! " . [ $SymbolForNotification "smiley-partying-face" ] . "Well, you missed it... - no charge nor fees. (Anyway... Donations are much appreciated, " . [ $SymbolForNotification "smiley-smiling-face" ] . "thanks!)"); 126="Made 'telegram-chat' capable of handling large command output. Telegram messages still limit the size, so it is truncated now."; 127="Added support for authentication to Ntfy notification module."; + 128="Added another list from blocklist.de to default configuration for 'fw-addr-lists'."; }; # Migration steps to be applied on script updates From 545fb5583aee9e8971749a7eab71b4040cf7847f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 May 2024 14:27:11 +0200 Subject: [PATCH 509/908] global-functions: $IsTimeSync: initialize with uptime... ... to make sure the warning is not issued too early. --- global-functions.rsc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index f890376..3800ad5 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -685,10 +685,10 @@ :return true; } - :if ([ :typeof $IsTimeSyncResetNtp ] = "nothing") do={ - :set IsTimeSyncResetNtp 0s; - } :local Uptime [ /system/resource/get uptime ]; + :if ([ :typeof $IsTimeSyncResetNtp ] = "nothing") do={ + :set IsTimeSyncResetNtp $Uptime; + } :if ($Uptime - $IsTimeSyncResetNtp < 3m) do={ :return false; } From ca7a592dfd9f19e07bbabc32d999b604bff0d0c9 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 May 2024 14:15:54 +0200 Subject: [PATCH 510/908] daily-psk: adopt syntax changes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit RouterOS 7.15beta8 came with this change: *) wifi - show inherited properties with "print" command (replaces "actual-configuration") and added "print config" for showing only configured values; While the old code is bad syntax with RouterOS 7.15, the new code is valid for older RouterOS, but produces different (and more or less unexpected) results. 🥴 Let's use the new code, and add a check on the RouterOS version. With old RouterOS this now sends the notification even if the interface is disabled. --- daily-psk.capsman.rsc | 1 + daily-psk.local.rsc | 1 + daily-psk.template.rsc | 3 ++- daily-psk.wifi.rsc | 3 ++- 4 files changed, 6 insertions(+), 2 deletions(-) diff --git a/daily-psk.capsman.rsc b/daily-psk.capsman.rsc index 64e8ce7..985bc47 100644 --- a/daily-psk.capsman.rsc +++ b/daily-psk.capsman.rsc @@ -23,6 +23,7 @@ :global FormatLine; :global LogPrint; + :global RequiredRouterOS; :global ScriptLock; :global SendNotification2; :global SymbolForNotification; diff --git a/daily-psk.local.rsc b/daily-psk.local.rsc index 48e2b8d..185165a 100644 --- a/daily-psk.local.rsc +++ b/daily-psk.local.rsc @@ -23,6 +23,7 @@ :global FormatLine; :global LogPrint; + :global RequiredRouterOS; :global ScriptLock; :global SendNotification2; :global SymbolForNotification; diff --git a/daily-psk.template.rsc b/daily-psk.template.rsc index 5097b00..434410b 100644 --- a/daily-psk.template.rsc +++ b/daily-psk.template.rsc @@ -24,6 +24,7 @@ :global FormatLine; :global LogPrint; + :global RequiredRouterOS; :global ScriptLock; :global SendNotification2; :global SymbolForNotification; @@ -85,7 +86,7 @@ /interface/wireless/access-list/set $AccList private-pre-shared-key=$NewPsk; :if ([ :len [ /caps-man/actual-interface-configuration/find where configuration.ssid=$Ssid !disabled ] ] > 0) do={ - :if ([ :len [ /interface/wifi/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={ + :if ([ $RequiredRouterOS $ScriptName "7.15beta8" false ] = false || [ :len [ /interface/wifi/find where configuration.ssid=$Ssid !disabled ] ] > 0) do={ :if ([ :len [ /interface/wireless/find where name=$IntName !disabled ] ] = 1) do={ :if ($Seen->$Ssid = 1) do={ $LogPrint debug $ScriptName ("Already sent a mail for SSID " . $Ssid . ", skipping."); diff --git a/daily-psk.wifi.rsc b/daily-psk.wifi.rsc index 9d7f285..9b938dc 100644 --- a/daily-psk.wifi.rsc +++ b/daily-psk.wifi.rsc @@ -23,6 +23,7 @@ :global FormatLine; :global LogPrint; + :global RequiredRouterOS; :global ScriptLock; :global SendNotification2; :global SymbolForNotification; @@ -71,7 +72,7 @@ $LogPrint info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")"); /interface/wifi/access-list/set $AccList passphrase=$NewPsk; - :if ([ :len [ /interface/wifi/actual-configuration/find where configuration.ssid=$Ssid ] ] > 0) do={ + :if ([ $RequiredRouterOS $ScriptName "7.15beta8" false ] = false || [ :len [ /interface/wifi/find where configuration.ssid=$Ssid !disabled ] ] > 0) do={ :if ($Seen->$Ssid = 1) do={ $LogPrint debug $ScriptName ("Already sent a mail for SSID " . $Ssid . ", skipping."); } else={ From 169c1ab6e1fce71c50cc4eaadeaae7cc685ee7bc Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 May 2024 15:51:34 +0200 Subject: [PATCH 511/908] daily-psk: decrease indention in notification --- daily-psk.capsman.rsc | 6 +++--- daily-psk.local.rsc | 6 +++--- daily-psk.template.rsc | 6 +++--- daily-psk.wifi.rsc | 6 +++--- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/daily-psk.capsman.rsc b/daily-psk.capsman.rsc index 985bc47..51eea36 100644 --- a/daily-psk.capsman.rsc +++ b/daily-psk.capsman.rsc @@ -81,9 +81,9 @@ $SendNotification2 ({ origin=$ScriptName; \ subject=([ $SymbolForNotification "calendar" ] . "daily PSK " . $Ssid); \ message=("This is the daily PSK on " . $Identity . ":\n\n" . \ - [ $FormatLine "SSID" $Ssid ] . "\n" . \ - [ $FormatLine "PSK" $NewPsk ] . "\n" . \ - [ $FormatLine "Date" $Date ] . "\n\n" . \ + [ $FormatLine "SSID" $Ssid 8 ] . "\n" . \ + [ $FormatLine "PSK" $NewPsk 8 ] . "\n" . \ + [ $FormatLine "Date" $Date 8 ] . "\n\n" . \ "A client device specific rule must not exist!"); link=$Link }); :set ($Seen->$Ssid) 1; } diff --git a/daily-psk.local.rsc b/daily-psk.local.rsc index 185165a..46d03a8 100644 --- a/daily-psk.local.rsc +++ b/daily-psk.local.rsc @@ -80,9 +80,9 @@ $SendNotification2 ({ origin=$ScriptName; \ subject=([ $SymbolForNotification "calendar" ] . "daily PSK " . $Ssid); \ message=("This is the daily PSK on " . $Identity . ":\n\n" . \ - [ $FormatLine "SSID" $Ssid ] . "\n" . \ - [ $FormatLine "PSK" $NewPsk ] . "\n" . \ - [ $FormatLine "Date" $Date ] . "\n\n" . \ + [ $FormatLine "SSID" $Ssid 8 ] . "\n" . \ + [ $FormatLine "PSK" $NewPsk 8 ] . "\n" . \ + [ $FormatLine "Date" $Date 8 ] . "\n\n" . \ "A client device specific rule must not exist!"); link=$Link }); :set ($Seen->$Ssid) 1; } diff --git a/daily-psk.template.rsc b/daily-psk.template.rsc index 434410b..6c67a57 100644 --- a/daily-psk.template.rsc +++ b/daily-psk.template.rsc @@ -96,9 +96,9 @@ $SendNotification2 ({ origin=$ScriptName; \ subject=([ $SymbolForNotification "calendar" ] . "daily PSK " . $Ssid); \ message=("This is the daily PSK on " . $Identity . ":\n\n" . \ - [ $FormatLine "SSID" $Ssid ] . "\n" . \ - [ $FormatLine "PSK" $NewPsk ] . "\n" . \ - [ $FormatLine "Date" $Date ] . "\n\n" . \ + [ $FormatLine "SSID" $Ssid 8 ] . "\n" . \ + [ $FormatLine "PSK" $NewPsk 8 ] . "\n" . \ + [ $FormatLine "Date" $Date 8 ] . "\n\n" . \ "A client device specific rule must not exist!"); link=$Link }); :set ($Seen->$Ssid) 1; } diff --git a/daily-psk.wifi.rsc b/daily-psk.wifi.rsc index 9b938dc..9c28e9c 100644 --- a/daily-psk.wifi.rsc +++ b/daily-psk.wifi.rsc @@ -81,9 +81,9 @@ $SendNotification2 ({ origin=$ScriptName; \ subject=([ $SymbolForNotification "calendar" ] . "daily PSK " . $Ssid); \ message=("This is the daily PSK on " . $Identity . ":\n\n" . \ - [ $FormatLine "SSID" $Ssid ] . "\n" . \ - [ $FormatLine "PSK" $NewPsk ] . "\n" . \ - [ $FormatLine "Date" $Date ] . "\n\n" . \ + [ $FormatLine "SSID" $Ssid 8 ] . "\n" . \ + [ $FormatLine "PSK" $NewPsk 8 ] . "\n" . \ + [ $FormatLine "Date" $Date 8 ] . "\n\n" . \ "A client device specific rule must not exist!"); link=$Link }); :set ($Seen->$Ssid) 1; } From 787ae4440ccc795e82373e80ed5e0266e529374a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 15 May 2024 15:54:12 +0200 Subject: [PATCH 512/908] daily-psk: quote ssid and passphrase --- daily-psk.capsman.rsc | 2 +- daily-psk.local.rsc | 2 +- daily-psk.template.rsc | 2 +- daily-psk.wifi.rsc | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/daily-psk.capsman.rsc b/daily-psk.capsman.rsc index 51eea36..cd5b6b0 100644 --- a/daily-psk.capsman.rsc +++ b/daily-psk.capsman.rsc @@ -69,7 +69,7 @@ :local Skip 0; :if ($NewPsk != $OldPsk) do={ - $LogPrint info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")"); + $LogPrint info $ScriptName ("Updating daily PSK for '" . $Ssid . "' to '" . $NewPsk . "' (was '" . $OldPsk . "')"); /caps-man/access-list/set $AccList private-passphrase=$NewPsk; :if ([ :len [ /caps-man/actual-interface-configuration/find where configuration.ssid=$Ssid !disabled ] ] > 0) do={ diff --git a/daily-psk.local.rsc b/daily-psk.local.rsc index 46d03a8..fbdb784 100644 --- a/daily-psk.local.rsc +++ b/daily-psk.local.rsc @@ -68,7 +68,7 @@ :local Skip 0; :if ($NewPsk != $OldPsk) do={ - $LogPrint info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")"); + $LogPrint info $ScriptName ("Updating daily PSK for '" . $Ssid . "' to '" . $NewPsk . "' (was '" . $OldPsk . "')"); /interface/wireless/access-list/set $AccList private-pre-shared-key=$NewPsk; :if ([ :len [ /interface/wireless/find where name=$IntName !disabled ] ] = 1) do={ diff --git a/daily-psk.template.rsc b/daily-psk.template.rsc index 6c67a57..35fa82c 100644 --- a/daily-psk.template.rsc +++ b/daily-psk.template.rsc @@ -80,7 +80,7 @@ :local Skip 0; :if ($NewPsk != $OldPsk) do={ - $LogPrint info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")"); + $LogPrint info $ScriptName ("Updating daily PSK for '" . $Ssid . "' to '" . $NewPsk . "' (was '" . $OldPsk . "')"); /caps-man/access-list/set $AccList private-passphrase=$NewPsk; /interface/wifi/access-list/set $AccList passphrase=$NewPsk; /interface/wireless/access-list/set $AccList private-pre-shared-key=$NewPsk; diff --git a/daily-psk.wifi.rsc b/daily-psk.wifi.rsc index 9c28e9c..c1f7133 100644 --- a/daily-psk.wifi.rsc +++ b/daily-psk.wifi.rsc @@ -69,7 +69,7 @@ :local Skip 0; :if ($NewPsk != $OldPsk) do={ - $LogPrint info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")"); + $LogPrint info $ScriptName ("Updating daily PSK for '" . $Ssid . "' to '" . $NewPsk . "' (was '" . $OldPsk . "')"); /interface/wifi/access-list/set $AccList passphrase=$NewPsk; :if ([ $RequiredRouterOS $ScriptName "7.15beta8" false ] = false || [ :len [ /interface/wifi/find where configuration.ssid=$Ssid !disabled ] ] > 0) do={ From 51331ea2acd5f5563ed3641090bbb7f2104d3e96 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 22 May 2024 09:26:13 +0200 Subject: [PATCH 513/908] backup-partition: support RouterOS copy-over... ... when run interactively from CLI. --- backup-partition.rsc | 17 +++++++++++++++++ doc/backup-partition.md | 11 ++++++++--- 2 files changed, 25 insertions(+), 3 deletions(-) diff --git a/backup-partition.rsc b/backup-partition.rsc index fc186c0..9eeb1ae 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -18,6 +18,7 @@ :global PackagesUpdateBackupFailure; :global LogPrint; + :global ScriptFromTerminal; :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ @@ -41,6 +42,22 @@ :local FallbackTo [ /partitions/get $ActiveRunning fallback-to ]; + :if ([ /partitions/get $ActiveRunning version ] != [ /partitions/get $FallbackTo version]) do={ + :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ + :put ("The partitions have different RouterOS versions. Copy over to '" . $FallbackTo . "'? [y/N]"); + :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ + :do { + /partitions/copy-to $FallbackTo; + $LogPrint info $ScriptName ("Copied RouterOS to partition '" . $FallbackTo . "'."); + } on-error={ + $LogPrint error $ScriptName ("Failed copying RouterOS to partition '" . $FallbackTo . "'!"); + :set PackagesUpdateBackupFailure true; + :error false; + } + } + } + } + :do { /system/scheduler/add start-time=startup name="running-from-backup-partition" \ on-event=(":log warning (\"Running from partition '\" . " . \ diff --git a/doc/backup-partition.md b/doc/backup-partition.md index ba20657..8996203 100644 --- a/doc/backup-partition.md +++ b/doc/backup-partition.md @@ -18,6 +18,7 @@ Description This script saves the current configuration to fallback [partition](https://wiki.mikrotik.com/wiki/Manual:Partitions). +It can also copy-over the RouterOS installation when run interactively. For this to work you need a device with sufficient flash storage that is properly partitioned. @@ -26,9 +27,10 @@ To make you aware of a possible issue a scheduler logging a warning is added in the backup partition's configuration. You may want to use [log-forward](log-forward.md) to be notified. -> ⚠️ **Warning**: Only the configuration is saved to backup partition. -> Every now and then you should copy your installation over for a recent -> RouterOS version! +> ⚠️ **Warning**: By default only the configuration is saved to backup +> partition. Every now and then you should copy your installation over +> for a recent RouterOS version! For that run the script from terminal +> manually. Requirements and installation ----------------------------- @@ -44,6 +46,9 @@ Just run the script: /system/script/run backup-partition; +When run interactively from terminal it supports to copy-over the RouterOS +installation when versions differ. + Creating a scheduler may be an option: /system/scheduler/add interval=1w name=backup-partition on-event="/system/script/run backup-partition;" start-time=09:30:00; From c26e44ae4673f58a89833c15faf06828e7e2dd3f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 23 May 2024 12:09:02 +0200 Subject: [PATCH 514/908] doc/backup-cloud: fix link for backup-partition --- doc/backup-cloud.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/backup-cloud.md b/doc/backup-cloud.md index be6e06d..1f9e123 100644 --- a/doc/backup-cloud.md +++ b/doc/backup-cloud.md @@ -68,7 +68,7 @@ See also -------- * [Send backup via e-mail](backup-email.md) -* [Save configuration to fallback partition](doc/backup-partition.md) +* [Save configuration to fallback partition](backup-partition.md) * [Upload backup to server](backup-upload.md) --- From 6cbe13a135fe39c097b6a7078506d99eedde2e06 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 22 May 2024 11:58:26 +0200 Subject: [PATCH 515/908] backup-partition: move code to a local function --- backup-partition.rsc | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/backup-partition.rsc b/backup-partition.rsc index 9eeb1ae..a72dd0b 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -21,6 +21,22 @@ :global ScriptFromTerminal; :global ScriptLock; + :local CopyTo do={ + :local ScriptName [ :tostr $1 ]; + :local FallbackTo [ :tostr $2 ]; + + :global LogPrint; + + :do { + /partitions/copy-to $FallbackTo; + $LogPrint info $ScriptName ("Copied RouterOS to partition '" . $FallbackTo . "'."); + :return true; + } on-error={ + $LogPrint error $ScriptName ("Failed copying RouterOS to partition '" . $FallbackTo . "'!"); + :return false; + } + } + :if ([ $ScriptLock $ScriptName ] = false) do={ :set PackagesUpdateBackupFailure true; :error false; @@ -46,11 +62,7 @@ :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ :put ("The partitions have different RouterOS versions. Copy over to '" . $FallbackTo . "'? [y/N]"); :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ - :do { - /partitions/copy-to $FallbackTo; - $LogPrint info $ScriptName ("Copied RouterOS to partition '" . $FallbackTo . "'."); - } on-error={ - $LogPrint error $ScriptName ("Failed copying RouterOS to partition '" . $FallbackTo . "'!"); + :if ([ $CopyTo $ScriptName $FallbackTo ] = false) do={ :set PackagesUpdateBackupFailure true; :error false; } From 16831aa1e8aa0ecb7ba95918e42aae2659530385 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 23 May 2024 12:09:28 +0200 Subject: [PATCH 516/908] doc/backup-email: fix link for backup-partition --- doc/backup-email.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/backup-email.md b/doc/backup-email.md index a506543..3b1dbb2 100644 --- a/doc/backup-email.md +++ b/doc/backup-email.md @@ -59,7 +59,7 @@ See also -------- * [Upload backup to Mikrotik cloud](backup-cloud.md) -* [Save configuration to fallback partition](doc/backup-partition.md) +* [Save configuration to fallback partition](backup-partition.md) * [Send notifications via e-mail](mod/notification-email.md) * [Upload backup to server](backup-upload.md) From affa11816182fa2bff454b3e82df3166c6cdd744 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 22 May 2024 12:03:53 +0200 Subject: [PATCH 517/908] backup-partition: support copy before feature update --- backup-partition.rsc | 13 +++++++++++++ doc/backup-partition.md | 18 +++++++++++++++--- global-config.rsc | 2 ++ 3 files changed, 30 insertions(+), 3 deletions(-) diff --git a/backup-partition.rsc b/backup-partition.rsc index a72dd0b..3c883f7 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -15,11 +15,13 @@ :do { :local ScriptName [ :jobname ]; + :global BackupPartitionCopyBeforeFeatureUpdate; :global PackagesUpdateBackupFailure; :global LogPrint; :global ScriptFromTerminal; :global ScriptLock; + :global VersionToNum; :local CopyTo do={ :local ScriptName [ :tostr $1 ]; @@ -67,6 +69,17 @@ :error false; } } + } else={ + :local Update [ /system/package/update/get ]; + :local NumInstalled [ $VersionToNum ($Update->"installed-version") ]; + :local NumLatest [ $VersionToNum ($Update->"latest-version") ]; + :if ($BackupPartitionCopyBeforeFeatureUpdate = true && $NumLatest > 0 && \ + ($NumInstalled & 0xffff0000) != ($NumLatest & 0xffff0000)) do={ + :if ([ $CopyTo $ScriptName $FallbackTo ] = false) do={ + :set PackagesUpdateBackupFailure true; + :error false; + } + } } } diff --git a/doc/backup-partition.md b/doc/backup-partition.md index 8996203..1cef2c9 100644 --- a/doc/backup-partition.md +++ b/doc/backup-partition.md @@ -18,7 +18,8 @@ Description This script saves the current configuration to fallback [partition](https://wiki.mikrotik.com/wiki/Manual:Partitions). -It can also copy-over the RouterOS installation when run interactively. +It can also copy-over the RouterOS installation when run interactively +or just before a feature update. For this to work you need a device with sufficient flash storage that is properly partitioned. @@ -29,8 +30,7 @@ added in the backup partition's configuration. You may want to use > ⚠️ **Warning**: By default only the configuration is saved to backup > partition. Every now and then you should copy your installation over -> for a recent RouterOS version! For that run the script from terminal -> manually. +> for a recent RouterOS version! See below for options. Requirements and installation ----------------------------- @@ -39,6 +39,18 @@ Just install the script: $ScriptInstallUpdate backup-partition; +Configuration +------------- + +The configuration goes to `global-config-overlay`, the only parameter is: + +* `BackupPartitionCopyBeforeFeatureUpdate`: copy-over the RouterOS + installation when a feature update is pending + +> ℹ️ **Info**: Copy relevant configuration from +> [`global-config`](../global-config.rsc) (the one without `-overlay`) to +> your local `global-config-overlay` and modify it to your specific needs. + Usage and invocation -------------------- diff --git a/global-config.rsc b/global-config.rsc index 646eddb..8a42b81 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -85,6 +85,8 @@ :global BackupUploadUrl "sftp://example.com/backup/"; :global BackupUploadUser "mikrotik"; :global BackupUploadPass "v3ry-s3cr3t"; +# Copy the RouterOS installation to backup partition before feature update. +:global BackupPartitionCopyBeforeFeatureUpdate false; # This defines the settings for firewall address-lists (fw-addr-lists). :global FwAddrLists { From 0a46fb536f929f3248085072979b7acfe119dbd5 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 23 May 2024 12:09:46 +0200 Subject: [PATCH 518/908] doc/backup-upload: fix link for backup-partition --- doc/backup-upload.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/backup-upload.md b/doc/backup-upload.md index f524adb..c44217c 100644 --- a/doc/backup-upload.md +++ b/doc/backup-upload.md @@ -85,7 +85,7 @@ See also * [Upload backup to Mikrotik cloud](backup-cloud.md) * [Send backup via e-mail](backup-email.md) -* [Save configuration to fallback partition](doc/backup-partition.md) +* [Save configuration to fallback partition](backup-partition.md) --- [⬅️ Go back to main README](../README.md) From 33a495beb76f438ba79e56ab8e4872d2df5c4da8 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 23 May 2024 12:18:13 +0200 Subject: [PATCH 519/908] backup-partition: news on support for copy-over --- global-functions.rsc | 2 +- news-and-changes.rsc | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 3800ad5..96ed71d 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -12,7 +12,7 @@ :local ScriptName [ :jobname ]; # expected configuration version -:global ExpectedConfigVersion 128; +:global ExpectedConfigVersion 129; # global variables not to be changed by user :global GlobalFunctionsReady false; diff --git a/news-and-changes.rsc b/news-and-changes.rsc index 13a358f..b20bbaf 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -53,6 +53,7 @@ 126="Made 'telegram-chat' capable of handling large command output. Telegram messages still limit the size, so it is truncated now."; 127="Added support for authentication to Ntfy notification module."; 128="Added another list from blocklist.de to default configuration for 'fw-addr-lists'."; + 129="Extended 'backup-partition' to support RouterOS copy-over - interactively or before feature update."; }; # Migration steps to be applied on script updates From d6648563267a3c807a3b99f14881767b6e9826f0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 May 2024 20:00:03 +0200 Subject: [PATCH 520/908] telegram-chat: convert the message (command) to string RouterOS 7.15beta4 fixed a bug in JSON parser: *) console - do not convert string to array in ":deserialize" command; Before that change commands with a comma caused very crazy issues. Let's convert the message to a string. This does not give exactly the expected result, but mitigates telegram-chat to explode. A command like... /ip/address/print proplist=address,network; ... is converted to... /ip/address/print proplist=address;network; ... and results in: Columns: ADDRESS # ADDRESS 0 10.0.0.1/24 1 127.0.0.1/8 bad command name network (line 1 column 36) --- telegram-chat.rsc | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/telegram-chat.rsc b/telegram-chat.rsc index f8dcd42..f3efd08 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -97,6 +97,7 @@ :local Trusted false; :local Chat ($Message->"chat"); :local From ($Message->"from"); + :local Command [ :tostr ($Message->"text") ]; :foreach IdsTrusted in=($TelegramChatId, $TelegramChatIdsTrusted) do={ :if ($From->"id" = $IdsTrusted || $From->"username" = $IdsTrusted) do={ @@ -106,15 +107,15 @@ :if ($Trusted = true) do={ :local Done false; - :if ($Message->"text" = "?") do={ + :if ($Command = "?") do={ $LogPrint info $ScriptName ("Sending notice for update " . $UpdateID . "."); $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=true; replyto=($Message->"message_id"); \ subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ message=("Online" . [ $IfThenElse $TelegramChatActive " (and active!)" ] . ", awaiting your commands!") }); :set Done true; } - :if ($Done = false && [ :pick ($Message->"text") 0 1 ] = "!") do={ - :if ($Message->"text" ~ ("^! *(" . [ $EscapeForRegEx $Identity ] . "|@" . $TelegramChatGroups . ")\$")) do={ + :if ($Done = false && [ :pick ($Command) 0 1 ] = "!") do={ + :if ($Command ~ ("^! *(" . [ $EscapeForRegEx $Identity ] . "|@" . $TelegramChatGroups . ")\$")) do={ :set TelegramChatActive true; } else={ :set TelegramChatActive false; @@ -123,16 +124,16 @@ " from update " . $UpdateID . "!"); :set Done true; } - :if ($Done = false && ($IsMyReply = 1 || ($IsReply = 0 && $TelegramChatActive = true)) && [ :len ($Message->"text") ] > 0) do={ - :if ([ $ValidateSyntax ($Message->"text") ] = true) do={ + :if ($Done = false && ($IsMyReply = 1 || ($IsReply = 0 && $TelegramChatActive = true)) && [ :len ($Command) ] > 0) do={ + :if ([ $ValidateSyntax ($Command) ] = true) do={ :local State ""; :local File ("tmpfs/telegram-chat/" . [ $GetRandom20CharAlNum 6 ]); :if ([ $MkDir "tmpfs/telegram-chat" ] = false) do={ $LogPrint error $ScriptName ("Failed creating directory!"); :error false; } - $LogPrint info $ScriptName ("Running command from update " . $UpdateID . ": " . $Message->"text"); - :execute script=(":do {\n" . $Message->"text" . "\n} on-error={ /file/add name=\"" . $File . ".failed\" };" . \ + $LogPrint info $ScriptName ("Running command from update " . $UpdateID . ": " . $Command); + :execute script=(":do {\n" . $Command . "\n} on-error={ /file/add name=\"" . $File . ".failed\" };" . \ "/file/add name=\"" . $File . ".done\"") file=($File . "\00"); :if ([ $WaitForFile ($File . ".done") [ $EitherOr $TelegramChatRunTime 20s ] ] = false) do={ :set State ([ $SymbolForNotification "warning-sign" ] . "The command did not finish, still running in background.\n\n"); @@ -143,7 +144,7 @@ :local Content ([ /file/read chunk-size=32768 file=$File as-value ]->"data"); $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=true; replyto=($Message->"message_id"); \ subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ - message=([ $SymbolForNotification "gear" ] . "Command:\n" . $Message->"text" . "\n\n" . \ + message=([ $SymbolForNotification "gear" ] . "Command:\n" . $Command . "\n\n" . \ $State . [ $IfThenElse ([ :len $Content ] > 0) \ ([ $SymbolForNotification "memo" ] . "Output:\n" . $Content) \ ([ $SymbolForNotification "memo" ] . "No output.") ]) }); @@ -152,7 +153,7 @@ $LogPrint info $ScriptName ("The command from update " . $UpdateID . " failed syntax validation!"); $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=false; replyto=($Message->"message_id"); \ subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ - message=([ $SymbolForNotification "gear" ] . "Command:\n" . $Message->"text" . "\n\n" . \ + message=([ $SymbolForNotification "gear" ] . "Command:\n" . $Command . "\n\n" . \ [ $SymbolForNotification "cross-mark" ] . "The command failed syntax validation!") }); } } @@ -160,7 +161,7 @@ :local MessageText ("Received a message from untrusted contact " . \ [ $IfThenElse ([ :len ($From->"username") ] = 0) "without username" ("'" . $From->"username" . "'") ] . \ " (ID " . $From->"id" . ") in update " . $UpdateID . "!"); - :if ($Message->"text" ~ ("^! *" . [ $EscapeForRegEx $Identity ] . "\$")) do={ + :if ($Command ~ ("^! *" . [ $EscapeForRegEx $Identity ] . "\$")) do={ $LogPrint warning $ScriptName $MessageText; $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=false; replyto=($Message->"message_id"); \ subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ From a97820d12a5833bce5160da674e5085b2882b53a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Sat, 25 May 2024 19:55:13 +0200 Subject: [PATCH 521/908] telegram-chat: drop extra parenthesis --- telegram-chat.rsc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/telegram-chat.rsc b/telegram-chat.rsc index f3efd08..0fd8a06 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -114,7 +114,7 @@ message=("Online" . [ $IfThenElse $TelegramChatActive " (and active!)" ] . ", awaiting your commands!") }); :set Done true; } - :if ($Done = false && [ :pick ($Command) 0 1 ] = "!") do={ + :if ($Done = false && [ :pick $Command 0 1 ] = "!") do={ :if ($Command ~ ("^! *(" . [ $EscapeForRegEx $Identity ] . "|@" . $TelegramChatGroups . ")\$")) do={ :set TelegramChatActive true; } else={ @@ -124,8 +124,8 @@ " from update " . $UpdateID . "!"); :set Done true; } - :if ($Done = false && ($IsMyReply = 1 || ($IsReply = 0 && $TelegramChatActive = true)) && [ :len ($Command) ] > 0) do={ - :if ([ $ValidateSyntax ($Command) ] = true) do={ + :if ($Done = false && ($IsMyReply = 1 || ($IsReply = 0 && $TelegramChatActive = true)) && [ :len $Command ] > 0) do={ + :if ([ $ValidateSyntax $Command ] = true) do={ :local State ""; :local File ("tmpfs/telegram-chat/" . [ $GetRandom20CharAlNum 6 ]); :if ([ $MkDir "tmpfs/telegram-chat" ] = false) do={ From e35ba4b06ce300b698a8bf684503437961e1343a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Sat, 1 Jun 2024 23:06:24 +0200 Subject: [PATCH 522/908] global-functions: $CleanName: no exception for dash... ... as we still want to deduplicate it when it is inside the input string. This also unbreak certificate import for "Go Daddy Secure Certificate Authority - G2" (and more)... --- global-functions.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 96ed71d..447d6e9 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -229,7 +229,7 @@ :for I from=0 to=([ :len $Input ] - 1) do={ :local Char [ :pick $Input $I ]; - :if ([ :typeof [ find "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-" $Char ] ] = "nil") do={ + :if ([ :typeof [ find "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" $Char ] ] = "nil") do={ :do { :if ([ :len $Return ] = 0) do={ :error true; From cd4ac2c0881f92327ce173f2294b066ca4bc2ba2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 5 Jun 2024 14:50:55 +0200 Subject: [PATCH 523/908] backup-cloud: log note on previous connection errors --- backup-cloud.rsc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/backup-cloud.rsc b/backup-cloud.rsc index 88dd345..8f5575e 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -66,6 +66,10 @@ } while=([ $WaitForFile "tmpfs/backup-cloud/done" 200ms ] = false && $I > 0); :if ([ $WaitForFile "tmpfs/backup-cloud/done" ] = true) do={ + :if ($I < 4) do={ + :log warning ($ScriptName . ": Retry successful, please discard previous connection errors."); + } + :local Cloud [ /system/backup/cloud/get ([ find ]->0) ]; $SendNotification2 ({ origin=$ScriptName; \ From 0a085e6610aadf546b936076f6e3ae68538b1cfa Mon Sep 17 00:00:00 2001 From: netravnen <1938389+netravnen@users.noreply.github.com> Date: Mon, 10 Jun 2024 10:53:17 +0200 Subject: [PATCH 524/908] check-lte-firmware-upgrade: omit once Omit `once` from the `/interface/lte/firmware-upgrade` command to make sure it does acutally return a valid result. --- check-lte-firmware-upgrade.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/check-lte-firmware-upgrade.rsc b/check-lte-firmware-upgrade.rsc index 3a25f83..5ea094e 100644 --- a/check-lte-firmware-upgrade.rsc +++ b/check-lte-firmware-upgrade.rsc @@ -44,7 +44,7 @@ :local Firmware; :local Info; :do { - :set Firmware [ /interface/lte/firmware-upgrade $Interface once as-value ]; + :set Firmware [ /interface/lte/firmware-upgrade $Interface as-value ]; :set Info [ /interface/lte/monitor $Interface once as-value ]; } on-error={ $LogPrint debug $ScriptName ("Could not get latest LTE firmware version for interface " . \ From c2dd9de9b1789c81f2a7db14f5dbba87d5881286 Mon Sep 17 00:00:00 2001 From: netravnen <1938389+netravnen@users.noreply.github.com> Date: Sun, 9 Jun 2024 13:13:59 +0200 Subject: [PATCH 525/908] unattended-lte-firmware-upgrade: omit once Omit `once` from the `/interface/lte/firmware-upgrade` command to make sure it does acutally return a valid result. Fixes #69 --- unattended-lte-firmware-upgrade.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/unattended-lte-firmware-upgrade.rsc b/unattended-lte-firmware-upgrade.rsc index 904f952..ba22c6f 100644 --- a/unattended-lte-firmware-upgrade.rsc +++ b/unattended-lte-firmware-upgrade.rsc @@ -10,7 +10,7 @@ :local Firmware; :local IntName [ /interface/lte/get $Interface name ]; :do { - :set Firmware [ /interface/lte/firmware-upgrade $Interface once as-value ]; + :set Firmware [ /interface/lte/firmware-upgrade $Interface as-value ]; } on-error={ :log debug ("Could not get latest LTE firmware version for interface " . $IntName . "."); } From 9c899f871d672d599564d94911abcabad0ea069b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 10 Jun 2024 18:10:22 +0200 Subject: [PATCH 526/908] backup-cloud: remove trailing spaces MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit How did I produce these!? 😳 --- backup-cloud.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backup-cloud.rsc b/backup-cloud.rsc index 8f5575e..697ee95 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -69,7 +69,7 @@ :if ($I < 4) do={ :log warning ($ScriptName . ": Retry successful, please discard previous connection errors."); } - + :local Cloud [ /system/backup/cloud/get ([ find ]->0) ]; $SendNotification2 ({ origin=$ScriptName; \ From 2166f262c8aed8b30560e37ea01c458567892a52 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 11 Jun 2024 21:07:17 +0200 Subject: [PATCH 527/908] unattended-lte-firmware-upgrade: omit just another once --- unattended-lte-firmware-upgrade.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/unattended-lte-firmware-upgrade.rsc b/unattended-lte-firmware-upgrade.rsc index ba22c6f..af2b6e5 100644 --- a/unattended-lte-firmware-upgrade.rsc +++ b/unattended-lte-firmware-upgrade.rsc @@ -28,7 +28,7 @@ /interface/lte/firmware-upgrade $1 upgrade=yes; :log info ("LTE firmware upgrade on '" . $1 . "' finished, waiting for reset."); :delay 240s; - :local Firmware [ /interface/lte/firmware-upgrade $1 once as-value ]; + :local Firmware [ /interface/lte/firmware-upgrade $1 as-value ]; :if (($Firmware->"installed") != ($Firmware->"latest")) do={ :log warning ("LTE firmware versions still differ. Resetting again..."); /interface/lte/at-chat $1 input="AT+RESET"; From 1e1c9be94522a6dfe24440321950c3dd0b2256a8 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 11 Jun 2024 21:09:06 +0200 Subject: [PATCH 528/908] unattended-lte-firmware-upgrade: drop the AT reset The AT command to reset is specific to modem. So this worked for some only... Let's just drop it, and update the log message. --- unattended-lte-firmware-upgrade.rsc | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/unattended-lte-firmware-upgrade.rsc b/unattended-lte-firmware-upgrade.rsc index af2b6e5..a8182e5 100644 --- a/unattended-lte-firmware-upgrade.rsc +++ b/unattended-lte-firmware-upgrade.rsc @@ -30,8 +30,7 @@ :delay 240s; :local Firmware [ /interface/lte/firmware-upgrade $1 as-value ]; :if (($Firmware->"installed") != ($Firmware->"latest")) do={ - :log warning ("LTE firmware versions still differ. Resetting again..."); - /interface/lte/at-chat $1 input="AT+RESET"; + :log warning ("LTE firmware versions still differ. Upgrade failed anyway?"); } } on-error={ :log error ("LTE firmware upgrade on '" . $1 . "' failed."); From d01362dbaa352efccf4d64a5e0404b2d43060cd5 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 11 Jun 2024 21:12:46 +0200 Subject: [PATCH 529/908] unattended-lte-firmware-upgrade: check on valid version first --- unattended-lte-firmware-upgrade.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/unattended-lte-firmware-upgrade.rsc b/unattended-lte-firmware-upgrade.rsc index a8182e5..7ce4028 100644 --- a/unattended-lte-firmware-upgrade.rsc +++ b/unattended-lte-firmware-upgrade.rsc @@ -29,7 +29,8 @@ :log info ("LTE firmware upgrade on '" . $1 . "' finished, waiting for reset."); :delay 240s; :local Firmware [ /interface/lte/firmware-upgrade $1 as-value ]; - :if (($Firmware->"installed") != ($Firmware->"latest")) do={ + :if ([ :len ($Firmware->"latest") ] > 0 && \ + ($Firmware->"installed") != ($Firmware->"latest")) do={ :log warning ("LTE firmware versions still differ. Upgrade failed anyway?"); } } on-error={ From 76dd069fa653ad9ed8f100f71124fc5027b159df Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 19 Jun 2024 08:56:07 +0200 Subject: [PATCH 530/908] Let's Encrypt changed their intermediate certificates https://letsencrypt.org/2024/03/19/new-intermediate-certificates https://letsencrypt.org/certificates/ But let's keep the old ones around for now, as some sites are still using the old intermediate. --- INITIAL-COMMANDS.md | 10 +- README.d/01-download-certs.avif | Bin 4420 -> 4578 bytes README.d/03-check-certs.avif | Bin 12089 -> 12118 bytes README.md | 14 +- certs/E5.pem | 119 ++++++++++++++++ certs/R10.pem | 231 ++++++++++++++++++++++++++++++++ global-config.rsc | 6 +- global-functions.rsc | 2 +- 8 files changed, 366 insertions(+), 16 deletions(-) create mode 100644 certs/E5.pem create mode 100644 certs/R10.pem diff --git a/INITIAL-COMMANDS.md b/INITIAL-COMMANDS.md index 4a12197..889192d 100644 --- a/INITIAL-COMMANDS.md +++ b/INITIAL-COMMANDS.md @@ -17,13 +17,13 @@ Initial commands Run the complete base installation: { - /tool/fetch "https://git.eworm.de/cgit/routeros-scripts/plain/certs/E1.pem" dst-path="letsencrypt-E1.pem" as-value; + /tool/fetch "https://git.eworm.de/cgit/routeros-scripts/plain/certs/E5.pem" dst-path="letsencrypt-E5.pem" as-value; :delay 1s; - /certificate/import file-name=letsencrypt-E1.pem passphrase=""; - :if ([ :len [ /certificate/find where fingerprint="46494e30379059df18be52124305e606fc59070e5b21076ce113954b60517cda" or fingerprint="69729b8e15a86efc177a57afb7171dfc64add28c2fca8cf1507e34453ccb1470" ] ] != 2) do={ + /certificate/import file-name=letsencrypt-E5.pem passphrase=""; + :if ([ :len [ /certificate/find where fingerprint="e788d14b0436b5120bbee3f15c15badf08c1407fe72568a4f16f9151c380e1e3" or fingerprint="69729b8e15a86efc177a57afb7171dfc64add28c2fca8cf1507e34453ccb1470" ] ] != 2) do={ :error "Something is wrong with your certificates!"; }; - /file/remove [ find where name="letsencrypt-E1.pem" ]; + /file/remove [ find where name="letsencrypt-E5.pem" ]; :delay 1s; /system/script/set name=("global-config-overlay-" . [ /system/clock/get date ] . "-" . [ /system/clock/get time ]) [ find where name="global-config-overlay" ]; :foreach Script in={ "global-config"; "global-config-overlay"; "global-functions" } do={ @@ -34,7 +34,7 @@ Run the complete base installation: /system/scheduler/remove [ find where name="global-scripts" ]; /system/scheduler/add name="global-scripts" start-time=startup on-event="/system/script { run global-config; run global-functions; }"; :global CertificateNameByCN; - $CertificateNameByCN "E1"; + $CertificateNameByCN "E5"; $CertificateNameByCN "ISRG Root X2"; }; diff --git a/README.d/01-download-certs.avif b/README.d/01-download-certs.avif index b27b23b8ca7990d261be1e4b23349de6d493f767..b543aff2848235791b59fc0805e850a748f17a23 100644 GIT binary patch delta 3558 zcmb7^XEfUlpvDuFnpLBAYOkV3YS-Sei4}XR(V$kTzfr9ff}+%_t;AM>ic;H)8Z~N^ z*u;2C?Yi&h`{AB*&v|~Ip7T4;x91!88V@?0o&^LV9Rd-7Kp^mcL4ZKyU1=$i;1?Ox zU>zdb)C^0oESNU~4b}!jGv>ezVBV%gq7g9gaQ`&N*B!#1KiHgTyv;NsjINeYFeLY_ znS1_Wlb9pPmw=hv2Kodlb=d=+OT5o3D2aKAj}Z^utk3>t(}NiBYk$4Q+&`ldO6)i4 zamoY!nZ6yF1k*$*6jHAvR655jh;s+4_oM@m*HE+Q07rT~br$KU4C(pRg(93iAHM z=0SIwuhK{^jXv=0=5QrSHa!%nb^-h*4a3NuB3qz8Xb0F)H*W*om4fJ&+>Gf;!C81t z^sCUS6Al}C$swTHh@pO%JF0fZ9F=Y`er6=c`N|3sZi~C3zR5eX3+;!cyGusw27e}% z47d~^Dmk1x+a3?+fRF!>h1021-+X#bVv zxHVhg{jRu4?uOy>qMi>m-w9&y+qJ9e!5f4 z)I>T?(1lCl{lP=vb$7R%%UIyWbg<3aw+|Lyb!Y|`V&8a>C#Uo^<+%nOS}_=t8Msx4 zhKX>?-mU=)5QESZ0qtoRjVtO-fc4*i-qbQlqv7mk@T|k#Iz4suUf_mkV-(9JK zxa#cUDEXOLMKK7Aa=k+Ytl2f@?$EBh#MfO_fmFRZ{_52_KrFOqVu{XJ#{=EOLwbP> zaiuPc-pXj5BFp{HwV3IYZWZC0&|7HcVpgm<#Env;Ly*#_PRD=4{mpvUs7WUmbVQqF zkKC*uz~Zw!@WC4+!Tn=o$mN!y?s_}Xw;+d?t}-^} z$ewX$d;j!vmsUAhW`QZjY)y}S7jL_p{jJMRUvJ!(T+RHzx=Poco38PKO){CNAa#EWS!7|1%--$NCvc5}w29S-bzW2aWkW_?`S z8;`~kE#Ty+Hs7-NLBdy(mnU_~-fS(NGZ+tQ?rKhnym}|Jb|p_5jH6|bwm}`K>sut; zDloM-c)eT0KH^;v-}G!Yi%_YQRBQm*43v5(_0Q->9TE>tDVkSIbwls#GC{@~>7W{y^zP1QSOR0S(>6EaS&COMCLsAB?>lE-szg>py!E#4Nlb z+Gg}e+Wz~YWJi~Z-xx3+dOr*}O5M@kT_xNV)uGQgXcfDwRKqY29x>w zelOgybz^`tFqmk9{=WdX^K>8za#_AcB_B?%qDe_CwZ1FS5>(xJdATcA!Atpwnl38M1H=9p<{8Hfd$2cvDX_Vr6zvr?VQ6`%7y!_R|T}iJLsO|o)T4Q zy8Ghi!n3sQ0=$1{FI(TvWbkQ&lGu9CLkRJI`QTDO_8*|}wm{S2mxV(9075)v))E3Y z^s*{>?drG`10L)}U$+a&N!~eSjKdiP^WEiJr)NJ|I#`i;!{TrR-|j6-_^5ThA|7%L zZw@C{P`zBjJzCah`0!{rzfo*r(21UWJZFYER_)ryE*8obh1+5^aM9e5 zX8x+S?L;H)xz zl2RZ#X+9J=dQ#Y0;YkwJ5Z;8@2$__=DqX#oZE=eu%SO);i5jPP9MmK}*Dl?3l$s$a z?AAXyp?zw)(Rf<3m3*EGxAOC0A9@{xOz)34eWGK3x2UjlM5S4;|CLmv$Jt$mN=d@x zEz?WXKb4zl9vE2hymeXOQ4{nUz=W*Z2ic!S$U$!6)#)xKqH7v#?9K}iRhJsNH%0~7 z3bry=4rB$IM_e6o*Hu3@ZUhGLg6%4Nk;c(CA?;6*teG@-aqF-4Yo}9(B1n+#=>j!cz89^jjwuD zr>xd5+Kl)q_0$e2V~bxp8;(S9@EIoIp76m}$lA}&#d5VDr-lK>gRZMye5{aoAA~u{ zxWd)d^VE2Y)5dX!H|oKFEX?pSL*?{4v_q7fIKM-r9~K!g?_xvKvlqwwih(~)#;IgZ zCfK8qdytg~OukO(wuPErNLMu@9fNs`+?7*iOE4(4TLjNpEPW+Wj#c-2a{w`&<)MoekXi!K0(Lqw;3(ATAdx)u3m ziJ9(met6rB==6?;!i&Ae`%UooNr>G`y0t1|>J56$E+e&Qb}xE*9}mOf0shx=n-QhSc7s4m}OJNw@>j0PE*O!igcQ&ulbGWqPfoaO}&F4k!?I8@B)^Uw(KZ*Qvh|7nm+BwBS~ zY(r+@8TzeI_2HO1+@%P#3ja=DzJS-qj=hh5g~nqrZ2Jr6IcdkyYOr=1)Z$FiHILbIlR ztn>*~wOmlqug$mCyG_XAD*YxKR@G-TZ5Tvlev23Ki1#^eur(!7rbkBH?r~J{6V7n? zS4EUNkVk^2e!@8RHeYReEp@!-#4tQ^qI;~Hma|P?~MVfx4; delta 3399 zcmb8ehdUGw0|4N=!`;s~WMp&MBU#~a_B<*hIh^%#vLbsXheR&>%FdNsAxFrF$mZ-7 zWy{V!r>ywCKjHhH=Y4;QbPA_GV#fmjbX5Ql0002~7a9OyfM=ve1LN^fpb3cO0FMH~ zfztSNpfRul{~cHbl&-;n`hi%x>pSn8?6NzuZ?VBw|4vJ$xgd`baEl#relfFG-neMKrOAKTy>{RgK+Mz|SwFgCwUwEb?@2BIyOEC_Mnb@FR+bI?8=LI4*!TDr5=dDB|uA#5AyI#OB`WV%5<%G*}({sFUX8nnm zoB6!acODq?Ro&KZZsuG_W>JhPwf`$rm-a)+<`ha15&xlkmG;4RU=x14va;@WP3f`5 zj>VPNvwsU@B3g%Ll6t$fqA)zeOAaIs;OORbVuCLfTUoQ<6~=`U>&Vsj*4nwpaz!hxHO_osZ8`Tle{ym)d=dDV{7n#9~)v{eX zeiwehvZt+74U;a}iqa+9%rRszGNseE;00kLJn0e zR?*!CtN3vlvK#ZAe`k4IWd2RzC7?s%ZW4*=mDNK~7POID;JdRO8B!6618fki_Nif6 zd%ndVpW5akW@|8>0Dwd3x@ackA$)CRnh?*y=t)g-;(VFYSDff?1g7_ifiE6R#X6*L z04G(5O9pYmc|P4X#<)8`jZk%|^;Kr`tP?Cv9E-ykvh-MYDf7x(N9oLN6;#JHh1b7q z*O|+8)Br*i5vGzfWsazJD-%(IZcfze2+O`!DW1IskK|AY3}5igc}Et6HlaO5+Km{! zCyQCfUXvTzE_l;}NDirp#sL<-h4{+dMg8#1dYZ?Ecy8dBuTQToKV(L82>{Zh)?$lK z6Jv{VIXtI=ieh*s-7OY$&>~|Eza&9B#97dRSWEn^XYhL#5C;laX}^P1K6sshhF$ROI&M}@W!lJ7CefH zw4QFBPmv||KIv*Cjw|G1a7NkgV`h>XiPvzi5l1W3F2L<2xw?qPxam!cS)p1s*rS*? zd`$8>4vNdE{-1lIY?{2our`8xUz&V*d1PbKZ*GMXFT8NO+-W?tv4m2@+GnURW%PzJ zd^ew@qy+$r}DMHT0KW~Di2NXuE zFnfZ`UO7!ZR$rU-^6x>6pA;?Ku`_-TBlO1ZOlephSL)2wX)~a)jr977?$+)WL2)3L zP$Bcc+W`|65K9SM@J`pxxi($Rs}s*v8jZJ7Pbk!N_z~cUjA-Vt02==9!Dq+XckQwe z?YfexpjK!fcLcxXWPbSZf{}BnmK9=Chcf*Uw;1}R2A5oSJ9WC8SJwvh3;mr zzA2sneTy=kfkZsnEffuY3Z{Sb2vqa-kJ$H3z#rKDnxFzAWMuMk)HgVSwuk~ry-(>z!sui}%}LN(dX z*XsOunlHazIRF5rRDV)g!OJ>n4=yj`&2#lkZdeB!TLq5D+QkdglszsrVMY2I`wYl? z6Yr#}sFA0pQZ9_=j3}NK>zsPO6AUjJ*Vk4~2Ca+IG)u~^Zyl6Ijc;K;oF`jhDwXx~ z?{Alr6V;>1=nr(z?5FB?TxXaI;JJWLNZw zu(Ra{?rYWTf1l&+t-uX@sZ(xm$EpN&rcSLgh4||A-E7B-V|n*&8%d;E9Kbk7tzellR6Nj+ZO)mj}<#)+$cJ4*f3VH`J`rDyXLG^w#uyxdmL)TjHc z({XThgz$SNVi?(wkcm0Pinrz#T&HqgdSBSh&1Y=BcP$`GY{MKjoU7V+=61d8Sk`(Tnx#A)dl_V=q+l~-Y5bk1#)=lB2o-M#8j z3Wd01C0SCdd^E6;!ij_X6;S(Q1tUkSVBe{7l)44&3daHagLrZ;r~8g4Idu(0{R zgvbwMM}vlR--(=&-W8=@3&x{ArNa4HGH{R(We4KlWSO^wN3^^ z0hAD@GRRl?#&nlNOlOaeTIvd2#>(#W7iH)E(uYDLCV~`kVS3@JrvutfjIBF&2C2{k z-9>5VdpPj1)1-Yfr|4;3Or78b)@5USNL5lE%5E9lC-b9MQw`EG^toO~#UOH6$-rL2 zDP>jo0K00?KBI{fW%&I;k1j3xs{h$jeUIg8EE!mBe-#SOV^`4D>J>uR9?IomRHyH5 zdzC$)BB{PI&|Iu~iJ$1%f&6Rj7&XmB=uFGS#G;F{1lz3Q&&me($QvZa^*WQtvD+vX z+9%=iO8!UbQB{v2j@4Th<8@!U_Y&g-9@u_U!itS_@@~mzdCggYURbbCa?=*RE`yXw zZTx!0?Bqf}=3Vyh-vvO0u##=0Lk{YM`kc~bB?qIZ^iOrW#3)fFNX01eA_ z#_sgsFJ(+iZdPXe!*-K%c(`!hw3n0E%3Zz9bXZbW8p50HY&-<3s+IJupfB^7(UUr5 z?MDJ$*5?mPD8Z?xXM5B|MBHWLE25ie+BF+4IV0lmE{J|fUp(jRobw-Dxt^`PtG2T$ nb&RY?1~z?HTCUKYv`g!M>Dli^*klbt=|>f6+jrmZQ%(K@0ZD3K diff --git a/README.d/03-check-certs.avif b/README.d/03-check-certs.avif index 0477c398b41b439ec6eff03c8bcd2357f2637857..f24c6b567a0696bfd30899f66157ec7c23248212 100644 GIT binary patch delta 10014 zcmV+(C*jz+Ue;cadlPj402bi@0ssI20RR92TL1tT8j+620xkoSR{?+lkh9nU4h4Ve zIv%g7*;%!QlN@n8AV|m{j7UZZYzD~V8Oi**R#4G3CXKJtNR_SPQ3C*gksv@bv~osy z&N0njx7M$c%F$O|^3n+N96Mtr9H|^<^5@sDHDgA1I()ugj3KrLa>glQT$aN8z_IlM zr}uI>7_OL9igux406e#+^?EUNxe4w;4X3xL55yW9G^o{wvIHd zG8r{ZC6jSG+2&AN88`!WRO1|AbgP~ul34tSM~dLp9Vae4sL&MPWrsZd)%knzRxhlq zb^FA%ZxbmfQGgpOf38g%*uZ(nmk3P zvb^d(&V15NazP|#*B_CsO9$}mWG&{0b#Q!?QX`Rv?*Ji~ko^k+dJGD)KZUHV=eM{2 z0EC(cxsGLpB1lxUWR_!}pNtT5=uI*WCrW~Q%T@6_f4PYY%n?F1L1Lg5JI^@kFi(1z zQiZKH{!Eodi&m4D-{?Ih@T`Bbg@?me@31g%CS#HS@4M^Axcq9`9T{MdUHEeGr1ObJ zjLDBLi~=`(@4e5dA4-PceS=k7J1uD%+C}poMJTa(&xR8J4ozwxJu6t&! zMJ2-N_V7*Nn})d-@*}_YTJCuZu~rR^z^Lec@4ZmdH8;|(r?!t+A_#4q$0R6#yM5q+ zm>dG!_vX6fYwNp(Yfl_U<;12!S~%ayP+OKG1Jv~XA=ZFu|j{{YBu5jsglZN9wU zF7l;|Juzs6G1n zReNbIR^LDJE#l{WZEm_d{zoTe;q6ON-S#+AQn=m($O>c=gOYzS!k@~Wf8m{DOtUw4 zcAi`Twr}%Mx#`dnYW|0EEp;Jl2C^+p!7nY-s+EnESb#yuVsb`9W9IK&Gq#he=;j;m z6-?$y1IrW7A0&lr#oM{JV5hZT9@jdH?whJ7yQdJMOgo?st}rIeBkaoPX$3ZT$7MaeQJbx{pOoM z?j?7+*8?%!ccsKbE?v(&WP$+a-_obvxmsA^D6ZP;!hRexs@nLb1&x7i@|0|RqmBsV zo!{3TPIjZA=(ai}v%{@NcY3V55;jl>ILO<{<0R)lg;6I-6uP7~>mjnWnM8K#5-XI5 z?O2(6pdf!X8MBZ%7$&DEF9mMg;CphuVr_HK7 za_X9`sLXy#p_|NT!ahg`cL3wC?~HRxt=wt$aXMM}w^O>AfjIk9vXQm1oGvm*QH=4Q z#(+1Ie7c;X+r#=t+e^z9`0fLdC(0Y7eSUGDqjZ1dn-X2>=G)1eLbJF-bmmXr;01D9 zYXXBR7C<=9-RY1;dGGd(z_qaZ4zGAFCEPAyib+fPjU#-(a1K{zLy~Kt@VJSuS@p}E zU&@krL{c!gR+2HizTYo7V0Mv{(>>?|de#kE!#L2a76_o342?JhF8$vw)EjfVrre#q zyVZZVms?GuZ5Gn<(q=N49(4c!C1MWs1OdHIpz?)aYu{&0a{2TfTJ7=yf(3cR+lWCX z;OYs^3G2~DdI3;RcdN_&p0?BLO5bNcXlRVi+ru#676Tj(ha8`!0Cd*Z8ruDm%lj%K z43VM)yZ|z?F+7zl237gUBZVC~exZHjX*YjYcX}?G_Hs_F;M}uqW>JBIA0I9;=m`4O zUxs!}9zPNdVWacV!yy+W?F#3jk^u}5j-+ll&1>qGeiriOjt11`fJ)_{nk%!o>>?x1 z0LCL;K_}P@&<8qvc+pF4vgr1~A&r%xjethVARoeb0Z$n}dmXAD_)bXq7fu2#t@3}F zK`hKLS&3Y?Q`f#dDgHFJ@YS?RG`E!B8FInWWj~fK37lny{nC+yvFT)4!&<1 z+uSs!Z5&9lXDago0N$(s8!>^m@y|J{w!abMv_wSFBV|bZunfb2jCMdc?de<{6vTC} z;~NPjF5Vop*vzi+hET4-TxEvNd3=BV0J=Bvjxec`#j366(06F70?Oc@= zlcNTbu@z~?tGxI7zay`>@m7lSszc$+NbSVR%^`^ljDtBC#sMUb{9>VB7TJHT&D$@B z?AG3B)l%I;g+d43KQGPCJoLqK)KdDrKk2h2g{9l^X2z+mE%e@HwUkz5DxfKi$`k+q zU;*em(izxG2`2Gyi2IGC?lLlvE^9-cR5lCB@a!bxAo5z zMNrP(4+!7)`y0m*uQ!x6b)ULdT#`IVE%KxbISb!f}5RLKY1nB6W6< z6`yLE2*%guyIHqQVwwOp@+(CG#S= z2ju8N?D`*S6UO$)%m#mhZqc+JNmg)hIL6VpXc-wJZV5kyanw);Zy%4XAoBjr;rMOD zXvm@|RAVF)&dl{6j!(8S_1_cQ>vl;I(xZmqPyBob1&GdZ_d&qt01!Fv#dDNU2cme7 zTGhNUb7N^VI#t6<0^Tf%6qy^tE;3uM2dAm^IkVxNcUkd;)#iVl4YrGJ1SWY5kUrK1 zL{dKYecd~Zj`hoGPogHGpYbfcv$uO31(GkH%p{Q@1%_7`$33W4u#Zx?Tg@8cAli8H zVq0^SkOgLtsbTW*Cpqc*0C&3AgZ0Zf(_MSLI$3n`nu5gyQn6yB00`aFG4?s@?N|}~ zWbrIXZi{cG;ub0m#7;Nh5r)I`=QtST3gJzy?@NCpwc6Fw|HAsn%wLR#@(5jww>7dvB@#x>UwcjZs5>7tC>^6ddw;VeC=r4 zV;e{W{P-9oepCUcto%9D_1$yrGHVtROEB0>2*p>+1qkX$!HnnMK8GAWq;Y_2pc>90KLm|)N_H?p`s7?My2ux z{32SpA=i4vY+E2>E0X-@2hiexJno9_Onx77S|1N;!ZiRAZA)Y4U-tXqhdJbrdb&@A zCtw%CTEHS4ke2LuAgFJ@(|77Ur~}SuuI?*84#g#*9vau2@7Uru_Qzw# zLVuAiiqKrVz8BP$7hn$+s~vzwyRu8*9oauZCgzCAQ%R zTxsK159V7qj5aaP&yj_ z5N9R(6_jV(cg+BBbXR(bqemo&d?l(pN&(*X>>M$6Cpc_lXa>oapZ|#HmAHt{EGzmPw zo*LGQmPbvnHgLhP3E$AB)K=Gu652gjEv}n$r=W>*4a7z^EzVBTP6y-K zv1kCIiYNf0iYNo6yVKWEHj-RxwrmpK6d&r)qLdA{3VGUCuQ)s!A5ST9EW=*0X;v?@ zt8QE}Y!PGr`8duxbJnYWZE4tuwuupV5o4(d_%0;$1+8(S}HkG%85kAHmr70A(0no@18I|7_9eq9cte-P_4UPND6f!)gj<|x8}@}79_ zfI0N3WxKowKk$%Q1&?gGNTUR@lOPxakQs@`bK9kIR91Bpl&=?LVOBDnuLsJzZ~2{l zrn#$2J&u|G00|Ae7N#sLrZ~Wa1tbD-!Q-xTlUoyiXdSmt<9}TtrHM>xph8GeP@E2* zc~t!uk4p23DjX*Em*9w%I*!(#;EuA(Qn=J4lEz(XJAKOT(#;eiHu*N~&ry{Dah`*v zZGF2_xM-sP0EEWCVnrmhcIXg^7DYMFAU7u-gbl*H=8DlP8@G0PK)Te@CE4SBFd|9i z?As6k9{BD6^nV8jfyXsvX4fXOhfulkZJbuOCM-!MtU39D^#_g1-<~#~O7iM+NbI3m z*nj{4o`d|8OhKFHx_J)5LY49{o(4sZGU$_B51eODg;ACWQ2qzpfO_NtmIj+Cq zCDZK@XY!*~SWe)P#-W$!p#dFmJDv{%OStU|lYnvs0DpDfC)TwHZr7ZL@Ir$B z005Rb5XKHz?mX?t=by{cr2hbf851=2ArZW%4{W5D?I5GSRb+7#IP65!j2= zic?J==z0bU0>;GQ=9alBokOwe=avkBdv54V!CP^@d$(x0)(S^!&@oFct3dshjp64> z#QvHz4o|#qw(bH+lbFLChG{QjVETj8xI;Q-5r-gAu>OzWu;?NjW)4lyO3M*O%_~_EO?N7$l)pGi!C>uNxzZxw$5Ra_^ z7QebGQCFk^`X2eluWr8&?gF#Ve1)xK@))<$S~7b?lMrNa1`CQ6QT>13kpUDxsG2M-($8-o+-T4 z+m9_2s)E4XD*xAuAGUpwmzF_sx|5R?pXQ`A9BF9UD z8wLpG^;gd&F#+-gAcNFUY2jOqMpu*K?KaAB!`G&)cLIY^_^?e7=r zbc2#aAO_!b5IuPrEGY@dp>VpJzWtL_rQ-Bm#l3%ki8}mA9&GSn2KVX#fhO^8!Q|!3 z^B10-(-ka?+h91P{8GkXfMTLy?(K^%*JcNc9*}DmgjGYS;30WPb9_vVjYZ5QA@k$0 z9&E}X%)ipcwyafu)zgTG)k+|zmq}9r89=$aBNuS~yXG`CO;v@7AVK zNBToT=eG+~`!XAnZr$-j{6j_}1oOD{*2irPFuI#y#SyzO6B_eWpp@ctg=@yU@zTJ& z=*E^0otggqkx$2+CnrSF{4}=JvK<>=&J{=m4Cas5SzDlgaT$N)+s@l};T(s1YA}Mj z2Sy!<40UNX=DXS?9f*_EdzO{meyaq1SQ;7ghn2Klt&03ON~Q9M9Nx<@Ue}JrZ5SAKS879(AS>p%(f}gZzNZ)3ndPbOALy=!R3p``;9WQpE#g#S{DEutOmI# zhL1UTCAU5YRpaQWFhA>l3k~&?FBXOHjb)};TouCROxCsTlzTQE(T-7f{gKx$Zmm)Q zBClm_cC7)wXvq+ZO(g;9ME+VeXUK!Op$-+9QZYtrR|5NyEs2R{mFHU7KSpE0@t59X?i$Sh6Xn7Ku&V8)LD)iWL^V zx1unAosyWO;C}n-feni~9SB#b(j%vbI4jvi@txF3}cPQVUL{!v-sDHz^W zFM{X7;DkwzskX{Rg+DNkmIH?|Hl2!==3!%)x#Jl>98i|A=G*3&NzT~z<|ZmigPX;s zLg;T0H1Tu-L>&X_hEp_iUZio~w;{Ctzdta4#nZF5QKjfWIVg~y?tv2KTSkv%geQC#BDKfjE`l_vQ6_!<3h22Og-<0OhvDF zy47e|j^KxPf_QjtqXZ`5b0R8bUljgDUG9-IZD_A9e z=&)Zzz|1WYFMj*($AXP;Pz9Kh0jC(pp(ah#I;NTwX>!x&og-jxjy#(ohOyVijDNG*8ZJV+$y7W*alj*TVq!D2jA!ZWs zfNbCw;6&LQErMVDXhh^>i?HYoQz^*Nq(K@#5Rtg#iME;Ohk(rXUGZ8?PP)9rxvLFQ zVVwG|3h=x9jcAsFwZF@H0fd{gv&nN#-ee0=c6KL9hQEP@K zK1S1mK|& zHG)(v08-Ng$qC*&G4ai*q=V^yOR*X*vzxZX6L07sJmA26FKr{eDi`m(Mlr*<0Vz)b z>oy!$I&g~JYn6S1XxJzm>Z2@k_I^9f7%xdZn#W((cLZW4ILrDOcVi2jlN!xvCsete z%w(-El{UsY@-Px!H0Rx+N%Ulh#nmPZ{3@^(sX}lrc^rEf^im^rA}1<;Zy|H$tS`%y z_X-$0dKI?&K3XDlCA`aBmp7?Z^>p4LkH}`pBPsTA%Xxrsgip1m4try*xI)&)ROW}j z|EuBada;cMpreQHo~`59$!?j=q_-jd2I#0=7+I)N0mHu}nmpcFp~cb)j<*$I?qBLt zRW=@ysC!R#15JOX?m;|%@7Dr1#1AP7-yGsEXkvYMa6t}-wh$Ui{o$w$yW{TKJNaZO z!AelOFQUcxhi6x9O@#ubtH1P#2|n&NQ~40})HHnvBx*QY&?;@uL@)V&)%>aJV0c7^L{P01 zr3)(f2OlzTL={bpEE6khBo2#(A_VR`Ci(c6TAOszxFgrOr^c517c9^N!n6fsk(KRm z+f028CCY69hr4bvyYRDW1T!nbN8cE$HklcXxkcDlu8@#Ll6#^Yv5q5WYhq^9;p^`& z!36h6+aQ{??`|!Bstu64;MfmhZ}xX1?F);v-t+;gyqgT|He()fXy%u!qSX~dth)TE+5hZ+7EwVnLr0IwNoT{O@jOXb#?@Fpk$$a8+&r>Lh& zZdRIqcXj5&)O_uf9ta3`Lnzo+Nx)#^xQn@R6NAFTl};3fxFgG|H-;P0q>qoEP1T3f9@2Q*mO!lw8N}nfS#pfU zjo(Hkz>{(9SIl%8PH@6{0vo&uE-qyFBz3i;vb#v?N*IR#*4QV6u4!~HM^JS`kH~wa!t0XH}V+>up!J2IMvD1&H+44y-i}u10 zEVxQBsj`TLP{Q^-T|Nc-x;KRx4a(Vn`!#Dk)Nzw$Vj6@PUPo5)v-(NCyt0t&plE2w znkte^27(0}_16&NU}+P8sj3ot72`@6-jKxX#GT#18M(!c$*|?=pn`OJtb&ZMZ#`~; zcJ}e3QkoQ459O=BFWnmr?Pu*Gz=d_J6cL(pgh(eMxmYoU%*Ciqm3r*n#(x5TJ2xoq zO}l0Zr(5Y<5B_m06RzRe9R*EtH#Z$-soPetsNnU@2zD-=6I6{NYxS;Z=CaV)B8oeC zOLko3DgG*=C;;LaM1W=O&kRIhOy4buyk=Kp9R|-AzgTAT^sZ5pD98q<#XG(KvRhxc z#VoaRjU?clkvL$;^-~i=6&`+nkZ{1}bC=M}>Xv`HdF*+Y@c{2Ub?w8^;cZ0w%k5{2__fb1mSQO zv=8)U(u~`FzzQ69F_)h(c1|K=f`f~NJd>j=5Pk?GX~o2kz%@m8SZky~N*#XID0qg@ zHMuvR1;qMX=6Un=WV&OV5ULURm$kPV$U4kZwuR=U0meDhL$s=Kt<3*ByyC`Eh())C zI`Rk6^Ror3Sdp5!sQie3_iJCQcal_n<*L}6(mL>_=sc1&58JOYP?$7Do8iD3vaeeZ zix@QE=OTtYTh0>!sx*BnZ2VLj()y4BI<9dfp6X}wZaW>)1&xRe(aOsd`s?J>+XSU- z%Ricy6v|5W*`{zk)}xbhxFu8ynS)$8Fg2T^jXB#ApfmfG+AIivN3L#N+Yj6t)Wo=b z!?RC?tI@v`Q$=Z-K_uPMpetp$U*uqbV6ujD^m{RfEKg6mDZQsu-s9<-S>@3kyg1G}YieO`$a141KUktR0Xx+_qf0d0DlHZ+@WR=(+fB7lt>6a87N3Ew?%wsPTz zvpTxP`q%QnpxUE%GP2oGg*{RD-k?p(`A_R|kIr;QwUuh;W*bQ_0tyO7m{pO=(Qd*9 z!nf@&8WuU1A@6*@Mq?&>$`J+R>hRfV+fgwr@7guIgH=mem&jr|Vt0HmNr1NqCbc*E zH*=md%UG0u!mjc!!;LDn<(K}g*EcCKPQ1rbv!CguT%wKYyIk@wG5~U}Pyi3H)^J+p z|Du-7awO^cKJ_|jUkXloR0Asqzfre%(__Np&5{m|{n!(Vz}P3qqx6`wiZaqontX zWeGoj*W8GaL&((^z&?8LM}>u2_eDZ=qhIOCiXPH*zD`XR2)1rT7_-YXc$G7y*h1iK zW*i=!4vdm^*bgu6)xj*aPOYazMw%km#-H`#V%^|vTU!t?>yHRx&XRyhX8X$^xQkBS z$rL70r*A=&e3X_JJ@Y%T;WQg%yDI(VmM6b|vMSl^cRa9??($S7&`7N!Jl8mRNQ9e+ z9Ft5=yY^-RwfnKlsfwqn35VE*r~w@~x@WTy^1$6hxmwzYY+6=u#DeqFE!4S>nf2W2 zax0JAtO1JAU4&XKfB5cdBa`i>S`ncOjz#Z|a} z>QnA@={h?bM|K-@U$CXod_%Y=X)JjC2>Qc{`yOkVh})o?_%4I$@_LS^i4U+3@j@WI z`-25J;U6g#T|1?ZBR^Gkda623`fH$M97;1;U~Q}tHp+c7nMMTKn%Ou8X0h`0!rF&* z!s?udmY|E8)-;PJlQMt~9AX~6GX2zlNS774gQp8QzO~uH=jY9>lYbF_9Q!}FlH`J5 zWW4mmwxPXIahCTMMz{{wZ2Ut)c@Dd|@H2;d%+jF8_ShK}n4`J;B!M2~G_uvA2%78kv)8d>3Xl9(5Pwb5mD1a0Ne5-~}CQj#!e zvS9V@gT(qlq>K7{*4=Xehz?jhLoBwCY@pX!2sX$Kt`!Am{cN+cpa zx2p`Fv90u&+ZrwPPIs?>Jhz%8=&s+G(Q70*zmDE~;}F6FS#luN@_oU8WC=;dZ#xnZ zuhVoJ;GqMNwO$j>Bahd&Tw1b!UZ-5o7K<J=2t<~=_!<9qEkr7{PQ$xNjKx#{?9_+K|A;D7CKedD z+-{gHN?LfOQw(TP3Gyq%C+?mKN5BApDp`>>;UL=U?`W;( z$k`@<*=$rU7j7$}4rvvC2^BE_%j&~>GRx8``p^K)5RQzzaMY4@O9sr-NF4?D`{^5b zvq0H|TT|{pdPOaSs|t%1(Mi{wQ?KVCfiH_tfUfbi41TwY?nH%Y2I;i0)U&3oE#{KC zyP5#TVk(N&p5o!El*q81KnVFCynyCY9U900`x-m?l0G ob3~xrE02aCc0ssI20RR92TL1tTB$1BC0xjl~R{?+lnX}jd4h4T| zIu5O=TG_sxr6hLpTcWuhLV1n`;`}!m1$`?lXquBo*Xg86*6}ETfIvu)AQ{>@BRuCA z=C9l9SIK2)tFL)!1bL1fv67Bdjx+gl>(`pGqdT2GUoXZG+XFdc6tON#VSZp(`hnB? zxg3mFOeY>|$A3evoo;W3p_%=YIv9WDlS8>*G?^Qjy(BZw!|Tj?AL~Hdh3O=bm%LX<7SKXQ!s0kn2Bel9ryDen&GXvS@$t7M{xU zsQWqdNjb>`k)K?CMzt&-!?BRJnjO`_@=-{RMjyNYhGIkXED7i^D$M>CvbUbz-~JM4 z9_Bfg6p0~H(UMt?ets}P&!IHPG@U95?=4rv@&4u{D=z?qIn1HSLC9^>(=Xmn+QL3iQH#*@w^8Z#z5 zzAy;g_rCW&qnYZTXdSqZ{AJnDHyF`}*UEWlUw_=>q*pf{XFmfLwJeON-J&k=KlaAfR4ja zl3Ct;F6qkvhi$3(PT_yp0fT@?YKCnaQ;nUQOT3K-KQ+6I4Dr-gU27bPE!D(cGL11L zLRm~Jw4dH8<1N%Gw*Y?-`qQoT2G(t&TmJwT$pjJ<^O2S`b{=Cd7(XTzLGRbntJ_Ix zw)y`6k#83}>uYt<-|{&-FAr*3j_;C`@>l$U5ySudV z;0?2XnvKs+fRk7BJJ_r>SnbBH_VL_GrsCu%AqdZ?U{54&2OQ^|S4nhqyZG*`@4Q(o z*6k{=kIjsh`G_uGZaOF-M<4(_E2=K&?UGl}<1aihu2@d+&!yb&L6-8<%meXUiew%h z)owK_jXFCvH+Fyd^J8XJ*a5*gCm8px{yWQg37PzFy>1}}YzWbdrHbkrKbJ#OOAhe<8LJXN3Los-50|qhg%!%d}}sPW6HYPO>> z`7VZUF{23iARXKTj>En&%`Ufbr`g2mXX4#X>ShGv?M})@*2ZwS$stBF#(x?B=`60U zBGg1Sx(=1OJj-DeS6NNLkg(dQMt*UgIw|RjsWg8&ubB(~0A$;;!#b5BU|KiM^5vc~ zPIoED$s0)QMR8x+Hv-nf>^i;RxR-FbhAAa4<}{7-0l+z3oeoK^gTmq_y=T`hb$=>J z;Sor};aW(>^80+e<$>BpPfYiq4wy-;M{jc!x+SQ9lIOpF9MC!drKdCF>ji0H}`)Ub%3&$Y;uITe1#uFokAmDNsb`_Q3 zos$QT#DiF9{PZx$Maertx#*;TLj)tK8;&zt`lX+Ryt!k6wK<>?xo9Se?Cv`Vi1UCk zh}V!w_5(Bl%FW`d7>u#S;p=O2Bu^VOZkfZ5ISGsoILBe0`MLi93mXosnowP`G@pO# z!Q|)tj@c*cgW90+rMHHyqEV&1rufU24wEVJviQi558?8I?NL5+u#9Ib&rbfN^{yI< zVmhmD7u!NC1iCbH{fCH*k_KWhF}Qz~Cx*!wz~l^YD=S;o1V{(N602lyz4*5R#;?3uDOhnw~L79o#+ejGTa1P!&VR77=<0!2o2*p_& zrD&+Fk=&1nhs)FBltNv9eVWXii~*n-7gaAEeZ(d5$t(ZKwZvM zf=NTuXzl%T#Zgoqal5!W^n&ar84$J-%i$sQ7XnZ|u6{M=+p;s6zOl4a; zdwGBO_H&V%tuKt4MrRgVWyFYw&B#=6i-HRL#42@Sc{#^HT(uMd*uRb;FiR3>u!Wja zB)gqSe8{dr`8p80K8JtWgz>$yGXbF6v~35HRh%3SF|=*k21ZERf=}UGbrb>H$K&fr zJioJeej9NbGAN2w7|8_lvpq-SlkJSXcf|Jk-I7FfsNuL%{{SBW!D2I9~c1aTAUB1YxlKInD+-0=cbgNVu0#nteY-)L^nI7$lag zyD%``yks8rn3Mbvy?@Out@Jae>HGXCti16^1kAA#vv4|`UDJoFj#AR4;Q!<|oE*FMuGv0)^$4TQjqReZ2ej--qj&VBRf zamIL$!jIv*TUjQ)hIhCm1&9&`6I5!NteU9@?-FZu755(qw=+(<+0Zr@&-ut z{b{z(;mH+L_&-#U)n1_Z)4`4sgSq zjD1NJ2AH}Z+4kRfV^WrOfbI}lw$)U#@+XFwHva&^ zC9NrR#`U!z@_)P^tDn2JPqUN2Y&pj4XCJA@ z98d?IQC@;#@cT87o8c{HJA#{KM7KC*Dsog7=bVwBLFhq>RPg*R%6v7dAa`cOmW`EC zjkFKmf4YAHd+-6l(O!vio*XmW$NvBbj*du zb+Ic!Cx0?qF#)r~1>c+u5P9|d061zZ&|_T&IOJCFma8KPnfDu3U5HqfU%q+|I#_d?l{sWNnfgbCcJD^8v@EJAO0)=X6(~u<+9xXk+lUvA!TYz-_Y9WA795dMh3= z-_omF+USm!=3fo#4=jFJa+a;OKtLeiKN&mm>VE>CP(V0(D__KR)|Q&Dmt|#tXBUYa)OOD58K0D58KmTfIGX6KN&JyJo>H;X(eb3MoL_aHpN6it~fP zq4e^X63jL07L{WAI=1D*Cczdz?~{zo!(8YQ^Fem;EM12+0(U2pdlF%t`0Waq|)PPdKd2 zM_tqJwI8%aq1)QQumcQC22OhCZaQ((xqs%WO{m*R1)OPMk+c)MuH$JkD{R7_m!R6m zoR6IGjw_lx+|K)aj+pcFyY2EezqYkG^`;W|i4gO8Ug3o~TrZ*H|# z;5NS^OM9!@t0X|7Xyc25&PtG^bH;wJ?~}LTeOA$Q4;o_A$y>W|WnzX8_(-B*w{8+N+L#=3f!L0E=iO;n#5&Eqb0k{jqN9~8 zsSH3JpkRTwjBOalpsq%WwK!W?{w(Q);TYOcyY6*U__JP?=3h5iibEVHYX~C4f3wpa z&#!-4lGnywAa#g;ZX`?&{{Wf@hJVryIXL&v;arUs38g05)37PR_vO&)C-DxmHRMJ0 zm>t}(E@F%*A1UXK_yeCxmRq~PbN>Jd1&~RODQq|fH?t}oOeCCS0zPfQ8`NS zc19IrDa!DCtG53Dnb+EDnzXan>7VeB+resL!pdWe2tZOmCmbF+=Q%a8H-Gkl+jRal z(i&Kl#;OD)g(V5V>GzdS(RlQ)IHIA#Z)tuAiBqWUY5oZ7EVV0*LP;!T)}y!FuI((* zLL+aJZrt@5P!}2KI#$=)wL6B2FZfJs1|(8TM{a=#kz`Yx@&j^l=s?^n&ScpP(9R&8=?ICTr37TLvXa$>}iTEm~1FHm^g zz4_y5^sg?bG>*y@ornMc3Ftq`G{kq-I*t9^wV9j6))6#P7*aED7GPbYoVMQh85tP> zf_q1#&8+_bWQ)e}9-m@7;TlHb0#3-|T&eb5fPwwq=Yzr0?mI%{;C~!}Kpl69^{ql1 zx3_(64Nc16&jfK8*$7}pK=(X*=BwX$w_iwJ5vr_^%&d$O7=}SrEI1$SW3OuFD52GLUI(RNQ9u{9 zU1I+LTfO^cqi|=RXkFz(@$>)==BUv{02EP002EP00Du4401^NS2{>i)JT?#z&}lNN zvxFEJ0e{KR1s*unJv(4XN9&XMr4;0P`+2`);X2XhOEnxOkfne|`gfE$L8iRZi8Nf| zV^Cp*s!W?nUn_jik(PsV z?t{W60cSm)uC}eGS2sxe^niD$Tl&}mn0Me9X!S&d3+gYZzd8?5)Ych>R#gN1bZK06 zr{g{O`~$rdG0Pa639jApZ|zJ8uGV;GtUia3k3O>m@y8HZ?&$~}%G!SK}KbKY4d{4eA{EW${ z?WWv(J7$iO&Jw1?lP_x5&uxXziX#uN8|=$^Rk_}|CVV1J7A z=(&5j2H>&MaRUL-CzPnezLQ&4#c2^2!9)IDOM7sWZ9Aztn1l};_yzA*#?faoDY$&`zP%~YNItbX$8>_9}HC~>pW-MHiPb`S21eH0N` zc1&<0D(1|ZkCWMMA3S}i9}K{u6n_dFk|hkLZS~$`)8_6lPQ?CZ&FpOzFfA;P@7N#& zer6!i1I3O-Y$(7qbg^TB@&s6n#Q6L~58Drv4k%KA%v=1Ed{{9A9EZ--zA(Hr=>E}e zoUa*N32?W~_%+=SXpv2~UD1DAYEe06Y>AScy z+S5Gr3Ec^iWp=^K>-99P6cin9j#^MOoH!f{wX}~InOJiaz_g-myaP*r$l5a0h)V^( zpA)@l2xyo%jt$hT;FUxfv#8>OV&FjM z)=Nwle{n`fvezGeiKbCH$l8^z?-3hy*VYj9cxX!tUJc`xmUdBJv}0x8XRj|SAmQ}F z*;Ga=H2JjB`G3BB%P-0vj?(1CYfNgG@-dp@7Pm7>#n#zW>~|LmezsC}lW`xAke#l1 zWnMci63f{g?Nu2p8@T90on_}iJ0MX=nTv-%ME-gp9Vxjrax7R_$xF8ZVBu zij*r=4P|zBuPr#+&r!#iD}HGGmGaFv#MzwxT)1GNmwzgMkD4{nH^kQ2WYoXi)FU)Z zwQ|A0L#DA3xN!F?0id09FC}nDssIw23m+yN1Oj7IV+OT!iQx$kmX?gvsE40jV(gQ- z%u#*1lI)!{^cbgdI0qT?WNdN?&!x1jU(&PHp62hDPsfG|E|CTR2~jglX+yN20SxLRXT-Ni*2aA4WD~JwzElU+(Er#upxv`TX`(i?a!zYS0 zGn6oKwrJ=z*y^{_|C4DLV3h@5GqUL;>MZn1d`Y`){raRqI{5aRcXgP;#`h{OH`rpo z&$$M`W4;Mz^P-BFx`Yu^ozsnmvONChMSq{ZAML+wjN@M5%vSi+dZs@&7-$qahp6we zYV?J^nKKZ7&I(Q#hrN0{miu3sE21~ECQ_7Km3Tja#%9r3^>oE)?3^$As?TxFl4^N`x?fCixD$IxpnS%0z@ z)L^+YT>^g@{?w~J5#0@c`?n%-{r-;++IM|&mQqjo4g$o~_V>~JpRwqB`YJ9yQA3yt zQ?~!WC+VXPoyWIA^`mlgp@#k2r+@ykVh{r!!Kyx8W~oD!Wz7BU*UUfMAVz9uGf=Wn z?$FyB%zVh8O~iTWGR7x&mKN5L*5_jB^P9?DJ876RZdF@G7$tW_e#J%Jlm|Q>1lS$c zAdw1~uHRaQN?*5$h%@;!4TIh%s+dl`Gr+p##xv4bn;l1oNHjSfyXc+0)PFZ=?4>ee zZ|H^dVMW=YybRdcPsaOm!;LTO}CIIEmE%0MQVx7Rd_ZC0Rcf@+LE1$$PX@x>K_X)=czlCWa&{ zTk5^BvChnyh`+rs)xuW>NeTxA3s-anl``t~Q6-0GO74H- zydBs|@G+(PkN3%-D}T}FkW%9}Td6X#3_A3q#p|E}Z7~L5Cf0aZu$QKVdjHiAaO`HT z=wR-A_unft(GR5^08-5yNEmHv`s&v*Xpddn3E{YNBQU(C(YsJ?G1m9EfuA}JZ7vKo zO|er292@1Je!~Br%tqk%!@RVz+Nn#8bYz((@3_}IZ*Mwo(|?8^ZLU`kG0$T=)7g0K z{Zkv6{c*+@J$xY5@E%73<}Rw6^W8Zf*+*Vh=GfUHB;WAS3uJNL)UIp@3ak}}CBE** ziLVtXX$Z1i#0)CRYix2;n?clppov?gpcU0oySJz$E8(qY;mFYAE07^Q=*egq?Owd# z)Q8h>n!Ibs4u8yHX;phQ*?itL24^A%L|mLpMgKuja#?nBcENF9y~LRIp0b}n>6$K!NP}%*A=x{C4%grukBP1!q=UZe+GYUWt8HsX`+gs zq{wSuVfF6>dcH=((Un6mAaYejmOD$_78FC~^MPpk zz_SwPy(TtNCi9P;;&_YyO80S|EC3&(PdW0ZF8*mtKw{sAP1UE->1#qB>b7m1pG)zTtQp1FiC8NhyD*1JeLviq+VXb z1lwL(pnvg(BmZq)aQQscT-%Lac&6E=y=msgq%<!>(Vt<=6mQ7B>PO44k@h*Lm!oCIF_RLP+ zgtHPrD;WzfGkusy@mTV7ITz#uay3Fb9_LNqGDmKMD)em{Z82X1B58E-nz?ZlQGue9c*P55Bf~rmqFo z&(A@tz`UAZ?a&^w_~BF>3Cp4%Cmh(Mfiv&BGO-R7$f6>lIZr3|B+FMqoiFGs!;1TS z7dxdgoezWp=lgS3pVtKY#9asSyKwm#e z_u@KS?mOz!Z9O{M>W#>=y6G;~()x1@`00pC=qu{nvhp%h5`Bd8NyRHP3tPm-z~2Ad z3k^(Su!Tug91Gh`HRQm&QrR8+k~KRFDehL%%QEAP(k{!N1~h({`IwSl6{Iv_+e3kd zV!fMOX9BYlH)bF{{YkEGv&cb+Sbv+*7@=!zNwn0GUb}AQ7vtu(=^8PZ;{9H_>jRdP zDjK)WX>54hq}-Zs%U^VAwT*ujPkPE2y=@?1l|mVtTzlR%EU>ciHpTJ|%&*^<&%J7P zcpf%&;`c!-)NodCKzX4~Pk#Ca?sm^`GQU*T4u~PzP{c$^HHHVS^m28il7F@zg8I+C znvdo_j6=MO=Dv&R0gMSQVdYqASbrw8TnvA>v4BN*Om_Urr!9V;CT&g0R1yZN-L@ib z-{9xsWk(*&#|wH#F7g%X0RpzR!e6=niqLLbKt7oq=l9E2(q?0w7J$`*DXnyqhjTPq zO_XA13tRbCgl^p^i+{p#sDFa$4y#2Z(4XwFd)ClH|JamL%*f$;wsB$apS|bI&Mib8 zC7H^9pNRWx7LbmNlw8L@>cNYb6_pz>Z2I00a;mAqRHzW!zPyrJUcE2e@bb5Vwl{=0 z*}x#FscnX?K%6g+-BqI|i@2PXF{ZY(1bk!eTkEKHY6`4~yHsrKDej7#5hdCb*@HXW*XU(|@94fq24m{eFB1f?BjE^CMl@fc7`%VLC`cDU9-#U&6F1W7hg0 z+?6s3-4=r}OOgdhr&BLZNo-vO0lZpeJ4B^Ta9SgXu7(-)kfV^5|I&U_RgxP7ogo`W zFjC4dDv$Hg&6FvS>+>kHD8$vNLKRD;bE!=aJ4kS{KUd(`X@47~J4i`heO1`)5*0)9 zRB0ritvCxvo_CVF_VpFL_svIS*xrs;Xxg6 zAexB&5I_->d+E!rW(h4m-;>PA7;88WIrYP;tJbO(Q`4T1ZU)CCr=_E95G03;r6`H6 zH}49}_PtMk`bwPi?U|L>5A}?m69ecH5wkK-%6H7U_J8MQF^$9iv_il7G-XXaB3rb_u+`KP~QrhYJBBNb9=h zKC-#mKz%O1&hQBX#!0HC-D=p{&T4<#$H2h|tGx_8Q(E$3JGH!=T8(mnmZ4)_t^se6 zLe?`Er7KS+T%{+FE_c*#*2)FD&*JMBAi6X-qK!oFOAaS6sg~x!ekdVuZl%%cW@3c}P?RXd;Vl`#x<~ zRMo&i8TW;_I63T1c6U%XJLmVyIPD7Ilehh_0W>WNvv0U`vI^UL%>YXyk`pF^jDPKE LW+fw9Oi7tgtG9@| diff --git a/README.md b/README.md index b6e529d..1ad5aca 100644 --- a/README.md +++ b/README.md @@ -69,7 +69,7 @@ download the certificates. If you intend to download the scripts from a different location (for example from github.com) install the corresponding certificate chain. - /tool/fetch "https://git.eworm.de/cgit/routeros-scripts/plain/certs/E1.pem" dst-path="letsencrypt-E1.pem"; + /tool/fetch "https://git.eworm.de/cgit/routeros-scripts/plain/certs/E5.pem" dst-path="letsencrypt-E5.pem"; ![screenshot: download certs](README.d/01-download-certs.avif) @@ -78,11 +78,11 @@ want to be safe download with your workstations's browser and transfer the files to your MikroTik device. * [ISRG Root X2](https://letsencrypt.org/certs/isrg-root-x2.pem) -* Let's Encrypt [E1](https://letsencrypt.org/certs/lets-encrypt-e1.pem) +* Let's Encrypt [E5](https://letsencrypt.org/certs/2024/e5.pem) Then we import the certificates. - /certificate/import file-name=letsencrypt-E1.pem passphrase=""; + /certificate/import file-name=letsencrypt-E5.pem passphrase=""; Do not worry that the command is not shown - that happens because it contains a sensitive property, the passphrase. @@ -90,13 +90,13 @@ a sensitive property, the passphrase. ![screenshot: import certs](README.d/02-import-certs.avif) For basic verification we rename the certificates and print them by -fingerprint. Make sure exactly these two certificates ("*E1*" and +fingerprint. Make sure exactly these two certificates ("*E5*" and "*ISRG-Root-X2*") are shown. Also remove the left over file. - /certificate/set name="E1" [ find where common-name="E1" ]; + /certificate/set name="E5" [ find where common-name="E5" ]; /certificate/set name="ISRG-Root-X2" [ find where common-name="ISRG Root X2" ]; - /certificate/print proplist=name,fingerprint where fingerprint="46494e30379059df18be52124305e606fc59070e5b21076ce113954b60517cda" or fingerprint="69729b8e15a86efc177a57afb7171dfc64add28c2fca8cf1507e34453ccb1470"; - /file/remove [ find where name="letsencrypt-E1.pem" ]; + /certificate/print proplist=name,fingerprint where fingerprint="e788d14b0436b5120bbee3f15c15badf08c1407fe72568a4f16f9151c380e1e3" or fingerprint="69729b8e15a86efc177a57afb7171dfc64add28c2fca8cf1507e34453ccb1470"; + /file/remove [ find where name="letsencrypt-E5.pem" ]; ![screenshot: check certs](README.d/03-check-certs.avif) diff --git a/certs/E5.pem b/certs/E5.pem new file mode 100644 index 0000000..3f9e915 --- /dev/null +++ b/certs/E5.pem @@ -0,0 +1,119 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 18:6e:75:d4:ee:b0:a0:5d:fd:2d:a8:20:86:5d:1e:31 + Signature Algorithm: ecdsa-with-SHA384 + Issuer: C=US, O=Internet Security Research Group, CN=ISRG Root X2 + Validity + Not Before: Mar 13 00:00:00 2024 GMT + Not After : Mar 12 23:59:59 2027 GMT + Subject: C=US, O=Let's Encrypt, CN=E5 + Subject Public Key Info: + Public Key Algorithm: id-ecPublicKey + Public-Key: (384 bit) + pub: + 04:0d:0b:3a:8a:6b:61:8e:b6:ef:dc:5f:58:e7:c6: + 42:45:54:ab:63:f6:66:61:48:0a:2e:59:75:b4:81: + 02:37:50:b7:3f:16:79:dc:98:ec:a1:28:97:72:20: + 1c:2c:cf:d5:7c:52:20:4e:54:78:5b:84:14:6b:c0: + 90:ae:85:ec:c0:51:41:3c:5a:87:7f:06:4d:d4:fe: + 60:d1:fa:6c:2d:e1:7d:95:10:88:a2:08:54:0f:99: + 1a:4c:e6:ea:0a:ac:d8 + ASN1 OID: secp384r1 + NIST CURVE: P-384 + X509v3 extensions: + X509v3 Key Usage: critical + Digital Signature, Certificate Sign, CRL Sign + X509v3 Extended Key Usage: + TLS Web Client Authentication, TLS Web Server Authentication + X509v3 Basic Constraints: critical + CA:TRUE, pathlen:0 + X509v3 Subject Key Identifier: + 9F:2B:5F:CF:3C:21:4F:9D:04:B7:ED:2B:2C:C4:C6:70:8B:D2:D7:0D + X509v3 Authority Key Identifier: + 7C:42:96:AE:DE:4B:48:3B:FA:92:F8:9E:8C:CF:6D:8B:A9:72:37:95 + Authority Information Access: + CA Issuers - URI:http://x2.i.lencr.org/ + X509v3 Certificate Policies: + Policy: 2.23.140.1.2.1 + X509v3 CRL Distribution Points: + Full Name: + URI:http://x2.c.lencr.org/ + Signature Algorithm: ecdsa-with-SHA384 + Signature Value: + 30:64:02:30:1b:6d:2e:45:41:1c:45:3e:d9:5f:34:18:74:67: + 13:79:ba:ab:29:b5:b6:10:4e:83:27:4a:8b:45:4e:c7:7b:cf: + f4:40:30:1d:61:a5:e6:1c:6d:a4:90:09:92:6e:46:4b:02:30: + 46:29:18:84:34:7a:bc:fb:de:d8:1b:d8:19:a7:04:f5:cb:7e: + e7:6d:84:d9:da:8e:ea:ce:36:30:b9:a2:80:4c:2c:e6:60:12: + 4b:a9:76:aa:e8:6d:95:47:da:72:09:0c +-----BEGIN CERTIFICATE----- +MIICtDCCAjugAwIBAgIQGG511O6woF39Lagghl0eMTAKBggqhkjOPQQDAzBPMQsw +CQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2gg +R3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMjAeFw0yNDAzMTMwMDAwMDBaFw0y +NzAzMTIyMzU5NTlaMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNy +eXB0MQswCQYDVQQDEwJFNTB2MBAGByqGSM49AgEGBSuBBAAiA2IABA0LOoprYY62 +79xfWOfGQkVUq2P2ZmFICi5ZdbSBAjdQtz8WedyY7KEol3IgHCzP1XxSIE5UeFuE +FGvAkK6F7MBRQTxah38GTdT+YNH6bC3hfZUQiKIIVA+ZGkzm6gqs2KOB+DCB9TAO +BgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIG +A1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFJ8rX888IU+dBLftKyzExnCL0tcN +MB8GA1UdIwQYMBaAFHxClq7eS0g7+pL4nozPbYupcjeVMDIGCCsGAQUFBwEBBCYw +JDAiBggrBgEFBQcwAoYWaHR0cDovL3gyLmkubGVuY3Iub3JnLzATBgNVHSAEDDAK +MAgGBmeBDAECATAnBgNVHR8EIDAeMBygGqAYhhZodHRwOi8veDIuYy5sZW5jci5v +cmcvMAoGCCqGSM49BAMDA2cAMGQCMBttLkVBHEU+2V80GHRnE3m6qym1thBOgydK +i0VOx3vP9EAwHWGl5hxtpJAJkm5GSwIwRikYhDR6vPve2BvYGacE9ct+522E2dqO +6s42MLmigEws5mASS6l2quhtlUfacgkM +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 41:d2:9d:d1:72:ea:ee:a7:80:c1:2c:6c:e9:2f:87:52 + Signature Algorithm: ecdsa-with-SHA384 + Issuer: C = US, O = Internet Security Research Group, CN = ISRG Root X2 + Validity + Not Before: Sep 4 00:00:00 2020 GMT + Not After : Sep 17 16:00:00 2040 GMT + Subject: C = US, O = Internet Security Research Group, CN = ISRG Root X2 + Subject Public Key Info: + Public Key Algorithm: id-ecPublicKey + Public-Key: (384 bit) + pub: + 04:cd:9b:d5:9f:80:83:0a:ec:09:4a:f3:16:4a:3e: + 5c:cf:77:ac:de:67:05:0d:1d:07:b6:dc:16:fb:5a: + 8b:14:db:e2:71:60:c4:ba:45:95:11:89:8e:ea:06: + df:f7:2a:16:1c:a4:b9:c5:c5:32:e0:03:e0:1e:82: + 18:38:8b:d7:45:d8:0a:6a:6e:e6:00:77:fb:02:51: + 7d:22:d8:0a:6e:9a:5b:77:df:f0:fa:41:ec:39:dc: + 75:ca:68:07:0c:1f:ea + ASN1 OID: secp384r1 + NIST CURVE: P-384 + X509v3 extensions: + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + 7C:42:96:AE:DE:4B:48:3B:FA:92:F8:9E:8C:CF:6D:8B:A9:72:37:95 + Signature Algorithm: ecdsa-with-SHA384 + 30:65:02:30:7b:79:4e:46:50:84:c2:44:87:46:1b:45:70:ff: + 58:99:de:f4:fd:a4:d2:55:a6:20:2d:74:d6:34:bc:41:a3:50: + 5f:01:27:56:b4:be:27:75:06:af:12:2e:75:98:8d:fc:02:31: + 00:8b:f5:77:6c:d4:c8:65:aa:e0:0b:2c:ee:14:9d:27:37:a4: + f9:53:a5:51:e4:29:83:d7:f8:90:31:5b:42:9f:0a:f5:fe:ae: + 00:68:e7:8c:49:0f:b6:6f:5b:5b:15:f2:e7 +-----BEGIN CERTIFICATE----- +MIICGzCCAaGgAwIBAgIQQdKd0XLq7qeAwSxs6S+HUjAKBggqhkjOPQQDAzBPMQsw +CQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2gg +R3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMjAeFw0yMDA5MDQwMDAwMDBaFw00 +MDA5MTcxNjAwMDBaME8xCzAJBgNVBAYTAlVTMSkwJwYDVQQKEyBJbnRlcm5ldCBT +ZWN1cml0eSBSZXNlYXJjaCBHcm91cDEVMBMGA1UEAxMMSVNSRyBSb290IFgyMHYw +EAYHKoZIzj0CAQYFK4EEACIDYgAEzZvVn4CDCuwJSvMWSj5cz3es3mcFDR0HttwW ++1qLFNvicWDEukWVEYmO6gbf9yoWHKS5xcUy4APgHoIYOIvXRdgKam7mAHf7AlF9 +ItgKbppbd9/w+kHsOdx1ymgHDB/qo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0T +AQH/BAUwAwEB/zAdBgNVHQ4EFgQUfEKWrt5LSDv6kviejM9ti6lyN5UwCgYIKoZI +zj0EAwMDaAAwZQIwe3lORlCEwkSHRhtFcP9Ymd70/aTSVaYgLXTWNLxBo1BfASdW +tL4ndQavEi51mI38AjEAi/V3bNTIZargCyzuFJ0nN6T5U6VR5CmD1/iQMVtCnwr1 +/q4AaOeMSQ+2b1tbFfLn +-----END CERTIFICATE----- diff --git a/certs/R10.pem b/certs/R10.pem new file mode 100644 index 0000000..e8c1c4a --- /dev/null +++ b/certs/R10.pem @@ -0,0 +1,231 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 4b:a8:52:93:f7:9a:2f:a2:73:06:4b:a8:04:8d:75:d0 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=US, O=Internet Security Research Group, CN=ISRG Root X1 + Validity + Not Before: Mar 13 00:00:00 2024 GMT + Not After : Mar 12 23:59:59 2027 GMT + Subject: C=US, O=Let's Encrypt, CN=R10 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (2048 bit) + Modulus: + 00:cf:57:e5:e6:c4:54:12:ed:b4:47:fe:c9:27:58: + 76:46:50:28:8c:1d:3e:88:df:05:9d:d5:b5:18:29: + bd:dd:b5:5a:bf:fa:f6:ce:a3:be:af:00:21:4b:62: + 5a:5a:3c:01:2f:c5:58:03:f6:89:ff:8e:11:43:eb: + c1:b5:e0:14:07:96:8f:6f:1f:d7:e7:ba:81:39:09: + 75:65:b7:c2:af:18:5b:37:26:28:e7:a3:f4:07:2b: + 6d:1a:ff:ab:58:bc:95:ae:40:ff:e9:cb:57:c4:b5: + 5b:7f:78:0d:18:61:bc:17:e7:54:c6:bb:49:91:cd: + 6e:18:d1:80:85:ee:a6:65:36:bc:74:ea:bc:50:4c: + ea:fc:21:f3:38:16:93:94:ba:b0:d3:6b:38:06:cd: + 16:12:7a:ca:52:75:c8:ad:76:b2:c2:9c:5d:98:45: + 5c:6f:61:7b:c6:2d:ee:3c:13:52:86:01:d9:57:e6: + 38:1c:df:8d:b5:1f:92:91:9a:e7:4a:1c:cc:45:a8: + 72:55:f0:b0:e6:a3:07:ec:fd:a7:1b:66:9e:3f:48: + 8b:71:84:71:58:c9:3a:fa:ef:5e:f2:5b:44:2b:3c: + 74:e7:8f:b2:47:c1:07:6a:cd:9a:b7:0d:96:f7:12: + 81:26:51:54:0a:ec:61:f6:f7:f5:e2:f2:8a:c8:95: + 0d:8d + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Key Usage: critical + Digital Signature, Certificate Sign, CRL Sign + X509v3 Extended Key Usage: + TLS Web Client Authentication, TLS Web Server Authentication + X509v3 Basic Constraints: critical + CA:TRUE, pathlen:0 + X509v3 Subject Key Identifier: + BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8 + X509v3 Authority Key Identifier: + 79:B4:59:E6:7B:B6:E5:E4:01:73:80:08:88:C8:1A:58:F6:E9:9B:6E + Authority Information Access: + CA Issuers - URI:http://x1.i.lencr.org/ + X509v3 Certificate Policies: + Policy: 2.23.140.1.2.1 + X509v3 CRL Distribution Points: + Full Name: + URI:http://x1.c.lencr.org/ + Signature Algorithm: sha256WithRSAEncryption + Signature Value: + 92:b1:e7:41:37:eb:79:9d:81:e6:cd:e2:25:e1:3a:20:e9:90: + 44:95:a3:81:5c:cf:c3:5d:fd:bd:a0:70:d5:b1:96:28:22:0b: + d2:f2:28:cf:0c:e7:d4:e6:43:8c:24:22:1d:c1:42:92:d1:09: + af:9f:4b:f4:c8:70:4f:20:16:b1:5a:dd:01:f6:1f:f8:1f:61: + 6b:14:27:b0:72:8d:63:ae:ee:e2:ce:4b:cf:37:dd:bb:a3:d4: + cd:e7:ad:50:ad:bd:bf:e3:ec:3e:62:36:70:99:31:a7:e8:8d: + dd:ea:62:e2:12:ae:f5:9c:d4:3d:2c:0c:aa:d0:9c:79:be:ea: + 3d:5c:44:6e:96:31:63:5a:7d:d6:7e:4f:24:a0:4b:05:7f:5e: + 6f:d2:d4:ea:5f:33:4b:13:d6:57:b6:ca:de:51:b8:5d:a3:09: + 82:74:fd:c7:78:9e:b3:b9:ac:16:da:4a:2b:96:c3:b6:8b:62: + 8f:f9:74:19:a2:9e:03:de:e9:6f:9b:b0:0f:d2:a0:5a:f6:85: + 5c:c2:04:b7:c8:d5:4e:32:c4:bf:04:5d:bc:29:f6:f7:81:8f: + 0c:5d:3c:53:c9:40:90:8b:fb:b6:08:65:b9:a4:21:d5:09:e5: + 13:84:84:37:82:ce:10:28:fc:76:c2:06:25:7a:46:52:4d:da: + 53:72:a4:27:3f:62:70:ac:be:69:48:00:fb:67:0f:db:5b:a1: + e8:d7:03:21:2d:d7:c9:f6:99:42:39:83:43:df:77:0a:12:08: + f1:25:d6:ba:94:19:54:18:88:a5:c5:8e:e1:1a:99:93:79:6b: + ec:1c:f9:31:40:b0:cc:32:00:df:9f:5e:e7:b4:92:ab:90:82: + 91:8d:0d:e0:1e:95:ba:59:3b:2e:4b:5f:c2:b7:46:35:52:39: + 06:c0:bd:aa:ac:52:c1:22:a0:44:97:99:f7:0c:a0:21:a7:a1: + 6c:71:47:16:17:01:68:c0:ca:a6:26:65:04:7c:b3:ae:c9:e7: + 94:55:c2:6f:9b:3c:1c:a9:f9:2e:c5:20:1a:f0:76:e0:be:ec: + 18:d6:4f:d8:25:fb:76:11:e8:bf:e6:21:0f:e8:e8:cc:b5:b6: + a7:d5:b8:f7:9f:41:cf:61:22:46:6a:83:b6:68:97:2e:7c:ea: + 4e:95:db:23:eb:2e:c8:2b:28:84:a4:60:e9:49:f4:44:2e:3b: + f9:ca:62:57:01:e2:5d:90:16:f9:c9:fc:7a:23:48:8e:a6:d5: + 81:72:f1:28:fa:5d:ce:fb:ed:4e:73:8f:94:2e:d2:41:94:98: + 99:db:a7:af:70:5f:f5:be:fb:02:20:bf:66:27:6c:b4:ad:fa: + 75:12:0b:2b:3e:ce:03:9e +-----BEGIN CERTIFICATE----- +MIIFBTCCAu2gAwIBAgIQS6hSk/eaL6JzBkuoBI110DANBgkqhkiG9w0BAQsFADBP +MQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFy +Y2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMTAeFw0yNDAzMTMwMDAwMDBa +Fw0yNzAzMTIyMzU5NTlaMDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBF +bmNyeXB0MQwwCgYDVQQDEwNSMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQDPV+XmxFQS7bRH/sknWHZGUCiMHT6I3wWd1bUYKb3dtVq/+vbOo76vACFL +YlpaPAEvxVgD9on/jhFD68G14BQHlo9vH9fnuoE5CXVlt8KvGFs3Jijno/QHK20a +/6tYvJWuQP/py1fEtVt/eA0YYbwX51TGu0mRzW4Y0YCF7qZlNrx06rxQTOr8IfM4 +FpOUurDTazgGzRYSespSdcitdrLCnF2YRVxvYXvGLe48E1KGAdlX5jgc3421H5KR +mudKHMxFqHJV8LDmowfs/acbZp4/SItxhHFYyTr6717yW0QrPHTnj7JHwQdqzZq3 +DZb3EoEmUVQK7GH29/Xi8orIlQ2NAgMBAAGjgfgwgfUwDgYDVR0PAQH/BAQDAgGG +MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATASBgNVHRMBAf8ECDAGAQH/ +AgEAMB0GA1UdDgQWBBS7vMNHpeS8qcbDpHIMEI2iNeHI6DAfBgNVHSMEGDAWgBR5 +tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAKG +Fmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0gBAwwCjAIBgZngQwBAgEwJwYD +VR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVuY3Iub3JnLzANBgkqhkiG9w0B +AQsFAAOCAgEAkrHnQTfreZ2B5s3iJeE6IOmQRJWjgVzPw139vaBw1bGWKCIL0vIo +zwzn1OZDjCQiHcFCktEJr59L9MhwTyAWsVrdAfYf+B9haxQnsHKNY67u4s5Lzzfd +u6PUzeetUK29v+PsPmI2cJkxp+iN3epi4hKu9ZzUPSwMqtCceb7qPVxEbpYxY1p9 +1n5PJKBLBX9eb9LU6l8zSxPWV7bK3lG4XaMJgnT9x3ies7msFtpKK5bDtotij/l0 +GaKeA97pb5uwD9KgWvaFXMIEt8jVTjLEvwRdvCn294GPDF08U8lAkIv7tghluaQh +1QnlE4SEN4LOECj8dsIGJXpGUk3aU3KkJz9icKy+aUgA+2cP21uh6NcDIS3XyfaZ +QjmDQ993ChII8SXWupQZVBiIpcWO4RqZk3lr7Bz5MUCwzDIA359e57SSq5CCkY0N +4B6Vulk7LktfwrdGNVI5BsC9qqxSwSKgRJeZ9wygIaehbHFHFhcBaMDKpiZlBHyz +rsnnlFXCb5s8HKn5LsUgGvB24L7sGNZP2CX7dhHov+YhD+jozLW2p9W4959Bz2Ei +RmqDtmiXLnzqTpXbI+suyCsohKRg6Un0RC47+cpiVwHiXZAW+cn8eiNIjqbVgXLx +KPpdzvvtTnOPlC7SQZSYmdunr3Bf9b77AiC/ZidstK36dRILKz7OA54= +-----END CERTIFICATE----- +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 82:10:cf:b0:d2:40:e3:59:44:63:e0:bb:63:82:8b:00 + Signature Algorithm: sha256WithRSAEncryption + Issuer: C = US, O = Internet Security Research Group, CN = ISRG Root X1 + Validity + Not Before: Jun 4 11:04:38 2015 GMT + Not After : Jun 4 11:04:38 2035 GMT + Subject: C = US, O = Internet Security Research Group, CN = ISRG Root X1 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (4096 bit) + Modulus: + 00:ad:e8:24:73:f4:14:37:f3:9b:9e:2b:57:28:1c: + 87:be:dc:b7:df:38:90:8c:6e:3c:e6:57:a0:78:f7: + 75:c2:a2:fe:f5:6a:6e:f6:00:4f:28:db:de:68:86: + 6c:44:93:b6:b1:63:fd:14:12:6b:bf:1f:d2:ea:31: + 9b:21:7e:d1:33:3c:ba:48:f5:dd:79:df:b3:b8:ff: + 12:f1:21:9a:4b:c1:8a:86:71:69:4a:66:66:6c:8f: + 7e:3c:70:bf:ad:29:22:06:f3:e4:c0:e6:80:ae:e2: + 4b:8f:b7:99:7e:94:03:9f:d3:47:97:7c:99:48:23: + 53:e8:38:ae:4f:0a:6f:83:2e:d1:49:57:8c:80:74: + b6:da:2f:d0:38:8d:7b:03:70:21:1b:75:f2:30:3c: + fa:8f:ae:dd:da:63:ab:eb:16:4f:c2:8e:11:4b:7e: + cf:0b:e8:ff:b5:77:2e:f4:b2:7b:4a:e0:4c:12:25: + 0c:70:8d:03:29:a0:e1:53:24:ec:13:d9:ee:19:bf: + 10:b3:4a:8c:3f:89:a3:61:51:de:ac:87:07:94:f4: + 63:71:ec:2e:e2:6f:5b:98:81:e1:89:5c:34:79:6c: + 76:ef:3b:90:62:79:e6:db:a4:9a:2f:26:c5:d0:10: + e1:0e:de:d9:10:8e:16:fb:b7:f7:a8:f7:c7:e5:02: + 07:98:8f:36:08:95:e7:e2:37:96:0d:36:75:9e:fb: + 0e:72:b1:1d:9b:bc:03:f9:49:05:d8:81:dd:05:b4: + 2a:d6:41:e9:ac:01:76:95:0a:0f:d8:df:d5:bd:12: + 1f:35:2f:28:17:6c:d2:98:c1:a8:09:64:77:6e:47: + 37:ba:ce:ac:59:5e:68:9d:7f:72:d6:89:c5:06:41: + 29:3e:59:3e:dd:26:f5:24:c9:11:a7:5a:a3:4c:40: + 1f:46:a1:99:b5:a7:3a:51:6e:86:3b:9e:7d:72:a7: + 12:05:78:59:ed:3e:51:78:15:0b:03:8f:8d:d0:2f: + 05:b2:3e:7b:4a:1c:4b:73:05:12:fc:c6:ea:e0:50: + 13:7c:43:93:74:b3:ca:74:e7:8e:1f:01:08:d0:30: + d4:5b:71:36:b4:07:ba:c1:30:30:5c:48:b7:82:3b: + 98:a6:7d:60:8a:a2:a3:29:82:cc:ba:bd:83:04:1b: + a2:83:03:41:a1:d6:05:f1:1b:c2:b6:f0:a8:7c:86: + 3b:46:a8:48:2a:88:dc:76:9a:76:bf:1f:6a:a5:3d: + 19:8f:eb:38:f3:64:de:c8:2b:0d:0a:28:ff:f7:db: + e2:15:42:d4:22:d0:27:5d:e1:79:fe:18:e7:70:88: + ad:4e:e6:d9:8b:3a:c6:dd:27:51:6e:ff:bc:64:f5: + 33:43:4f + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + 79:B4:59:E6:7B:B6:E5:E4:01:73:80:08:88:C8:1A:58:F6:E9:9B:6E + Signature Algorithm: sha256WithRSAEncryption + 55:1f:58:a9:bc:b2:a8:50:d0:0c:b1:d8:1a:69:20:27:29:08: + ac:61:75:5c:8a:6e:f8:82:e5:69:2f:d5:f6:56:4b:b9:b8:73: + 10:59:d3:21:97:7e:e7:4c:71:fb:b2:d2:60:ad:39:a8:0b:ea: + 17:21:56:85:f1:50:0e:59:eb:ce:e0:59:e9:ba:c9:15:ef:86: + 9d:8f:84:80:f6:e4:e9:91:90:dc:17:9b:62:1b:45:f0:66:95: + d2:7c:6f:c2:ea:3b:ef:1f:cf:cb:d6:ae:27:f1:a9:b0:c8:ae: + fd:7d:7e:9a:fa:22:04:eb:ff:d9:7f:ea:91:2b:22:b1:17:0e: + 8f:f2:8a:34:5b:58:d8:fc:01:c9:54:b9:b8:26:cc:8a:88:33: + 89:4c:2d:84:3c:82:df:ee:96:57:05:ba:2c:bb:f7:c4:b7:c7: + 4e:3b:82:be:31:c8:22:73:73:92:d1:c2:80:a4:39:39:10:33: + 23:82:4c:3c:9f:86:b2:55:98:1d:be:29:86:8c:22:9b:9e:e2: + 6b:3b:57:3a:82:70:4d:dc:09:c7:89:cb:0a:07:4d:6c:e8:5d: + 8e:c9:ef:ce:ab:c7:bb:b5:2b:4e:45:d6:4a:d0:26:cc:e5:72: + ca:08:6a:a5:95:e3:15:a1:f7:a4:ed:c9:2c:5f:a5:fb:ff:ac: + 28:02:2e:be:d7:7b:bb:e3:71:7b:90:16:d3:07:5e:46:53:7c: + 37:07:42:8c:d3:c4:96:9c:d5:99:b5:2a:e0:95:1a:80:48:ae: + 4c:39:07:ce:cc:47:a4:52:95:2b:ba:b8:fb:ad:d2:33:53:7d: + e5:1d:4d:6d:d5:a1:b1:c7:42:6f:e6:40:27:35:5c:a3:28:b7: + 07:8d:e7:8d:33:90:e7:23:9f:fb:50:9c:79:6c:46:d5:b4:15: + b3:96:6e:7e:9b:0c:96:3a:b8:52:2d:3f:d6:5b:e1:fb:08:c2: + 84:fe:24:a8:a3:89:da:ac:6a:e1:18:2a:b1:a8:43:61:5b:d3: + 1f:dc:3b:8d:76:f2:2d:e8:8d:75:df:17:33:6c:3d:53:fb:7b: + cb:41:5f:ff:dc:a2:d0:61:38:e1:96:b8:ac:5d:8b:37:d7:75: + d5:33:c0:99:11:ae:9d:41:c1:72:75:84:be:02:41:42:5f:67: + 24:48:94:d1:9b:27:be:07:3f:b9:b8:4f:81:74:51:e1:7a:b7: + ed:9d:23:e2:be:e0:d5:28:04:13:3c:31:03:9e:dd:7a:6c:8f: + c6:07:18:c6:7f:de:47:8e:3f:28:9e:04:06:cf:a5:54:34:77: + bd:ec:89:9b:e9:17:43:df:5b:db:5f:fe:8e:1e:57:a2:cd:40: + 9d:7e:62:22:da:de:18:27 +-----BEGIN CERTIFICATE----- +MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw +TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh +cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4 +WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu +ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY +MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc +h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+ +0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U +A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW +T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH +B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC +B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv +KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn +OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn +jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw +qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI +rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV +HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq +hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL +ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ +3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK +NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5 +ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur +TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC +jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc +oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq +4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA +mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d +emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc= +-----END CERTIFICATE----- diff --git a/global-config.rsc b/global-config.rsc index 8a42b81..a0835f8 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -92,11 +92,11 @@ :global FwAddrLists { # "allow"={ # { url="https://git.eworm.de/cgit/routeros-scripts/plain/fw-addr-lists.d/allow"; -# cert="E1"; timeout=1w }; +# cert="E5"; timeout=1w }; # }; "block"={ # { url="https://git.eworm.de/cgit/routeros-scripts/plain/fw-addr-lists.d/block"; -# cert="E1" }; +# cert="E5" }; { url="https://feodotracker.abuse.ch/downloads/ipblocklist_recommended.txt"; cert="GlobalSign Atlas R3 DV TLS CA 2022 Q3" }; { url="https://sslbl.abuse.ch/blacklist/sslipblacklist.txt"; @@ -112,7 +112,7 @@ }; # "mikrotik"={ # { url="https://git.eworm.de/cgit/routeros-scripts/plain/fw-addr-lists.d/mikrotik"; -# cert="E1"; timeout=1w }; +# cert="E5"; timeout=1w }; # }; }; :global FwAddrListTimeOut 1d; diff --git a/global-functions.rsc b/global-functions.rsc index 447d6e9..eb700ef 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -999,7 +999,7 @@ :global SymbolForNotification; :global ValidateSyntax; - :if ([ $CertificateAvailable "E1" ] = false) do={ + :if ([ $CertificateAvailable "E5" ] = false) do={ $LogPrint warning $0 ("Downloading certificate failed, trying without."); } From 35f4ec0b1d1d8c26ec9293efe2d9091993d7bf89 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 20 Jun 2024 10:42:36 +0200 Subject: [PATCH 531/908] doc/mod/notification-matrix: drop certificate hint... ... as matrix.org switched to Let's Encrypt with ISRG Root X2. --- doc/mod/notification-matrix.md | 3 --- 1 file changed, 3 deletions(-) diff --git a/doc/mod/notification-matrix.md b/doc/mod/notification-matrix.md index 92383be..18b6607 100644 --- a/doc/mod/notification-matrix.md +++ b/doc/mod/notification-matrix.md @@ -46,9 +46,6 @@ The Matrix server is connected via encrypted https, and certificate verification is applied. So make sure you have the certificate chain for your server in device's certificate store. -> ℹ️ **Info**: The *matrix.org* server uses a Cloudflare certificate. You can -> install that with: `$CertificateAvailable "Cloudflare Inc ECC CA-3"` - ### From other device If you have setup your Matrix *notification account* before just reuse that. From d1693a241b0ec444d7ad469681e4ba81c1b398df Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 20 Jun 2024 09:50:39 +0200 Subject: [PATCH 532/908] certs: E1 / E5 -> ISRG Root X2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In the beginning of Let's Encrypt their root certificate ISRG Root X1 was not widely trusted, at least some older and/or mobile platforms were missing that certificate in their root certificate store. At that time Let's Encrypt was using an alternative chain of trust, where a certificate was cross-signed with DST Root CA X3. To make sure a valid chain of trust is available under all circumstances a set of all certificates had to be supplied: both root vertificates ISRG Root X1 & DST Root CA X3, and an intermediate certificate. This was still true after DST Root CA X3 expired, as it could still be used as a root anchor and was shipped by Let's Encrypt when requested. 🤪 This time is finally over, and we have a clean chain for trust ending in ISRG Root X1 (or ISRG Root X2). Well, actually it is the other way round... Let's Encrypt signs with different tantamount intermediate certificates. There is not only E5, but also E6 - and we can not know beforehand which one is used on renew. So let's jetzt drop the intermediate certificates now, and rely on root certificates only. We are perfectly fine with this these days. Follow-up commits will do the same for *all* certificates. The certificate is downloaded with: curl -d '["ISRG Root X2"]' https://mkcert.org/generate/ | grep -v '^$' > certs/ISRG-Root-X2.pem --- INITIAL-COMMANDS.md | 9 ++- README.d/01-download-certs.avif | Bin 4578 -> 4596 bytes README.d/02-import-certs.avif | Bin 3606 -> 3605 bytes README.d/03-check-certs.avif | Bin 12118 -> 8932 bytes README.md | 20 +++--- certs/E1.pem | 124 -------------------------------- certs/E5.pem | 119 ------------------------------ certs/ISRG-Root-X2.pem | 21 ++++++ global-config.rsc | 6 +- global-functions.rsc | 2 +- 10 files changed, 38 insertions(+), 263 deletions(-) delete mode 100644 certs/E1.pem delete mode 100644 certs/E5.pem create mode 100644 certs/ISRG-Root-X2.pem diff --git a/INITIAL-COMMANDS.md b/INITIAL-COMMANDS.md index 889192d..b3eff35 100644 --- a/INITIAL-COMMANDS.md +++ b/INITIAL-COMMANDS.md @@ -17,13 +17,13 @@ Initial commands Run the complete base installation: { - /tool/fetch "https://git.eworm.de/cgit/routeros-scripts/plain/certs/E5.pem" dst-path="letsencrypt-E5.pem" as-value; + /tool/fetch "https://git.eworm.de/cgit/routeros-scripts/plain/certs/ISRG-Root-X2.pem" dst-path="ISRG-Root-X2.pem" as-value; :delay 1s; - /certificate/import file-name=letsencrypt-E5.pem passphrase=""; - :if ([ :len [ /certificate/find where fingerprint="e788d14b0436b5120bbee3f15c15badf08c1407fe72568a4f16f9151c380e1e3" or fingerprint="69729b8e15a86efc177a57afb7171dfc64add28c2fca8cf1507e34453ccb1470" ] ] != 2) do={ + /certificate/import file-name=ISRG-Root-X2.pem passphrase=""; + :if ([ :len [ /certificate/find where fingerprint="69729b8e15a86efc177a57afb7171dfc64add28c2fca8cf1507e34453ccb1470" ] ] != 1) do={ :error "Something is wrong with your certificates!"; }; - /file/remove [ find where name="letsencrypt-E5.pem" ]; + /file/remove [ find where name="ISRG-Root-X2.pem" ]; :delay 1s; /system/script/set name=("global-config-overlay-" . [ /system/clock/get date ] . "-" . [ /system/clock/get time ]) [ find where name="global-config-overlay" ]; :foreach Script in={ "global-config"; "global-config-overlay"; "global-functions" } do={ @@ -34,7 +34,6 @@ Run the complete base installation: /system/scheduler/remove [ find where name="global-scripts" ]; /system/scheduler/add name="global-scripts" start-time=startup on-event="/system/script { run global-config; run global-functions; }"; :global CertificateNameByCN; - $CertificateNameByCN "E5"; $CertificateNameByCN "ISRG Root X2"; }; diff --git a/README.d/01-download-certs.avif b/README.d/01-download-certs.avif index b543aff2848235791b59fc0805e850a748f17a23..4a074eb59dce96fbf79c0b50dfdf028f7eff9d4f 100644 GIT binary patch delta 2976 zcma);cQ+f30zhL&jas!z?UCAADynu6u{S|g?Y-KXNeQKXs8O?a)m{;snzepy%or_E zvq;StrAFTS0`Hu6&b@!#FL2j{PJ~h;Sit}Qbr*mf005Bv7dQYwyPTFXN>-9#P4=41 z0<%CCNsc52`INB}72_38V^o+*EG|4K(y7UWYuZ!_29NkZz!FzE&tGn?LRGM_EPCrP z5lIyN>v;n=xSqwfJ(;$dV?NwX$R+GD&ck%IFexbWq=Xo*p^Rg+S|trUCg zZvwW!#1>ZFTvyW4d^>JHahATU#s$^Ps8$DWLQd8<^kP0?rk(Sam%9G7(nChZEvCT5 z_8Z4GUhe7nhExsc2Cikx#TYDFtP-K?75?@_&q=*J-&{B!$Hg;s$XiyLXW(Z=CJwzq zSVJY~h zwQM6|b(EhzD(p-rdgl$7k&bezvFi2XIf9`C>wV_;9rZV7&&Ns~v0n3h3%}U}ghL1Q z(|T}#AUbMcvW%NUr438S%vNXftG3Alq=PFM%EHe7Vi>qLVeGY(_OL60y(NC=ok(_? z^jA}M;FvH-ECo(^G|?(S8QK8XGvjR7NK_d4%J(lV4OsPR_R=;iYQ(~;eI!$4(Rs6A zv%bhHjnHXtZ3Yq50JzB!lk2I$tL=UyfPQX^8ZFeF7534<4`C6=69=HdX|5*)YqdU16`~VuExLg)PYtwpxyiFF;$0odx?0e%fb9f{K`E4W+eA#Sgf_zy^7W z4ezo&D*1CGyeBxxA|RA-Gd}!la2M^HTInXe8f~flJO6ky>DusF|3^a5_B?mDEV!{P zAj5zMP#XXk4!+WA3m-3b!*TB-5IKIeQhASInR!p870l)LDXRd_IXQQ(eyfLKDIK3) z3H>#_X!Ao7JGLWk)Cz){O{mXG*4%np3zwfLPfvqO^>WmK<8urd6Jnc$DC4SHZt-IB z#Q$FgjWu2q!Qu{+5>w=?n6{?r zwwZtK(9_A3^)K9?@bf?1JC8*Ml5*zTjO3Coabi}VJ*CRztGwN0*q@s>XQT(Fgq@Zq zVs$`xL7ZU0G;XI>0fsvK>d@+2FD*R><&9o~hq(W>=7QXTP_db+|4%{xBl3~HvjA?< zDv30y`tS=BPs`V2h|}>SMIY*q;gzTv6pM4*n{+P}V?!g#l z)xBK!lDPvmrsyMwy+rQh=yamFE^B4a6V&@}h2V*LDX*{?uS?0ZHQ``)cy zFarUB{JjG;J&fnJM|qDyIU{WLAz2b-SKn@e`XPTfbt@X8{*PZ&@FA*+)KTMHr4Xd} zQa~GLN?MYqnt&kBe{%4>A#~kUm5Mq#cZA6r95y=1jB>k`|G*_LYxKWQw@TJ|o#`j6 zK`7Y;1S%>IaTh#MNSxDfs$(HoAdaFS;S?K83tnA+(0b-5xq8p20TsA1E$P=5Vg?lj z6DmH1Y7MGdU86i3EsvPyLzSNfPne`Rr-^>2svz^j2_qXquoiC+G!0J7J@cO8U5Hx% zN!|0QeWS2XDoSUn9ziMk4}ut7Dvdw*x&HjCAfEZ1mHtb8&Fr1M!WiFCIi}nvMqM;U zF5@C4j*;4%8)4>z~w#E38^f;b-#`lzWll=s$v z`ZTbtuySUem;*ZHeA4K!JLOtmyLRUF@7%lGseokgLa@cURO_mjuxYIRgzhoIGF<2A zLaB7LOKDnuhbkmnhV;dB%AN8u*5xjlSu9~O7YPLO7C`js#&EfKuk(EHU3AmF&HE3i zm9I&EP+^_tQ{Iky3AL_NI-xBa{rUzh)k2lpr^ZaVQ-WjM;{o01FPnWs`(85>GOi7C z3{{A28$Tx@;y>8J(2P>ES`L<*%U336RmARp>tc&)OLqye9|TG~^F_T`l1q=hz_)6#BS62N0;8?bc1z%380XS6BJn zSEMH0U*afulpprM{M)x-Z8bl!^vZ-wuyW%12p+5YK<)Z4%+c9`QQcrOoQ|8; zmGC1g?tC=}dLJSV_wr>Zc}-8!{cfykhqNJQ>VAeJLqR?#Wr@UXv&y+jdVb?{)ZzR`x_e~^)^Gz6t_i>!iXu`% zVR^Q!rY@EieGQ+%B|QI2I=opIi42cZVm}Uy9DRV_|V$QR{dE^=|L)x z3r)K(8l&rvU*OHWCS+`eL>_N5HwSu#DSB30t%>tEF+{nozE`l@eiTrlOCuMNeL!%p zFEqg>DE)a-qAO~jLb=J^%i4=vay1CqG3bA}SO*=nD}H<5ez{LBasLb47AD_&6eeJg zE6ic6^NZwTd&G}tF`3B83K%-}!Au7ltBqzb`l+}$W?(MR+1gqn$;lX~se(6}ynwgE ztTPEHYtmci`#RbxH;k78yEJ(fzhr)1hgixLf`oDxtK+CEcxww9IusHJ|a%j zK81cpN$t(-#{^EE`u4{F1$I5&smij_OuO!neIhLl4&y81;=^z zSK^V+p!uBFoeb0zv`Bh+nu{JFjtPW>7Lnq;1R~RabC3xWt>mrb&^C zJ(aD{{#J0#9>G7S4TT1FaYn2`KIDI;yB!?g^a8@Ks>ylraLJt`w1jnxW>VsYM7n=< zMIs5#-;k?Zs*b9%*dlT;+oTJVQ{rjZjHh=&c=ocR*rCe>QsZ@vkyA1BuCC6zCnhmP z-Vm$77afyXDcw&h)9@B%jK zsgDsFcC9%sjsx^8U>Siybrw#Et~2=+FCPcIKP5YMqHn2xl4Rb=@s_r9`nK_f8?Pqw n=71oUH30O4OYpnF6X1DQU%b`Uy*oc2OFWQRiSG(+DAoKAsA{Q} delta 2958 zcma))_dnDR1HkVPSrI4uQk+r9xU%<%E{-_k&dkop$clW7lyzniI%i9q%#4#0&dL`V z*_5+6<3U#PeE)&x^?F{f_xq>!ukQolMd8#iPF@g*z7IqL0)fE)f&qaT+tQMI!6_M* z;7BmMZW0_$1MFYlI?VQVg$m$$>k~}YxWC;>t&mkQX7sL{e44vLE12j_C5)^AWU&v1 z0{%~B-@VT(ihfRsmI+y@&gw#UV0wI7UM})(z`eh}ZAsB8bBLjoj-%>MK-?s)hgo`scMwFul|`+246j>0 zvh$FsiV>d_$rj@7;lES(}y zbX`?=w%}8Kav>tF&8qYM{w1JIe)M=I8RvPIUnNIeWTyE&e7*iGjqVhg3){%Pksw!h zU9tjj@)Wl-~Nfd63c5x}0m4scZuz9CII$)*|i z_qYEMw*?u;*QL*W1HxL&0wNMKx{*~L>41$j{L#nh)NTJVjo?q~y_D%jpL*a*Xu7eg zz9=hyOLsNZp37v50_tr;<7}XQMZ&Tn#ygEz>Zu%ltq)pM+7qR$3jb-|W$Huo=WAblBTbJ+2PN;H z_0-S=aoW0C`YlY-_ZA6QxHZtdd0OZ z_GMHISCXS|kTwv3#uKr{ENl;k#y?fM`9a^hdP_ZE-D{pltfuoUQFth7719YtVojs& z6M1I{-*AFz!Bn;LD)a(m|J+#tZSLDK^w`cX{n)8dNl}eQY?LcY&uz=e)AoF8^|aO7 zlk_F$(SmhM+x(DoJE#gt8!6wI8ulZsIoQq1CE1u>q8`=Fq{6S~PrhH6v3%K@cB4`t zLyOT7ptcGHu02C!*RM&g#QMDFaSmc@EsUwZQzQ8IZ7xIdr>!j?FZFNNrkGwm-sa&l zH*OwMw;CGzA;70zCXMy0(4oy`_Mkz?_|nw0)AA1OU76cdj>&t#&VrWD@`Xy~_|6sF@JGtR1U&0W!y3MOmr_M1Is@dLB|_ zW!SYD8V{Z$_8T_?45O2#dY16d%^3xTZEjqEwn_^7ldNESkG#!+EG9W8yE(;f`5hA+ z`mp$OYJUmgU8^1HD?$w3jr$o_D$_$0b=>PO!oPq zN4R0=7}cu5A-v38G#c(mc>IQbAVT(y)g^b;kH%aj{>_#0zYdhAIv~W^F$gb~n_%}~ zfS#3B>_KtoR0L|3Nv>6lZUEkaI{=uIK7anGDO+zYK`{WU%~eO4ckNp4XW4|I{f|P~CLIVduXW z8+_;V=zya{L{hKJ>>Qd}J0vPRFyB2Q^H7&2G-I0>L<5J~Tv`?314U+|iSl0hcw_x>?tlJ9=i9VZJ73;ddNB}ytMxL&lpDQUd1@4zy4tC8WOqT@JdiSXS;V$;KR zNjf|fJj0_h*PGJ=o)CTPrM-HZoW~BtJt_yvn~A(>`_`~u?8h8crx%f?s$0LG#F6SH z-o5iHYEkl!AKv$t4odOYrPmgPTsy3p#Q)59smW$SN+#SddFt)@^oOsynTM9UC1NS|6D8 zi%!TtNKLK$hmvd|5un5`Du%PhOkX2D?@ZAC!?!^FM&N%kMKt3=EY_d>kkF2Jd)Z8n zRX@6(8UqLD1|6-sxpe#E6-tib!8?4;14gP=SEI|Og4whn#g}%IJ%Fr0ByIj=2gXw3 zb@#f`#jwFy3+Xl1_#$qCexZhR1bj#zVHS%@oC@(BIKVfSxzk0~gw+w2gGcV275`$( zvbZ2IWTj5hNSP$NZC55dyS0oKFCo=F1Vj#|M{?z=0-piPFa`WckAGP2te?XU7+1z zxDxa{PKV=UII6M+ZF`)DDL>UUJV)kbsn{r-*)!znl|oWQ_);|AC)?lFf-Ly^GDyZ& z>Iz|Ag9di0SQxtf^xtkUh4)@LOTgqHS!$hH__D=X`NL#{-y+Uj5tXg)WZ!b3#E>gm zu&8{4($q1DjRNkAM8}3rAhU;lmQ5CaXl;5jn?3xb-AQD+?jd<3l15lJiMhq4X3I{I zcI#Le+uJbg#lhCaz$=2j)Bh{N1y=FPprpzt%8XWxb#$GctHCFopF}6#`-BkBc5C}9 zbaAG2wp9Dap|QV7uk$Yt7#}pw3u8_LUvsp&L8Zw@VbOMk@&;$0uogSs0cyG>;6ZW=`;yY1w;?VVr z#f&y2ciPkZ6Ioyf)A}&*>)iII1?76#@%Cd;RMWZC*t)LDv(4J8b*OiVn2l48#d2EK zWlp^|q;`~m2PdbO8)lo|NqiaJKjs@2^G89W^r@cL&4Pf$mTWC4L)cD>z~3~2lTZSZ zW-xzHO?Yjw=-?AgKReH-d7y#{ z4VsL0R5QtLy1{-ebrpUyMoBbM<=ZA`1`GF)F1*(DL3_Ju$a?LoP@4kPOK5FL5;5Wr@3X@y%9#G?3v8Y5c8cj>lQuf zh{=xYCl#GWSMQ}A>=nicJW7FQj{aC6i5e)Ve4ojE}vyApEJv0gE37G74H<&d-QVsE04}S(pz-Woa5! zyQ)mX)#Pt0vD0NcEu@@Qna`eP-aLX$Hzv}QXJRJ~NCGW|Gz9R|YS1w?qfA;Tg)I|K zwEHfAyp$fNN{3SjG3WX9kD_+nU3nG?ROi{#m-SW`rqr~bORQrgQ zbZex3`X(Rtsm&^UiWF5`8}l0;pPiU0qfFb&SN2abaU4#j^;IwIx`i* zUa3OoU@I$L7bfNz$5=<*`-v1*m`8Uw>p8=@7#H@!Kl&cV=CTnD!qB+UML4DyLUH5_4H_3Dw{$(h1 z!eZ^t^D$c;(ueo*qKNWxFidy5y2rXyj8WVk9`;LE{R8KU!7NUWzqM4}EvV)D))=12 zJ^)H~DDJ-HYZXWlTrSx-n^DR0&n0Q-y&>+N@!{}dR2GEqrUl-2opD1OZVt#f2_3T> zGx1XdK$D#19s|X@(tiu|^BNH4v+IuA_EwDq6>?(Fl-*8J99FJ>*t2QS$-2S3C0-V? zHv(H*isi{TD$?dF>xPwVF<<6BzvDga<^%?5DyOpzpHQT%5rtIApL9|@#Xvz0wQKI5 zfdvIng?bGav9EpegC1J0m6RU7hic1GB~UI2+GpDQ?49yS&rW1%VZBiJ&3zy#JoLK! zAiBbG3Drr0j~jQHeXQ%&?>#~(9T=`OI7?EWme4MVwq+kcBLHI3UtoUwH?#`sn!pKB z-k-e{$gtiHKgZ~gSJZhLHho;93FqJEheD~xCOLreLG-(v)#1{Eoi5H(R�R1WN5% zg-tJ%wPX*GuD@b+3_&3F=D-hV{b&G`{ZV;95^SikZitbU?F~VVRM&x1gelrAyjUKY zn_F8i(`<8UlU`Ix zCa~VK8~U70|EGhk9s!M@h{J?Cg2nm;3=3vgnzn0f9b?QJ4&LNcKGyRnJ3(lEmJpy_ zUTmiPV#jYTnhi^)?6Hxp44pJu$GJM4;v(y$B2}9e&yBFFYodEaJsnPBLWGY v6AxLT2LpoCn6B^KE^+4-CCMJ+U$KG$VAX*k6%!x5arK#GJ@R8$|JKfbcmJgf delta 1460 zcma*c|3A|S0LSr)YHb_>7oup<^(wsn7WgBg}wPIho;=Wl3P z2i*F_t9Y)+-un#}dM(zgKJ^TuD3M!n`Y{R-F?qn_k3aWoc^aVhqv&7-O+?6a5xt8; z9^8~Qmu@BPgT2)tmceCaC2eVyE69y1u(maJg$dV{l6kj}5a+jm=S)ySZ z)PFPQCTvg;GG&5(5H{Eo-Ua!wlS!y@m*=>D> zRkV^S{3Ug-J)hjtwqQrM8Eq=o^cp2DqSo9Vrc`PpSL9G`iu!33b_E0@2Ao$dn}gz<7Iq5P~d$jWWU^fhXs(_s`aJ`%5(7L?PUF7x24l9yzY6a=|1RXuzG6+hN8lo+wRj z2E);N5{(=?#A{tC!!TXarbx}^))Lr>SZv#xC>~To4rTU(06A#&r3mdqz)=KAWw?Ui zdX;gWwU`dh;6h}nP+#@LZkpW<%t<{D5-FAHlM_D=%=j%6w*Fy7jEvmE#FP*2TQ~H6 zst>sfVhYP$tEWdaTL~RUoBtox|B8x- zFBl3ldjq$g1rFJEv(0>^(&Q+H@O1FeWSg@t>iG#2fPN8PXPnFvk~^eV&gy)OO9HwZ zQUXvV_qe5W%kp&9&)k56J{qQ4HUkR(KoLBI#nm}c8n|cdo0TN13bhNcJ0eV)`6E;S z71t6oz*4>zAR9}I+%TThxN*uV}rv=-V;J` z`qUAS+WW?09`ywUiI7Ph^x>B<*G%1le(Q-TNVg1Nu;ALTOz3_Pv6x+$XzlQNKDq3e z?Xb&Nq=1X21wxVLKFQ}u6-#l-Lg?TORhm2+5LjH%uB*?I0g)-W33}e2__8P;Hdua2 zUo2LkReU+9XaB^Uaml*TlY`9nheKbgeM^%*VfM?`ou$Z}fZDk8SmvKuHma#UC8kkr zp(~Y3v{|cSq~)0wMyQ9BeDj>AQ#~ML+o11+Yq`gRSWH7-jm5;5|^Xs?wv)JXHotpBwBnbbTxnJ2uOizp0VhE$6M#{MC()R2qC@F z4UnLb3*y*bC#rx&ciq9aJux295$MsHZ+b5hVo4-Cwo$$5kqfam@9M$qOW1bYzxvXq AY5)KL diff --git a/README.d/03-check-certs.avif b/README.d/03-check-certs.avif index f24c6b567a0696bfd30899f66157ec7c23248212..46b7220f1df02c8379e95113aeb13bf91859de0f 100644 GIT binary patch delta 7712 zcmV+*9^c{CUgSlPdK41z000m300IC2009610b2k75tfmTegTw|4FMSeAd@EnE&?Hu zlUD&a0WXt~0Y?H15tG>gumLZ#iUQC9f97bDJibM~1Zul~)gjAmILjQr&CVESrAI7U zf0s5i8?`|v-N($QzkK5#hHF;UEre?XzAB7K<;D?}VhDgKPzfh2K#d1ujCbOZuB;vb zGi!5}BpFxEhd=7P%&*In^I>s;&1$C+&7A$KzQuMyq3{0c0a4@=?8!0e&L+2qc~|PtC{A>0MRiI&}AseRJZ&HNi!W zCK5zSsp=aZhmt_)>r_)n(q@BCihmPZMT0DX3de+$;0?iY0Ky?8lb(YW%^1l^x3Sk4 zNlmx6t1yx{zqWM+I%BGW*tW+pe=gzbdgG2eo-xHvkU{pVVFrV6#7Q3i05w|;$rT=oxwd%xP8uk-HpZF| zRE7CSJqFT9zzv=&qB2QpV^)nxO}M>1U+7`m#GX_HX#tb>L7kN{-+zuze^bZ59QLML z!DqHyXqQbPSvHnKwO3)sR^*OPY~W)RrYyAi?x0Ig5v{sLR5MN?!j(e905HfNV=o!x z9ODBvXSUOAgB9^AJ*ipDu|#2Jb_m2A@%Qkf7(H-LO0IaBJT+}>*1l}#u41*@H`zCk!`V*MzWIWgSnUG$o2mK_19+&rjd3gd(RRTVGv-= zaSltcLU5oSm_L^uwM8_231%$5Bt?zlk(qa?DImZ+0$X{ zL)p~b?`?kE%WOK#Wcgrv{SQj5>|G!=y@^$79gti>KH@B+$d+Xnx49n|^3_wiNVj z+=0M39P!(l;FT#UHyu}-XD=m6bCaa>^K7vmxuF>X4+@88U4V;Nh*N^O`tBLYJ-T#icORFjYz_rM$wJU=a5@J zFaQD@2a}$_VwrWS4H;~q(KV^vCXCA4o;DCM##D@BqK+~#iqSc(WosK#Q*EhR$g8Za zj21uW-Ws~JRg{wVaY#Cj6t>_-20px=D@(*t%`8XzE5pXsf0j?)1ht8oM!<3MWRJWU zpq{f(-55l8)xdSnjFPuZL12WSJPdV~4Z!KY0we9ac<5Ltloie-0gz#MKlDljuk zKaF*(i@SN6e{>Psx;%F3pSxX*7z}mBR35&yNcf9ZH-hZmH=ZLAhuXX-VBi6aaKIY4 zO~Yd0RmW?6#ffc2gwi$klR7=jW$j~S+kiJI%Kb;zjQi8%x3o#)14O&ow{wiKBo)ZU z53UVRxz{xt%b0F%E=$b_AsnKD0VI*rk&=HiNcz^Je*m+waaN~NbsXaN^K0-%u8D1@&pcL_S~bk~Pb89T3|BF21OQ7Y7{d}s=Ofddi7os( z=;q(TTB8C(E5{>9pb)GERfx{hpTvDDj5>wcm`rA4AdRBV2i#>UN8$+|jcMurE!Fhp zDHQ1Oe-%~o~eqr+;clTf!Qr*i2t41((cM z$mco6F`vZLlUiu4V7^a;^)Iy*WF#|zymcja5~Gof{AMo>zw z@cay8IUQ=8dfufCqguyw!WJ${;Br`DxyE@Ef4!AQyZl%xHEx~u^Jc!88^@~2YjLI_ z!w6!xm1870l?wn{8@N^-d*h+5qgJy^%PY7od@B{al3S^YOk1H`V=a)}51D#;_2gHc zHmiL1%X-%gXGuK8Yzzj@atBVn)o}Q$TQUhg-ur`ZA1dQ_JmVPe`VT>lh$fYp+}-ti zf1RK9HM6djZ+YPhgD2U%vd}Uhk<|uSnOqN3^I)9&bDeKsr^H6^cxA_m;7%Dg}uK(0YN#em@~d{wmg_m(7y*e1VmNJV;0* zI3pvrPv=%6Q(DsXJx|WOvC)mLpBjS8f8<9C0tZr{=bqT>kU2ebZ?s)S;#-u`u47a3 z5#()SwG(q~9OEZB#yRU!H;sHm`}b;Z^ZoDLr#$D=*P5#@i8XoTk>UxB49o5$Kei#H* z&nkJq{{UfsAyi4(#cim*qVnA6cK4R^%9sr{V~nCcP~}hey)X$K$fxTXbk`6_EW8*X zjSB{lv?{@{RHzs^!6O{x;CDH!e_s;nVmsRyd_Ajb(n0oAX%*&|D>uv=0OO2frxml| zeMdyP&?bKnYx>&XiEybLv$E~V^YY|ma(@Bzpbl-UbwszZ@cj0wvc357_sj?^;XqOW z;B%b+0JLkn@P~u^RpIS!9Yu7z2~zD*MX9{>EV0&p$E4eZxwDJRX>SY13dYhQ zWlt;+#Kh<70p#&sT>6f$e|0=_J=Ns1KuB3Pv1BBYdFzwUindkWyS=rsQT z?OB^dj#krxua@L7f6vM{ADCyZN8vyjG*h-d(A!%Ka1J`t&Aj1D7-R}MlBWWIBBG=) zOsTxY;cyO0oM88$K`GgYpXd9(DfzyX0UZ@D+2_W5nKAz9`qNBODuywzQ_zvYpaxM+ zXrw?(BQ6dOMmhASi+S5PhC_}H6wm}zRDubanM6)XoG=P_e?IipjoJ1pF@NrX%>Xuv zdc`A>7B*ryI2px1?6)8D?=Pp^Gyx41@eHh?mNy{uAx|{FXP74c047bi-JPcx^`Hpo zrvzphRVR=*9nV2eTWQ!5u*h-2!kPezic$z95J4S5q@V(dD4+t0D4-7RPxwe@)+{w) z9f*=USk*QMe^l7%ykvDJ5_66-^fcWqd_kdD-C0L(VJvMX=ktp(Vn7{;1ZN$4^H@UT z!-Pay((E$F7zNCAIJb{G^ePKku(k*V?s8HrMn20Dy2* zsa;K|-rwQXSC9ol_`)xDn2y6w5QXV9_Z8RtDuPB3WA zE|_4oSYVN5S)He52Mrksv;n)Z59!o%T+wpoY3y}H%blmUr|NW;y2h~vv8h_D8fbYZ zK{3OGf8XYCHzCVqj(%cJ0UQj2Pfh;RlU{vp*ji0HZSKJwY;Vu_ zf6&#uLbFQg7M`J4`H8vq?soGIa^LQbxWEI~JRKFCMBBU_m*4(IHI$_*({^8f`5uE0 zi2Ol$t6N1Ko{}ZFhkBi_wWCBWgY#zq07v_vdWzK+zBDjI;?GJzUwk8Tf1{9!zbMWC z8wX7CPhxAzXsB_i(qD)C6FEY!NiVzpe+k{$Ynr{q@>s_9Lg!%yHWL+)BrLgR-IMa} z_9qAF(p=m4zFqGk=vyI)*hCDVVTy7GY-||m!!YlG zeH6rXY2)oeI2skO)Akt_PEpUyq>z6909=xD*F5#+ofpJCUKR#BdleaSL{vm@LmaRp zcTDr^o~M(ZN{RrQ^5ySuXS2{R=FFiS#nf)c>#@9|TWEC9GNUbD?AN>~1*I)5R79VNm|QlXu5aY@gmjYE&@GT7-`P5|TVuyNXwk-fmEOnm7ZmH_A?R9<)_! z>?G;}sC&aulYiMbJu8*Opcat&2wD~m*508by&6nj11HF6LYht|LED;rG*tBmTitb| z48{Yq{VxUpm9OSRsMv(O5oJ$fhAB^$m30=3PoeF6({-Q;IJ5CSiFfh1uy(9E=W1}3 zJQpm+S!OJmeZSmkp3gI48>Z^iaWW)(Il01n@BH*nmw&^rAL-4LcQl`Bo+EuJ>~`5W zF+7bqIAb6~ql9oXlVPl7FTwx(h}~Z5lS)~qo_0|%;XlhM1^;;b+VOJLxB6zYv)1J9 z^*kS(R4U(@y4&vpuX3csa7mtu=bBx$Ym|yRMsvjtx8>NKU_GzHW#7EL8S?oWa@+=k z!{^FcD1RD_^q7YL!7IvUqHcgMC@5&XRG6{-j9Tv26*l_08xVpAZ6CwcY6DuZB?Xa^ z5fe`Y1;FG_*)}o9Sz5blkuTb=^f2Ku#$Ffw9m-)+ajRz;=hVq<+=|`Mij!&nd9P#u z9e+s5iODlExEV|9C&slRTu5`=;Aj&tuJiP%d@k@7m<6fdblL#^=StvRN_IM%qezL^ z4@yVa{Scl8fk@VZv+JOqbAtq-&A;p7)QUqHf16(uktcJFi?d+r^%eR8$g_IgEurcRBk>k7GVclzk zS{lw=ow?S{hQ*yh>`ML{w=DF{5@E_Mysu7!UR-*6Rp>S|p2hX%r=8Jr1g}h*w|`-- z3~ZccI4O;GobFcVQ^yH}PyY~JTu>HAI|fD^zqT%n$BgWTJo&Qj;!uTfpVQSYl+C`+ zo+>rpRwO&=*Ex()w@x5V5WNnCa!S9aGw8}A=Ejd`1q1G(YNB~ujnyA&z@Sr~KBkHX zY^FDZ&w(#!hoS%$GMpFh3Bh7eB!A4M&dZa~#{MglUS;#O1CE^@CL1Fb+kbE_qqz)& zEaiUZ17n)TdDW3?xh&L+tuL&aAnX|0>mqB-#TS7*zirJpF45}D8}r8t)>^$ynKb4YQ%_&S7LkE;n5kE zUD&{kEb0Hu9?=iJ*H}<>Tz}TPMD$yaJU$+W_|!i(OO8xTjUP`VCnC53Sa>_GCuEna zc0W#Q^2UJ7F6SoyI?g^QiDn57aJSs;kAdh6T>FM(@qe!)zEcmZnZYe$OM|PRa+yAE zpA&soVGOStCo`={ig5a=pH`Gig>Qz&W0)L9Z=qn|WNa}(XTeqykAF>0Pe(iPRu&Mp zI0!A@tP1rwVw&fEN5{n@w=5`8yo@>Z9NyykbM89R*?!p+8^|=096L3heGTjfZiaq( z3C*-{Ya$u0-zus*uQ=U|YU%#KDqRB6Y+z&NlJ9QMP*|$Mgza%|cuu&)^b^yhL0a|M zI+sV7Vx@+=rhSB*^${F%YTNCRpA%}wnT-WCAKkQ_|f|r zN)w~p65k@p&QUzLJ(b4MFOv?JGcz&)kr%LP?p!e?Y{j94gMT+fHg@mb>x4yH?IhIa zlW_=wN`;nB>PA0Y_95UGzt<44(ojjnY!4=yx{zsq>BJuv=|pzz2R#pFR16X{;}9D9 z`1qUw8YX$kEPSK8ddCLDE7HAm+z#>HBrg}NfmC770_(6Kl1TDgcqgP}h)uJq7oJ_3 zsua|#WK?mVzkf(h+sgImh_Vm;Qvi{=X(|yur)_J0#=o*f`P0+RtvqQ=twnEhBJi_{ z{XnZuAgSg!4e?S#K#&Fu0|x~ec<)52CvZL0UGU^ zb?&ZwH_Cg1k%T~p)!Z@9aq)t7<5@qDU>q#)dU=LdD1VM&sSgC}Z-U?|@KFJRiqq+A zn{P-YtsoPTDE20EZ|6={iDI)K6df%DD4jD!~I(d)*4>be(v|B z@xSIcPwXs)Af0k< z_b&$s@vmlsJ~Q8^;DU8aswg9O7KyG4`P)n=$?6vL9(Qc3n9cBRE&()gCp?TMTE%~W zd}a(&r6M*1$qp;;8-rO#7Zry3V+&0&=zlqI^CFpIw4c#Gjlz&yYg`a{x}P4aD0aqaR9#*eo&TU?M|bjum2uGLBY)7` z7J{gYmaj-#7LayT1xL;1vv|^Rf>O(gbq21CAn7M3(|mOx^><`q8f`s4@FqwJv6ZShgv_4M2S6VDIdk4=$V+Pfn{8}=+t zvJSEq_|9WZ!4<+KbS7Zt&KS@S&YB3ubxjUiI@=Tsm81T4r~ps1G=EFw-G495sFTWp zxzukmSlEJ~!i$K4ZqXYQLL|6LeyVx>0nt9_| zTtRnE6x9SOhUs}4zlD``ZTc%g{OLun*VcXeK1MGGa= zYarvUwmSKy#)k>Nd>f{7kg^kpe$o&BTG zo0Zg*BPeaR5DqlZ(UxSgY)m1Nevh4r#YxW3l`~0nL*pD1Zuo zm&ZPFh0NQT;?>Zv1k-$J5)fma=QY;a{{aUe3JlrPxWfZLW_GL;iAvy|Sw`BY@u55G zO)z{pC>R>$8h^hxBRZs<0^(!?AyrVF6dzH$din+Oo&_aaf~ZIS zPi>skqZ`ZU=k}K$L4@I1M;|*S7Ckg$A)R&!;JbHhQ{WbCS{>+w?X8>I5D$BVTz5@x a&VeHE+7Y9`eJGj|@?~PMWFSj}fDV{(%j#DE delta 10923 zcmV;cDpb|vMb=)BdK4IS000)@00IC2009610b2k77aEa{egVXj4FMSeA(JNoE&?tC zlUD&a0X~zE0Y?Im7L(ZlumL`^iUQC9f4@VSP(M%NQ^&q>kHaRc2|-(Jn*4FZA%k+08!waXqoqL z_)IX!?e*t5=sH(KQsw^uhCF)mm$rKTGW`{U#Bf_Lh)918&1n~sxrQJ)Z&9%Af5s~| zSddw109Xah^rLx120{C;-H=Xr$v-#u_~Ny7$zp#JZ?^F%pZy#GaUfOzXYS-+b?2pJ zO3@2FC4SnZt?Z?vQxFI-79RtFo=40``74GG_mBPw=u>any?;OWZ@6SJ#C1JIf3jo> zH)7oKVO;y1mgqkdj8wiv9(AaR9=U81I{yGFbTU95f7rIBR!y;w zm7@xuBlpK{nEwE4y-B+XbH7}PfoTraNXMGR4=0|4@z1Yntv{<6HzeM_`cYcqJ3yz) z(e5LMf6N~{!N9;A=N(Dy$f`0VLVG}Lq*%=3= z0}2Tv)SM6a4QDH>v@@IHe-X-{DO4anIx$n%w_1wU?(S8(X4Qld z#OeVmr+!0Y^jd6ifi<=H)^{{=M(SG`LP$Ny0FS0PuOVI&YHx2>fBygg;iXg9PEn}! z+pGN732FT+X$^5!jP|-Cejjz*4m964Y0|0=L zAV4#;az=U1G0k7M)~}Mv(N|vb(g^b$J7XmrsT^nW=hv?_V@7v6e7;|dA+`o`#wlW4 zmcsnNvGoI|_i{NHf3BERihyTa>=3GubNCry*B*dE^-e+hF(t` zpF>i%jx?<@88uBMlW{xQ=1^N1I0JT6;~ZdgtDYp1Sp11cis029CoVjw&=lZhhdlk& z`FrtJFRZL}`^2?x6DdgUq_>7kg-2#lfEz138g z%*rg9JVmFnyy`yAe9}&GK_q9_ACav~2k`7BQEomCsMe`ox6xh9-v%A2>VI4VWLe5t#1f7Vz03s;GxUce>MJTa(&xRB+Y z)B&HaduFXgCBo_U@J->HhPf8$`<(PaH?(#HK=8IN!-oTb3gO)b#!#)|05|?YEu(0LX6< zI!Q%sf4;om#bvvCAzqa#!;puh)XGjc9Z+XTxGh2R^SifA6j+3pxVu}OMl||Ac8`kax%t_!^~yl z2js%2J^K1pduc6J-#_v#;^%#BZn``EM<-?Bf9*?A-S#+AQn=m($O>c=gOV}ApURzo z;hkelvp08ko?HR8Z}U;P>Ch5t{)cicbs=j8vMo))FD=umm5r5HfI-M&az;aA=I>oI zwv(#p<{R%7Oy)@g%M;HZB!z6`pgaON>{D-HT~T*OY?8i*6?x%}a>93peJauv;v6;%;N}g6E;~ZcB7%_wmKxU!>vbmdaSz=Hc$vS$lJ-|BYA;n%zjIuo6Km!K1c_50OPRljB`t^+-df4I$8L)Q@WXfIQvtwk+rd$ zE;2|_jPakwfH#wTx}2ih!}>?te@n|2`0fLdC(0Y7eSUGDqjcn(5?$)%+sT_kv$#Wa z=15xTv@Ai$rwXpjRuXrvc+%92?NlW>SBYePc4p(PGl53#w zxQVY>^~;@K%940QQZTqyk}Iu#X>(NGf0Z>nOtIPeKw$tlM-)BE)XpGL=!!Y0$0~`*A9G|5Cbk^4z z+WnHt`zj&~k)i~=05Y;Me>{~e237gUBZVC~exZHjX*XAQdM=vwa!#z^+_PRAvhIULIKN1aLqw~%lA|uWK#v@)qC)fcEX*)jiCni+*S3GNK2~2D5&`@^S5Nl6tBs_* z#_fF$zHb`a+%%?b97wWfD)RyW-mCx{F@d-7&pE5MzY*iKL`2aeWk~$648wtpc0f4o z>0BKY#C5OZ8wn*Yf8HFl*vzi+hET4-TxEvNd3^o?vUTls^{b_kVrzK91u=;?0&-4I z1J@sbtcoZC_3iw3GRDwZ!)~e0)lhPM`04Fie<6tsjDtBC#sMUb{9>VB z7TK-M+b@Ug*4}8VIFU`+9^u==2Qu@6=>9Zw;rQ7jl#;L9?^xkE)lvZRa zpec>Y6aWBV0q8sA`{Rn+e;=@o)*UeubD0KaCu?mWV}ZascYu^~*WaU3|!F({xQr-p^=lvfD7* zkG<18WFGaDnq~Z!>2Q`eEd%FdixU-Yalyt9JWvJX@dLrD$En)cTS0K5O~7wtV&R8I zV}Ju-4{rS{cS-o2t?2fV+e2-q$r{4Yf1frcCBqgZoG|C+JuoYjeKP(zVu|doR!KoI zp^1TTG7bhg#t-F9y0E;lDlaW3w=efZ(Ui~AB7i-T+f(s2p?5BsX>+4n%p{GTWQG1& zC54DQxfucx!5wgMTT?HLVz|F|pGFL1W_SBEyM9+r2hYY!WO0+p>TArbpwc6Ff46vB zRhr!F494A=nYNwS`LW3{g!g|aq1AOgh+hZF@1pN3IBz{x@r>y)r z)b-tS?J{c?5=$`HObEqS%LNGPNWqNf-#&*NXNdeL{u{Nml56N^dxAh%fgoX3i4D+? zook{Icx+0j-VoM=-(}h52pc>9e*nG9bJTNz*P)^h_(rAj2mB&hxgpnj#cW$3V=I#U z=LgW@fIRMs?o56ka#|k`YQi-D5^YOk=U?{w;fFcok9xXKg(qMa!dk#09FUgmc_657 zzteZ>J*WfDXs+%nKMutup&lC7obTA;NJ;ZBIRI|t;8^Ze2#>~u_v?aFT2;{%9&$D*z3s~q;+espL zXIyFHR}bb}IE*$i&(D#Aj{Il2!JrNniu54<7?R!KJ`~kO%NBo<1HuNu$IqM$kH@`3 zr`zap+!-eDwy|*mfs}2we{Yq8vEBF1cq$L3-+BPx=&tGE(wgZYlfpWhLe9H(z~Wb3 zvJwZ)j=os;3dh=o8YED8S6&#@qmv8seU$FT&`HT)I_DgH(VqMOaI{yUUE6qR+GxMw z7uVt7vf|$kmV7GxIgdv9E|$o z6anY-SE5><3?YIkd?~BTA|Vn1Y;wm3oNw)e`5(fk*)$0}z@8e`ik3%Bur_ePunFJL zBRtW)K=Gue-hd~SS_xbbElw*a}C5sHZ9Ih(oP5C+OcQ=qKYU0qKYU3rMuJD zQ8toXYqo3>-V`6|(4v$Lw+eaMSg$xd8Xr$7aV*1Lv1wK>v#V}gGHelJ{`ol0I&;>m ze{E^lh_;Clc;ksPy+9>UDL4zx;tL$-lkG_Q#+Ke-8Wc*de{u(#_j+_YeLu#vT$b1M zIBGmcJLSEhjC(1En?EX1CC#~(2tbn}YL)OFoH`%(KuS{=Qt8vroGz+~sHcH^fVJDzH! z+Ksf3S;m$Le;YwN%I-FkBDTya`FahkdC2+C7~;93&CKt&$mx$iJHFo|Yx`?cpITur zh>=CSf++4{MOAQQI5_!optCkkcJ}L4ZUbxbB)7V~sbHB{{V!FCL4C) zBTcD+$2c8`=dOL$m3%|2+s86Ru39QNQp%9T0on!#8+gXijCu;>Xsc6&wU6S?m`)Lm zr5nEIRX>Y0>2787b(o|v!gjENEI0c-G2Ht1^{Fjh;1O_laGA< z70A(0f0|NltvdpoFMeGPqJI$UGhRerS%KZl0_G^ff%2Ys?|?bxf1pB0Qc#=@pLtaM7mrHwiYgo?_Lty@ zl{${rpWu$N%Tl=1B$CEmYCC<(?$XT^A~yLp?axt_0dby#rEPt?Q@CiN{{V!>z+y!t zw07tai55jU&mcD^9)u0TyylA0D;u|VdO*6=(k0pBeJ~ty-SldOA2mt>8QxBjY zkft|`wf06+s2!}kND(0IjE|Rtj{SHZm4!tBUe$Gr{ciW|nvKDpeW7=i3&+p^JDQ_K z6aZ006aZ006aoL)5&#MbIA!uYHV_cdX)@6*lK~U(e^<1rl&7B0Dgn&L+djg3gCJV} zd+7W-sA%q^Qqm@T5Q1iFbf!$h5!j2=ic?J==z0bU0>;GQ=9alBokOwe=avkBdv54V z!CP^@d$(x0)(S^!&@oFct3dshjp64>#QvHz4o|#qw(bH+lbFLChG{QjVETj8xI;Q- z5r-gAf3W_L35IJoel8#uP#3AtW%pK8nvLVia{9SuIo#1Z$@>Eg)h%F{9%|F1hpNhm znW+I7nWu;?NjW)4lyO3M*O% z_~_EO?N7$l)pGi!C>uNxzZxw$5Ra_^7QebGe^FPY0s0>K#;13kpUDxsG2M-($8-o+-T4+m9_2s)E4XD*xAuAGUpwmzF_sx|5R?pXQ`A9BF9UDe;Wn}=Ji+4B{2c=1t5deP-*0K+>Gh`YOw2z zJwW(FZtLU2fN)`{G&)cLIY^_^?e7=rbc2#aAO_!b5IuPrEGY@dp>VpJzWtL_rQ-Bm z#l3%ki8}mA9&GSn2KVX#fhO^8!Q|!3^B10-(-ka?+h91P{8GkXfMTLy?(K^%f7fOQ ziyn|`7KBwpso)`bNOOEljg3XjB_Z?Uu^w#7A;v@7AVKNBToT=eG+~`!XAnZr$-j{6j_}1oOD{*2irP zFuI#y#SyzO6B_eWpp@ctg=@yUfAP}5yy(W351pC*{gF?{ohK(m(fl;F)v_HMU(OXs z1Ptbn*I8SjaT$N)+s@l};T(s1YA}Mj2Sy!<40UNX=DXS?9f*_EdzO{meyaq1SQ;7g zhn2Klt&03ON~Q9M9Nx<@Ue}J1i`Gcn{iGpjG{*)34slbD_Gy*QPKDKS879(AS>p%(f}gZzNZ)3ndPb zOALy=!R3p``;9WQpE#g#S{DEutOmI#hL1UTCAU5YRpaQWFhA>l3k~&?FBXOHjb)}; zTouCROxCsTlzTQE(T-7ffBliyE^e(-0V1zuZFa2zzi7!2i%lf~>O}rpHD}0!xuFgf znNl%EecGM|cBdL{?9^5*{-1-vJ6G$1qfA_V=O(DD#IVJrocTFgT0*?UNt#3403crR|5e@Vm0fmZ%kWL=wM zEGw7M8y!AYj##oOrxuA#+#6%DzKRtVzPF+I4jvi@txF3}cPQVUL{!v-sDHz^WFM{X7;DkwzskX{Rg+DNkmIH?|Hl2!==3!%) zx#Jl>98i|A=G*3&e@V{R_U0xkN`srlrb6g%5H#_00z@4H>V{J^b6%uz-?t&O{=Yvk z#nZF5QKjfWIVg~y?tv2KTSkv%geQC z#BDKfjE`l_vQ6_!<3h22Og-<0OhvDFy47e|j^K!x&i?HYoQz^*Nq(K@# z5Rtg#iME;Ohk(rXUGZ8?PP)9rxvLFQVVwG|3h=x9e~oCCg0;WPdI5x)92K`OTlG45 zd(SZMRUXK7+|MWfP<`vEXcK7KQEP@KK1Soy!$I&g~JYn6S1XxJzm>Z2@k_I^9f7%xdZ zn#W((cLZW4ILrDOcVi2jlN!xvCsete%w(-Ef0Z`II`S|QUNq<3p-J>)h{e?=4E!pv z7O6sTE_ob#81zyjbs{G!Zy|H$tS`%y_X-$0dKI?&K3XDlCA`aBmp7?Z^>p4LkH}`p zBPsTA%Xxrsgip1m4try*xI)&)ROW}j|EuBada;cMpreQHo~`59$!?j=q_-jd2I#0= ze;8S)QUSxiB$_aJV0c7^L{P01r3)(f2OlzTL={bpEE6khBo2#(A_VR`Ci(c6 zTAOszxFgrOr^c517c9^N!n6fsk(KRm+f028CCY69hr4bvyYRDW1T!nbN8cE$e>RyJ zjk!hGSFVtdMUs1>9I=igXKP|+)Zy#zFTn)&NZTNqweM~%stu64;MfmhZ}xX1?F);v z-t+;gyqgT|He()fE1@OYZir0n@R6NAFTl};3fxFgG|H-;P0 zq>qoEP1T3f9@2Q*mO!lw8N}nfS#pfUjo(Hkz>{(9SIl%8e@<}1dIB4~2`(;V_#}N} zQa-LOv7Z8m$4Dw!Z&2o|#dxMt`ihMYl8N&mpSP)LL&U65x*q)t8!Q&Hv@B#C_OyTX zqB-PZmvA@663i;vb#v?N*IR#*4QV6u4!~HM^JS`kH~wa! zt0XH}V+>upf5Dn;_p#HDrrGjIF^l%X5G=S#F{!eMg;2uwJzYKp`?@!U84b$W`!#Dk z)Nzw$Vj6@PUPo5)v-(NCyt0t&plE2wnkte^27(0}_16&NU}+P8sj3ot72`@6-jKxX z#GT#18M(!c$*|?=pn`OJtb&ZMZ#`~;cJ}e3QkoQ4e-GuWzc1Yz4ee*`BEW@ptP~NN zbA(7IBDq*Gh0MjMPL+D>-o}3dJ2xoqO}l0Zr(5Y<5B_m06RzRe9R*EtH#Z$-soPet zsNnU@2zD-=6I6{NYxS;Z=CaV)B8oeCOLko3DgG*=C;;LaM1W=O&kRIhOy4buyk=Kp z9R|-Af4^8}^YpG!lPJgrr^P$H|FTXv`HdF*+Y@c{2Ub?w8^;cZI zqF9no8N0br@`PqDJGR_D2__fb1mSQOv=8)U(u~`FzzQ69F_)h(c1|K=f`f~NJd>j= z5Pk?GX~o2kz%@m8SZky~N*#XID0qg@HMuvR1;qMX=6Un=WV&OV5ULURm$kPV$U4kZ zf3}6@r2)n{)I+qYajne%JG|n?Qiw&jhC1>G(etwft5}hmxv2bz_iJCQcal_n<*L}6 z(mL>_=sc1&58JOYP?$7Do8iD3vaeeZix@QE=OTtYTh0>!sx*BnZ2VLj()y4BI<9df zp6X}wZaW>)1&xRe(aOsd`s?J>+XSU-f6G6bmK4fL_SvRzJ=UX>a=0Z_3YmjkIWRSw zqK!G*5}-5tmD(%_N3L#N+Yj6t)Wo=b!?RC?tI@v`Q$=Z-K_uPMpetp$U*uqbV6ujD z^m{RfEKg6mDZQsu-s9<-S>@ij!hw!pd+<;##?_98S7j5rlA=)0fqU?nasAg>Lm*#I9?Z&tqPB7lt>6a87N3Ew?%wsPTzvpTxP`q%QnpxUE%GP2oGg*{RD-k?p(`A_R| zkIr;QwUuh;W*bQ_0tyO7m{pO=(Qd*9!nf@&8WuU1A@6*@Mq?&>$`J+Rf9mkrY1>gT zEbrPiyn|IsS(nISI%0QxFG+y62qv{R`Zsf)Gs{?%!mjc!!;LDn<(K}g*EcCKPQ1rb zv!CguT%wKYyIk@wG5~U}Pyi3H)^J+p|Du-7awO^cKJ_|jUkXloR0Asqzfre%(__Np z&5{m|{n!(Vz}P3qqx6`u2_eDZ=qhIOC ziXPH*zD`XR2)1rT7_-YXc$G7y*h1iKW*i=!4vdm^*bgu6)xj*aPOYazMw%km#-H`# zV%^|vTU!t?>yHRxf6kJCNoM=YAh?T8-pLduQKxS~lzfzy7CrMju;DZtWxFc<<(4PE zvMSl^cRa9??($S7&`7N!Jl8mRNQ9e+9Ft5=yY^-RwfnKlsfwqn35VE*r~w@~x@WTy z^1$6hxmwzYY+6=u#DeqFE!4S>nf2W2ax0JAtO1JAU4&XKe}DMyjJ1)f-(S{-gb|Wa z^n{a_DOO{`y@hb(^ZJe!TbbN3mBm%K>QnA@={h?bM|K-@U$CXod_%Y=X)JjC2>Qc{ z`yOkVh})o?_%4I$@_LS^i4U+3@j@WI`-25J;U6g#T|1?ZBR^Gkda623`fH$M97;1; zU~Q}tHp+c7f0;%E+M3xo24=DH^upSQb;9bLhnAp=n$|RnCzCRO4jf`0zB2vPNS774 zgQp8QzO~uH=jY9>lYbF_9Q!}FlH`J5WW4mmwxPXIahCTMMz{{wZ2Ut)c@Dd|@H2;d z%+jF8_Se}<0h1NozN)I^VMW3W_2q81mu zt{Pe4c9NJEfwj?Pbp&nY&=N68Qj#!evS9V@gT(qlq>K7{*4=Xehz z?jhLoBwCY@pX!2sX$Kt`!Am{cN+cpax2p`Fv90u&+ZrwPPIs?>Jhz%8=&s+G(Q70* zzmDE~f8!9s16gt))$)D8fMf|t#cw+j5wFv98{nY>k+ohE&LfZ4w_IAXUZ-5o7K<(;H(iYxH{h5GXpW&x%Eiv>Gu3*zF zRU&@OG)oQM6ZMEE`y|X`e(h#pDu`4UakvgzDe-G%G*z@w6u;#w{v>J=2t<~=_!<9q zEkr7{PQ$xNjKx#{?9_+K|A;D7CKedD+-{gHN?LfOQw(TP ze+lv{#3$~a3P->IfGSy$HsK)J>+fi-=g8S6fZ1$RE*EYqq7G>l2^BE_%j&~>GRx8` z`p^K)5RQzzaMY4@O9sr-NF4?D`{^5bvq0H|TT|{pdPOaSs|t%1(Mi{wQ?KVCfiH_t zfUfbi41TwY?nH%Y2I;i0)U&3oE#{KCf4iCh#$qap)t=(vs+7pEoj?frAH0C(Qym(} z0Q(w5E(o{nr-Lenn;_1D2Num2F}e)lr62O29SnutC=SfcpaDlgf_)3E{ka8R?`|Z( z-vfP|tJ!Dju`%a3)gR6x9v+B>m?l0Gb3~xr Date: Thu, 20 Jun 2024 09:52:17 +0200 Subject: [PATCH 533/908] certs: R3 / R10 -> ISRG Root X1 --- certs/ISRG-Root-X1.pem | 38 ++++++ certs/R10.pem | 231 ------------------------------------- certs/R3.pem | 237 -------------------------------------- global-config.rsc | 2 +- global-functions.rsc | 2 +- mod/notification-ntfy.rsc | 2 +- 6 files changed, 41 insertions(+), 471 deletions(-) create mode 100644 certs/ISRG-Root-X1.pem delete mode 100644 certs/R10.pem delete mode 100644 certs/R3.pem diff --git a/certs/ISRG-Root-X1.pem b/certs/ISRG-Root-X1.pem new file mode 100644 index 0000000..995c95d --- /dev/null +++ b/certs/ISRG-Root-X1.pem @@ -0,0 +1,38 @@ +# Issuer: CN=ISRG Root X1 O=Internet Security Research Group +# Subject: CN=ISRG Root X1 O=Internet Security Research Group +# Label: "ISRG Root X1" +# Serial: 172886928669790476064670243504169061120 +# MD5 Fingerprint: 0c:d2:f9:e0:da:17:73:e9:ed:86:4d:a5:e3:70:e7:4e +# SHA1 Fingerprint: ca:bd:2a:79:a1:07:6a:31:f2:1d:25:36:35:cb:03:9d:43:29:a5:e8 +# SHA256 Fingerprint: 96:bc:ec:06:26:49:76:f3:74:60:77:9a:cf:28:c5:a7:cf:e8:a3:c0:aa:e1:1a:8f:fc:ee:05:c0:bd:df:08:c6 +-----BEGIN CERTIFICATE----- +MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw +TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh +cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4 +WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu +ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY +MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc +h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+ +0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U +A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW +T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH +B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC +B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv +KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn +OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn +jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw +qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI +rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV +HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq +hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL +ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ +3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK +NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5 +ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur +TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC +jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc +oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq +4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA +mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d +emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc= +-----END CERTIFICATE----- diff --git a/certs/R10.pem b/certs/R10.pem deleted file mode 100644 index e8c1c4a..0000000 --- a/certs/R10.pem +++ /dev/null @@ -1,231 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 4b:a8:52:93:f7:9a:2f:a2:73:06:4b:a8:04:8d:75:d0 - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, O=Internet Security Research Group, CN=ISRG Root X1 - Validity - Not Before: Mar 13 00:00:00 2024 GMT - Not After : Mar 12 23:59:59 2027 GMT - Subject: C=US, O=Let's Encrypt, CN=R10 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:cf:57:e5:e6:c4:54:12:ed:b4:47:fe:c9:27:58: - 76:46:50:28:8c:1d:3e:88:df:05:9d:d5:b5:18:29: - bd:dd:b5:5a:bf:fa:f6:ce:a3:be:af:00:21:4b:62: - 5a:5a:3c:01:2f:c5:58:03:f6:89:ff:8e:11:43:eb: - c1:b5:e0:14:07:96:8f:6f:1f:d7:e7:ba:81:39:09: - 75:65:b7:c2:af:18:5b:37:26:28:e7:a3:f4:07:2b: - 6d:1a:ff:ab:58:bc:95:ae:40:ff:e9:cb:57:c4:b5: - 5b:7f:78:0d:18:61:bc:17:e7:54:c6:bb:49:91:cd: - 6e:18:d1:80:85:ee:a6:65:36:bc:74:ea:bc:50:4c: - ea:fc:21:f3:38:16:93:94:ba:b0:d3:6b:38:06:cd: - 16:12:7a:ca:52:75:c8:ad:76:b2:c2:9c:5d:98:45: - 5c:6f:61:7b:c6:2d:ee:3c:13:52:86:01:d9:57:e6: - 38:1c:df:8d:b5:1f:92:91:9a:e7:4a:1c:cc:45:a8: - 72:55:f0:b0:e6:a3:07:ec:fd:a7:1b:66:9e:3f:48: - 8b:71:84:71:58:c9:3a:fa:ef:5e:f2:5b:44:2b:3c: - 74:e7:8f:b2:47:c1:07:6a:cd:9a:b7:0d:96:f7:12: - 81:26:51:54:0a:ec:61:f6:f7:f5:e2:f2:8a:c8:95: - 0d:8d - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Extended Key Usage: - TLS Web Client Authentication, TLS Web Server Authentication - X509v3 Basic Constraints: critical - CA:TRUE, pathlen:0 - X509v3 Subject Key Identifier: - BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8 - X509v3 Authority Key Identifier: - 79:B4:59:E6:7B:B6:E5:E4:01:73:80:08:88:C8:1A:58:F6:E9:9B:6E - Authority Information Access: - CA Issuers - URI:http://x1.i.lencr.org/ - X509v3 Certificate Policies: - Policy: 2.23.140.1.2.1 - X509v3 CRL Distribution Points: - Full Name: - URI:http://x1.c.lencr.org/ - Signature Algorithm: sha256WithRSAEncryption - Signature Value: - 92:b1:e7:41:37:eb:79:9d:81:e6:cd:e2:25:e1:3a:20:e9:90: - 44:95:a3:81:5c:cf:c3:5d:fd:bd:a0:70:d5:b1:96:28:22:0b: - d2:f2:28:cf:0c:e7:d4:e6:43:8c:24:22:1d:c1:42:92:d1:09: - af:9f:4b:f4:c8:70:4f:20:16:b1:5a:dd:01:f6:1f:f8:1f:61: - 6b:14:27:b0:72:8d:63:ae:ee:e2:ce:4b:cf:37:dd:bb:a3:d4: - cd:e7:ad:50:ad:bd:bf:e3:ec:3e:62:36:70:99:31:a7:e8:8d: - dd:ea:62:e2:12:ae:f5:9c:d4:3d:2c:0c:aa:d0:9c:79:be:ea: - 3d:5c:44:6e:96:31:63:5a:7d:d6:7e:4f:24:a0:4b:05:7f:5e: - 6f:d2:d4:ea:5f:33:4b:13:d6:57:b6:ca:de:51:b8:5d:a3:09: - 82:74:fd:c7:78:9e:b3:b9:ac:16:da:4a:2b:96:c3:b6:8b:62: - 8f:f9:74:19:a2:9e:03:de:e9:6f:9b:b0:0f:d2:a0:5a:f6:85: - 5c:c2:04:b7:c8:d5:4e:32:c4:bf:04:5d:bc:29:f6:f7:81:8f: - 0c:5d:3c:53:c9:40:90:8b:fb:b6:08:65:b9:a4:21:d5:09:e5: - 13:84:84:37:82:ce:10:28:fc:76:c2:06:25:7a:46:52:4d:da: - 53:72:a4:27:3f:62:70:ac:be:69:48:00:fb:67:0f:db:5b:a1: - e8:d7:03:21:2d:d7:c9:f6:99:42:39:83:43:df:77:0a:12:08: - f1:25:d6:ba:94:19:54:18:88:a5:c5:8e:e1:1a:99:93:79:6b: - ec:1c:f9:31:40:b0:cc:32:00:df:9f:5e:e7:b4:92:ab:90:82: - 91:8d:0d:e0:1e:95:ba:59:3b:2e:4b:5f:c2:b7:46:35:52:39: - 06:c0:bd:aa:ac:52:c1:22:a0:44:97:99:f7:0c:a0:21:a7:a1: - 6c:71:47:16:17:01:68:c0:ca:a6:26:65:04:7c:b3:ae:c9:e7: - 94:55:c2:6f:9b:3c:1c:a9:f9:2e:c5:20:1a:f0:76:e0:be:ec: - 18:d6:4f:d8:25:fb:76:11:e8:bf:e6:21:0f:e8:e8:cc:b5:b6: - a7:d5:b8:f7:9f:41:cf:61:22:46:6a:83:b6:68:97:2e:7c:ea: - 4e:95:db:23:eb:2e:c8:2b:28:84:a4:60:e9:49:f4:44:2e:3b: - f9:ca:62:57:01:e2:5d:90:16:f9:c9:fc:7a:23:48:8e:a6:d5: - 81:72:f1:28:fa:5d:ce:fb:ed:4e:73:8f:94:2e:d2:41:94:98: - 99:db:a7:af:70:5f:f5:be:fb:02:20:bf:66:27:6c:b4:ad:fa: - 75:12:0b:2b:3e:ce:03:9e ------BEGIN CERTIFICATE----- -MIIFBTCCAu2gAwIBAgIQS6hSk/eaL6JzBkuoBI110DANBgkqhkiG9w0BAQsFADBP -MQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFy -Y2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMTAeFw0yNDAzMTMwMDAwMDBa -Fw0yNzAzMTIyMzU5NTlaMDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBF -bmNyeXB0MQwwCgYDVQQDEwNSMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK -AoIBAQDPV+XmxFQS7bRH/sknWHZGUCiMHT6I3wWd1bUYKb3dtVq/+vbOo76vACFL -YlpaPAEvxVgD9on/jhFD68G14BQHlo9vH9fnuoE5CXVlt8KvGFs3Jijno/QHK20a -/6tYvJWuQP/py1fEtVt/eA0YYbwX51TGu0mRzW4Y0YCF7qZlNrx06rxQTOr8IfM4 -FpOUurDTazgGzRYSespSdcitdrLCnF2YRVxvYXvGLe48E1KGAdlX5jgc3421H5KR -mudKHMxFqHJV8LDmowfs/acbZp4/SItxhHFYyTr6717yW0QrPHTnj7JHwQdqzZq3 -DZb3EoEmUVQK7GH29/Xi8orIlQ2NAgMBAAGjgfgwgfUwDgYDVR0PAQH/BAQDAgGG -MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATASBgNVHRMBAf8ECDAGAQH/ -AgEAMB0GA1UdDgQWBBS7vMNHpeS8qcbDpHIMEI2iNeHI6DAfBgNVHSMEGDAWgBR5 -tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAKG -Fmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0gBAwwCjAIBgZngQwBAgEwJwYD -VR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVuY3Iub3JnLzANBgkqhkiG9w0B -AQsFAAOCAgEAkrHnQTfreZ2B5s3iJeE6IOmQRJWjgVzPw139vaBw1bGWKCIL0vIo -zwzn1OZDjCQiHcFCktEJr59L9MhwTyAWsVrdAfYf+B9haxQnsHKNY67u4s5Lzzfd -u6PUzeetUK29v+PsPmI2cJkxp+iN3epi4hKu9ZzUPSwMqtCceb7qPVxEbpYxY1p9 -1n5PJKBLBX9eb9LU6l8zSxPWV7bK3lG4XaMJgnT9x3ies7msFtpKK5bDtotij/l0 -GaKeA97pb5uwD9KgWvaFXMIEt8jVTjLEvwRdvCn294GPDF08U8lAkIv7tghluaQh -1QnlE4SEN4LOECj8dsIGJXpGUk3aU3KkJz9icKy+aUgA+2cP21uh6NcDIS3XyfaZ -QjmDQ993ChII8SXWupQZVBiIpcWO4RqZk3lr7Bz5MUCwzDIA359e57SSq5CCkY0N -4B6Vulk7LktfwrdGNVI5BsC9qqxSwSKgRJeZ9wygIaehbHFHFhcBaMDKpiZlBHyz -rsnnlFXCb5s8HKn5LsUgGvB24L7sGNZP2CX7dhHov+YhD+jozLW2p9W4959Bz2Ei -RmqDtmiXLnzqTpXbI+suyCsohKRg6Un0RC47+cpiVwHiXZAW+cn8eiNIjqbVgXLx -KPpdzvvtTnOPlC7SQZSYmdunr3Bf9b77AiC/ZidstK36dRILKz7OA54= ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 82:10:cf:b0:d2:40:e3:59:44:63:e0:bb:63:82:8b:00 - Signature Algorithm: sha256WithRSAEncryption - Issuer: C = US, O = Internet Security Research Group, CN = ISRG Root X1 - Validity - Not Before: Jun 4 11:04:38 2015 GMT - Not After : Jun 4 11:04:38 2035 GMT - Subject: C = US, O = Internet Security Research Group, CN = ISRG Root X1 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public-Key: (4096 bit) - Modulus: - 00:ad:e8:24:73:f4:14:37:f3:9b:9e:2b:57:28:1c: - 87:be:dc:b7:df:38:90:8c:6e:3c:e6:57:a0:78:f7: - 75:c2:a2:fe:f5:6a:6e:f6:00:4f:28:db:de:68:86: - 6c:44:93:b6:b1:63:fd:14:12:6b:bf:1f:d2:ea:31: - 9b:21:7e:d1:33:3c:ba:48:f5:dd:79:df:b3:b8:ff: - 12:f1:21:9a:4b:c1:8a:86:71:69:4a:66:66:6c:8f: - 7e:3c:70:bf:ad:29:22:06:f3:e4:c0:e6:80:ae:e2: - 4b:8f:b7:99:7e:94:03:9f:d3:47:97:7c:99:48:23: - 53:e8:38:ae:4f:0a:6f:83:2e:d1:49:57:8c:80:74: - b6:da:2f:d0:38:8d:7b:03:70:21:1b:75:f2:30:3c: - fa:8f:ae:dd:da:63:ab:eb:16:4f:c2:8e:11:4b:7e: - cf:0b:e8:ff:b5:77:2e:f4:b2:7b:4a:e0:4c:12:25: - 0c:70:8d:03:29:a0:e1:53:24:ec:13:d9:ee:19:bf: - 10:b3:4a:8c:3f:89:a3:61:51:de:ac:87:07:94:f4: - 63:71:ec:2e:e2:6f:5b:98:81:e1:89:5c:34:79:6c: - 76:ef:3b:90:62:79:e6:db:a4:9a:2f:26:c5:d0:10: - e1:0e:de:d9:10:8e:16:fb:b7:f7:a8:f7:c7:e5:02: - 07:98:8f:36:08:95:e7:e2:37:96:0d:36:75:9e:fb: - 0e:72:b1:1d:9b:bc:03:f9:49:05:d8:81:dd:05:b4: - 2a:d6:41:e9:ac:01:76:95:0a:0f:d8:df:d5:bd:12: - 1f:35:2f:28:17:6c:d2:98:c1:a8:09:64:77:6e:47: - 37:ba:ce:ac:59:5e:68:9d:7f:72:d6:89:c5:06:41: - 29:3e:59:3e:dd:26:f5:24:c9:11:a7:5a:a3:4c:40: - 1f:46:a1:99:b5:a7:3a:51:6e:86:3b:9e:7d:72:a7: - 12:05:78:59:ed:3e:51:78:15:0b:03:8f:8d:d0:2f: - 05:b2:3e:7b:4a:1c:4b:73:05:12:fc:c6:ea:e0:50: - 13:7c:43:93:74:b3:ca:74:e7:8e:1f:01:08:d0:30: - d4:5b:71:36:b4:07:ba:c1:30:30:5c:48:b7:82:3b: - 98:a6:7d:60:8a:a2:a3:29:82:cc:ba:bd:83:04:1b: - a2:83:03:41:a1:d6:05:f1:1b:c2:b6:f0:a8:7c:86: - 3b:46:a8:48:2a:88:dc:76:9a:76:bf:1f:6a:a5:3d: - 19:8f:eb:38:f3:64:de:c8:2b:0d:0a:28:ff:f7:db: - e2:15:42:d4:22:d0:27:5d:e1:79:fe:18:e7:70:88: - ad:4e:e6:d9:8b:3a:c6:dd:27:51:6e:ff:bc:64:f5: - 33:43:4f - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 79:B4:59:E6:7B:B6:E5:E4:01:73:80:08:88:C8:1A:58:F6:E9:9B:6E - Signature Algorithm: sha256WithRSAEncryption - 55:1f:58:a9:bc:b2:a8:50:d0:0c:b1:d8:1a:69:20:27:29:08: - ac:61:75:5c:8a:6e:f8:82:e5:69:2f:d5:f6:56:4b:b9:b8:73: - 10:59:d3:21:97:7e:e7:4c:71:fb:b2:d2:60:ad:39:a8:0b:ea: - 17:21:56:85:f1:50:0e:59:eb:ce:e0:59:e9:ba:c9:15:ef:86: - 9d:8f:84:80:f6:e4:e9:91:90:dc:17:9b:62:1b:45:f0:66:95: - d2:7c:6f:c2:ea:3b:ef:1f:cf:cb:d6:ae:27:f1:a9:b0:c8:ae: - fd:7d:7e:9a:fa:22:04:eb:ff:d9:7f:ea:91:2b:22:b1:17:0e: - 8f:f2:8a:34:5b:58:d8:fc:01:c9:54:b9:b8:26:cc:8a:88:33: - 89:4c:2d:84:3c:82:df:ee:96:57:05:ba:2c:bb:f7:c4:b7:c7: - 4e:3b:82:be:31:c8:22:73:73:92:d1:c2:80:a4:39:39:10:33: - 23:82:4c:3c:9f:86:b2:55:98:1d:be:29:86:8c:22:9b:9e:e2: - 6b:3b:57:3a:82:70:4d:dc:09:c7:89:cb:0a:07:4d:6c:e8:5d: - 8e:c9:ef:ce:ab:c7:bb:b5:2b:4e:45:d6:4a:d0:26:cc:e5:72: - ca:08:6a:a5:95:e3:15:a1:f7:a4:ed:c9:2c:5f:a5:fb:ff:ac: - 28:02:2e:be:d7:7b:bb:e3:71:7b:90:16:d3:07:5e:46:53:7c: - 37:07:42:8c:d3:c4:96:9c:d5:99:b5:2a:e0:95:1a:80:48:ae: - 4c:39:07:ce:cc:47:a4:52:95:2b:ba:b8:fb:ad:d2:33:53:7d: - e5:1d:4d:6d:d5:a1:b1:c7:42:6f:e6:40:27:35:5c:a3:28:b7: - 07:8d:e7:8d:33:90:e7:23:9f:fb:50:9c:79:6c:46:d5:b4:15: - b3:96:6e:7e:9b:0c:96:3a:b8:52:2d:3f:d6:5b:e1:fb:08:c2: - 84:fe:24:a8:a3:89:da:ac:6a:e1:18:2a:b1:a8:43:61:5b:d3: - 1f:dc:3b:8d:76:f2:2d:e8:8d:75:df:17:33:6c:3d:53:fb:7b: - cb:41:5f:ff:dc:a2:d0:61:38:e1:96:b8:ac:5d:8b:37:d7:75: - d5:33:c0:99:11:ae:9d:41:c1:72:75:84:be:02:41:42:5f:67: - 24:48:94:d1:9b:27:be:07:3f:b9:b8:4f:81:74:51:e1:7a:b7: - ed:9d:23:e2:be:e0:d5:28:04:13:3c:31:03:9e:dd:7a:6c:8f: - c6:07:18:c6:7f:de:47:8e:3f:28:9e:04:06:cf:a5:54:34:77: - bd:ec:89:9b:e9:17:43:df:5b:db:5f:fe:8e:1e:57:a2:cd:40: - 9d:7e:62:22:da:de:18:27 ------BEGIN CERTIFICATE----- -MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw -TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh -cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4 -WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu -ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY -MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc -h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+ -0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U -A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW -T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH -B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC -B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv -KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn -OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn -jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw -qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI -rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq -hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL -ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ -3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK -NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5 -ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur -TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC -jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc -oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq -4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA -mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d -emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc= ------END CERTIFICATE----- diff --git a/certs/R3.pem b/certs/R3.pem deleted file mode 100644 index 837b709..0000000 --- a/certs/R3.pem +++ /dev/null @@ -1,237 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 91:2b:08:4a:cf:0c:18:a7:53:f6:d6:2e:25:a7:5f:5a - Signature Algorithm: sha256WithRSAEncryption - Issuer: C = US, O = Internet Security Research Group, CN = ISRG Root X1 - Validity - Not Before: Sep 4 00:00:00 2020 GMT - Not After : Sep 15 16:00:00 2025 GMT - Subject: C = US, O = Let's Encrypt, CN = R3 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public-Key: (2048 bit) - Modulus: - 00:bb:02:15:28:cc:f6:a0:94:d3:0f:12:ec:8d:55: - 92:c3:f8:82:f1:99:a6:7a:42:88:a7:5d:26:aa:b5: - 2b:b9:c5:4c:b1:af:8e:6b:f9:75:c8:a3:d7:0f:47: - 94:14:55:35:57:8c:9e:a8:a2:39:19:f5:82:3c:42: - a9:4e:6e:f5:3b:c3:2e:db:8d:c0:b0:5c:f3:59:38: - e7:ed:cf:69:f0:5a:0b:1b:be:c0:94:24:25:87:fa: - 37:71:b3:13:e7:1c:ac:e1:9b:ef:db:e4:3b:45:52: - 45:96:a9:c1:53:ce:34:c8:52:ee:b5:ae:ed:8f:de: - 60:70:e2:a5:54:ab:b6:6d:0e:97:a5:40:34:6b:2b: - d3:bc:66:eb:66:34:7c:fa:6b:8b:8f:57:29:99:f8: - 30:17:5d:ba:72:6f:fb:81:c5:ad:d2:86:58:3d:17: - c7:e7:09:bb:f1:2b:f7:86:dc:c1:da:71:5d:d4:46: - e3:cc:ad:25:c1:88:bc:60:67:75:66:b3:f1:18:f7: - a2:5c:e6:53:ff:3a:88:b6:47:a5:ff:13:18:ea:98: - 09:77:3f:9d:53:f9:cf:01:e5:f5:a6:70:17:14:af: - 63:a4:ff:99:b3:93:9d:dc:53:a7:06:fe:48:85:1d: - a1:69:ae:25:75:bb:13:cc:52:03:f5:ed:51:a1:8b: - db:15 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Extended Key Usage: - TLS Web Client Authentication, TLS Web Server Authentication - X509v3 Basic Constraints: critical - CA:TRUE, pathlen:0 - X509v3 Subject Key Identifier: - 14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6 - X509v3 Authority Key Identifier: - keyid:79:B4:59:E6:7B:B6:E5:E4:01:73:80:08:88:C8:1A:58:F6:E9:9B:6E - - Authority Information Access: - CA Issuers - URI:http://x1.i.lencr.org/ - - X509v3 CRL Distribution Points: - - Full Name: - URI:http://x1.c.lencr.org/ - - X509v3 Certificate Policies: - Policy: 2.23.140.1.2.1 - Policy: 1.3.6.1.4.1.44947.1.1.1 - - Signature Algorithm: sha256WithRSAEncryption - 85:ca:4e:47:3e:a3:f7:85:44:85:bc:d5:67:78:b2:98:63:ad: - 75:4d:1e:96:3d:33:65:72:54:2d:81:a0:ea:c3:ed:f8:20:bf: - 5f:cc:b7:70:00:b7:6e:3b:f6:5e:94:de:e4:20:9f:a6:ef:8b: - b2:03:e7:a2:b5:16:3c:91:ce:b4:ed:39:02:e7:7c:25:8a:47: - e6:65:6e:3f:46:f4:d9:f0:ce:94:2b:ee:54:ce:12:bc:8c:27: - 4b:b8:c1:98:2f:a2:af:cd:71:91:4a:08:b7:c8:b8:23:7b:04: - 2d:08:f9:08:57:3e:83:d9:04:33:0a:47:21:78:09:82:27:c3: - 2a:c8:9b:b9:ce:5c:f2:64:c8:c0:be:79:c0:4f:8e:6d:44:0c: - 5e:92:bb:2e:f7:8b:10:e1:e8:1d:44:29:db:59:20:ed:63:b9: - 21:f8:12:26:94:93:57:a0:1d:65:04:c1:0a:22:ae:10:0d:43: - 97:a1:18:1f:7e:e0:e0:86:37:b5:5a:b1:bd:30:bf:87:6e:2b: - 2a:ff:21:4e:1b:05:c3:f5:18:97:f0:5e:ac:c3:a5:b8:6a:f0: - 2e:bc:3b:33:b9:ee:4b:de:cc:fc:e4:af:84:0b:86:3f:c0:55: - 43:36:f6:68:e1:36:17:6a:8e:99:d1:ff:a5:40:a7:34:b7:c0: - d0:63:39:35:39:75:6e:f2:ba:76:c8:93:02:e9:a9:4b:6c:17: - ce:0c:02:d9:bd:81:fb:9f:b7:68:d4:06:65:b3:82:3d:77:53: - f8:8e:79:03:ad:0a:31:07:75:2a:43:d8:55:97:72:c4:29:0e: - f7:c4:5d:4e:c8:ae:46:84:30:d7:f2:85:5f:18:a1:79:bb:e7: - 5e:70:8b:07:e1:86:93:c3:b9:8f:dc:61:71:25:2a:af:df:ed: - 25:50:52:68:8b:92:dc:e5:d6:b5:e3:da:7d:d0:87:6c:84:21: - 31:ae:82:f5:fb:b9:ab:c8:89:17:3d:e1:4c:e5:38:0e:f6:bd: - 2b:bd:96:81:14:eb:d5:db:3d:20:a7:7e:59:d3:e2:f8:58:f9: - 5b:b8:48:cd:fe:5c:4f:16:29:fe:1e:55:23:af:c8:11:b0:8d: - ea:7c:93:90:17:2f:fd:ac:a2:09:47:46:3f:f0:e9:b0:b7:ff: - 28:4d:68:32:d6:67:5e:1e:69:a3:93:b8:f5:9d:8b:2f:0b:d2: - 52:43:a6:6f:32:57:65:4d:32:81:df:38:53:85:5d:7e:5d:66: - 29:ea:b8:dd:e4:95:b5:cd:b5:56:12:42:cd:c4:4e:c6:25:38: - 44:50:6d:ec:ce:00:55:18:fe:e9:49:64:d4:4e:ca:97:9c:b4: - 5b:c0:73:a8:ab:b8:47:c2 ------BEGIN CERTIFICATE----- -MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw -TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh -cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw -WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg -RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK -AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP -R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx -sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm -NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg -Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG -/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC -AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB -Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA -FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw -AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw -Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB -gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W -PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl -ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz -CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm -lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4 -avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2 -yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O -yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids -hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+ -HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv -MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX -nLRbwHOoq7hHwg== ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 82:10:cf:b0:d2:40:e3:59:44:63:e0:bb:63:82:8b:00 - Signature Algorithm: sha256WithRSAEncryption - Issuer: C = US, O = Internet Security Research Group, CN = ISRG Root X1 - Validity - Not Before: Jun 4 11:04:38 2015 GMT - Not After : Jun 4 11:04:38 2035 GMT - Subject: C = US, O = Internet Security Research Group, CN = ISRG Root X1 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public-Key: (4096 bit) - Modulus: - 00:ad:e8:24:73:f4:14:37:f3:9b:9e:2b:57:28:1c: - 87:be:dc:b7:df:38:90:8c:6e:3c:e6:57:a0:78:f7: - 75:c2:a2:fe:f5:6a:6e:f6:00:4f:28:db:de:68:86: - 6c:44:93:b6:b1:63:fd:14:12:6b:bf:1f:d2:ea:31: - 9b:21:7e:d1:33:3c:ba:48:f5:dd:79:df:b3:b8:ff: - 12:f1:21:9a:4b:c1:8a:86:71:69:4a:66:66:6c:8f: - 7e:3c:70:bf:ad:29:22:06:f3:e4:c0:e6:80:ae:e2: - 4b:8f:b7:99:7e:94:03:9f:d3:47:97:7c:99:48:23: - 53:e8:38:ae:4f:0a:6f:83:2e:d1:49:57:8c:80:74: - b6:da:2f:d0:38:8d:7b:03:70:21:1b:75:f2:30:3c: - fa:8f:ae:dd:da:63:ab:eb:16:4f:c2:8e:11:4b:7e: - cf:0b:e8:ff:b5:77:2e:f4:b2:7b:4a:e0:4c:12:25: - 0c:70:8d:03:29:a0:e1:53:24:ec:13:d9:ee:19:bf: - 10:b3:4a:8c:3f:89:a3:61:51:de:ac:87:07:94:f4: - 63:71:ec:2e:e2:6f:5b:98:81:e1:89:5c:34:79:6c: - 76:ef:3b:90:62:79:e6:db:a4:9a:2f:26:c5:d0:10: - e1:0e:de:d9:10:8e:16:fb:b7:f7:a8:f7:c7:e5:02: - 07:98:8f:36:08:95:e7:e2:37:96:0d:36:75:9e:fb: - 0e:72:b1:1d:9b:bc:03:f9:49:05:d8:81:dd:05:b4: - 2a:d6:41:e9:ac:01:76:95:0a:0f:d8:df:d5:bd:12: - 1f:35:2f:28:17:6c:d2:98:c1:a8:09:64:77:6e:47: - 37:ba:ce:ac:59:5e:68:9d:7f:72:d6:89:c5:06:41: - 29:3e:59:3e:dd:26:f5:24:c9:11:a7:5a:a3:4c:40: - 1f:46:a1:99:b5:a7:3a:51:6e:86:3b:9e:7d:72:a7: - 12:05:78:59:ed:3e:51:78:15:0b:03:8f:8d:d0:2f: - 05:b2:3e:7b:4a:1c:4b:73:05:12:fc:c6:ea:e0:50: - 13:7c:43:93:74:b3:ca:74:e7:8e:1f:01:08:d0:30: - d4:5b:71:36:b4:07:ba:c1:30:30:5c:48:b7:82:3b: - 98:a6:7d:60:8a:a2:a3:29:82:cc:ba:bd:83:04:1b: - a2:83:03:41:a1:d6:05:f1:1b:c2:b6:f0:a8:7c:86: - 3b:46:a8:48:2a:88:dc:76:9a:76:bf:1f:6a:a5:3d: - 19:8f:eb:38:f3:64:de:c8:2b:0d:0a:28:ff:f7:db: - e2:15:42:d4:22:d0:27:5d:e1:79:fe:18:e7:70:88: - ad:4e:e6:d9:8b:3a:c6:dd:27:51:6e:ff:bc:64:f5: - 33:43:4f - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 79:B4:59:E6:7B:B6:E5:E4:01:73:80:08:88:C8:1A:58:F6:E9:9B:6E - Signature Algorithm: sha256WithRSAEncryption - 55:1f:58:a9:bc:b2:a8:50:d0:0c:b1:d8:1a:69:20:27:29:08: - ac:61:75:5c:8a:6e:f8:82:e5:69:2f:d5:f6:56:4b:b9:b8:73: - 10:59:d3:21:97:7e:e7:4c:71:fb:b2:d2:60:ad:39:a8:0b:ea: - 17:21:56:85:f1:50:0e:59:eb:ce:e0:59:e9:ba:c9:15:ef:86: - 9d:8f:84:80:f6:e4:e9:91:90:dc:17:9b:62:1b:45:f0:66:95: - d2:7c:6f:c2:ea:3b:ef:1f:cf:cb:d6:ae:27:f1:a9:b0:c8:ae: - fd:7d:7e:9a:fa:22:04:eb:ff:d9:7f:ea:91:2b:22:b1:17:0e: - 8f:f2:8a:34:5b:58:d8:fc:01:c9:54:b9:b8:26:cc:8a:88:33: - 89:4c:2d:84:3c:82:df:ee:96:57:05:ba:2c:bb:f7:c4:b7:c7: - 4e:3b:82:be:31:c8:22:73:73:92:d1:c2:80:a4:39:39:10:33: - 23:82:4c:3c:9f:86:b2:55:98:1d:be:29:86:8c:22:9b:9e:e2: - 6b:3b:57:3a:82:70:4d:dc:09:c7:89:cb:0a:07:4d:6c:e8:5d: - 8e:c9:ef:ce:ab:c7:bb:b5:2b:4e:45:d6:4a:d0:26:cc:e5:72: - ca:08:6a:a5:95:e3:15:a1:f7:a4:ed:c9:2c:5f:a5:fb:ff:ac: - 28:02:2e:be:d7:7b:bb:e3:71:7b:90:16:d3:07:5e:46:53:7c: - 37:07:42:8c:d3:c4:96:9c:d5:99:b5:2a:e0:95:1a:80:48:ae: - 4c:39:07:ce:cc:47:a4:52:95:2b:ba:b8:fb:ad:d2:33:53:7d: - e5:1d:4d:6d:d5:a1:b1:c7:42:6f:e6:40:27:35:5c:a3:28:b7: - 07:8d:e7:8d:33:90:e7:23:9f:fb:50:9c:79:6c:46:d5:b4:15: - b3:96:6e:7e:9b:0c:96:3a:b8:52:2d:3f:d6:5b:e1:fb:08:c2: - 84:fe:24:a8:a3:89:da:ac:6a:e1:18:2a:b1:a8:43:61:5b:d3: - 1f:dc:3b:8d:76:f2:2d:e8:8d:75:df:17:33:6c:3d:53:fb:7b: - cb:41:5f:ff:dc:a2:d0:61:38:e1:96:b8:ac:5d:8b:37:d7:75: - d5:33:c0:99:11:ae:9d:41:c1:72:75:84:be:02:41:42:5f:67: - 24:48:94:d1:9b:27:be:07:3f:b9:b8:4f:81:74:51:e1:7a:b7: - ed:9d:23:e2:be:e0:d5:28:04:13:3c:31:03:9e:dd:7a:6c:8f: - c6:07:18:c6:7f:de:47:8e:3f:28:9e:04:06:cf:a5:54:34:77: - bd:ec:89:9b:e9:17:43:df:5b:db:5f:fe:8e:1e:57:a2:cd:40: - 9d:7e:62:22:da:de:18:27 ------BEGIN CERTIFICATE----- -MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw -TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh -cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4 -WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu -ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY -MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc -h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+ -0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U -A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW -T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH -B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC -B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv -KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn -OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn -jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw -qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI -rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq -hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL -ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ -3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK -NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5 -ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur -TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC -jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc -oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq -4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA -mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d -emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc= ------END CERTIFICATE----- diff --git a/global-config.rsc b/global-config.rsc index 734b51e..f99fdf1 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -102,7 +102,7 @@ { url="https://sslbl.abuse.ch/blacklist/sslipblacklist.txt"; cert="GlobalSign Atlas R3 DV TLS CA 2022 Q3" }; { url="https://www.dshield.org/block.txt"; cidr="/24"; - cert="R3" }; + cert="ISRG Root X1" }; { url="https://lists.blocklist.de/lists/strongips.txt"; cert="Certum Domain Validation CA SHA2" }; # { url="https://www.spamhaus.org/drop/drop.txt"; diff --git a/global-functions.rsc b/global-functions.rsc index 6c5ce02..567444e 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -334,7 +334,7 @@ :return true; } - :if ([ $CertificateAvailable "R3" ] = false) do={ + :if ([ $CertificateAvailable "ISRG Root X1" ] = false) do={ $LogPrint error $0 ("Downloading required certificate failed."); :return false; } diff --git a/mod/notification-ntfy.rsc b/mod/notification-ntfy.rsc index 4413f07..cdc10e7 100644 --- a/mod/notification-ntfy.rsc +++ b/mod/notification-ntfy.rsc @@ -98,7 +98,7 @@ :do { :if ($NtfyServer = "ntfy.sh") do={ - :if ([ $CertificateAvailable "R3" ] = false) do={ + :if ([ $CertificateAvailable "ISRG Root X1" ] = false) do={ $LogPrint warning $0 ("Downloading required certificate failed."); :error false; } From b875d64724a8ac3218b2e0779effe19c1729e11a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 20 Jun 2024 10:25:53 +0200 Subject: [PATCH 534/908] certs: GlobalSign Atlas R3 DV TLS CA 2022 Q3 -> GlobalSign --- .../GlobalSign-Atlas-R3-DV-TLS-CA-2022-Q3.pem | 177 ------------------ certs/GlobalSign.pem | 28 +++ global-config.rsc | 4 +- 3 files changed, 30 insertions(+), 179 deletions(-) delete mode 100644 certs/GlobalSign-Atlas-R3-DV-TLS-CA-2022-Q3.pem create mode 100644 certs/GlobalSign.pem diff --git a/certs/GlobalSign-Atlas-R3-DV-TLS-CA-2022-Q3.pem b/certs/GlobalSign-Atlas-R3-DV-TLS-CA-2022-Q3.pem deleted file mode 100644 index b514c11..0000000 --- a/certs/GlobalSign-Atlas-R3-DV-TLS-CA-2022-Q3.pem +++ /dev/null @@ -1,177 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 7c:2a:0c:21:3f:c6:55:53:45:c9:1f:19:1f:b8:4e:fa - Signature Algorithm: sha256WithRSAEncryption - Issuer: OU = GlobalSign Root CA - R3, O = GlobalSign, CN = GlobalSign - Validity - Not Before: Apr 20 12:00:00 2022 GMT - Not After : Apr 20 00:00:00 2025 GMT - Subject: C = BE, O = GlobalSign nv-sa, CN = GlobalSign Atlas R3 DV TLS CA 2022 Q3 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:b8:a8:7a:66:3c:4e:66:9c:ce:37:a5:54:35:4d: - 36:c7:99:d3:a8:27:36:f2:2f:c6:d5:18:3e:e9:09: - dd:05:d6:d7:2c:34:32:7c:08:63:49:d1:10:37:e5: - 78:5d:11:62:ce:6d:fb:2f:3f:37:94:db:8f:7b:30: - e9:5e:2c:d9:55:3f:b2:db:b9:a0:b5:60:37:8b:a4: - 06:32:35:50:a4:09:af:0a:45:ff:a8:1f:9b:65:8e: - dd:4a:e0:40:a1:e3:63:37:58:90:dd:75:3b:fc:0e: - 1c:82:40:98:bd:70:b1:c1:48:14:14:3c:04:4b:69: - dd:d4:9c:01:a6:e9:21:e3:82:0a:fe:e4:aa:bf:34: - a0:8c:cb:c9:79:6e:3e:5c:6a:52:9e:c4:ed:2b:c5: - 69:fe:50:3c:93:9d:b5:ff:2d:28:a8:6c:06:6c:9d: - c5:af:b2:59:fb:59:77:0d:74:7a:88:84:a4:d4:1d: - d4:ba:20:06:cc:b5:1e:48:4e:74:21:15:86:75:c0: - cc:5a:d1:05:cf:57:16:7a:13:17:ec:c2:4a:ae:d5: - 1e:72:aa:22:5a:8c:9c:82:32:c4:10:e6:42:6e:21: - 86:68:7c:80:23:30:35:d3:bd:b0:5e:0a:29:2b:f0: - 14:b1:18:37:d9:59:25:c3:e7:38:d9:e9:d4:2d:36: - 35:65 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Extended Key Usage: - TLS Web Server Authentication, TLS Web Client Authentication - X509v3 Basic Constraints: critical - CA:TRUE, pathlen:0 - X509v3 Subject Key Identifier: - FA:91:39:63:9A:FB:AD:10:24:E5:BE:B5:B9:DA:AB:D9:C4:46:69:AB - X509v3 Authority Key Identifier: - 8F:F0:4B:7F:A8:2E:45:24:AE:4D:50:FA:63:9A:8B:DE:E2:DD:1B:BC - Authority Information Access: - OCSP - URI:http://ocsp2.globalsign.com/rootr3 - CA Issuers - URI:http://secure.globalsign.com/cacert/root-r3.crt - X509v3 CRL Distribution Points: - Full Name: - URI:http://crl.globalsign.com/root-r3.crl - X509v3 Certificate Policies: - Policy: 2.23.140.1.2.1 - Policy: 1.3.6.1.4.1.4146.10.1.3 - Signature Algorithm: sha256WithRSAEncryption - Signature Value: - 14:33:2c:79:e5:3f:82:c6:70:3f:da:59:38:a7:bb:a2:76:ac: - 61:18:05:68:57:d9:0d:fb:8a:46:bc:f1:a8:e8:0c:70:02:1d: - c6:2f:97:ed:36:3e:9e:52:86:2f:5c:62:d8:d5:47:43:9a:73: - d1:2b:25:87:9f:44:b4:14:eb:26:bc:21:47:74:20:bd:9f:a4: - bf:b3:80:1d:4d:35:7d:cd:b9:b5:da:55:f2:90:50:c8:b2:17: - 4e:0e:b4:61:88:29:5f:44:5d:03:7f:57:91:81:d0:eb:30:ae: - d5:2a:ec:82:20:ce:4e:d2:b0:8b:95:02:61:73:d8:69:34:f4: - ad:63:0e:5c:e4:20:1f:a9:7d:ed:8e:e5:1c:04:bb:22:9f:c7: - a9:22:ca:99:3d:02:a7:67:e8:06:2d:fa:04:6b:bb:49:d2:6c: - 99:57:63:6c:2d:c2:61:78:e1:20:b1:fb:f6:bf:e1:82:39:39: - 3c:7b:ef:7d:1a:95:4a:b2:72:da:55:90:ae:ed:dd:e2:70:90: - 7c:1a:ee:b5:32:5a:5d:cf:d6:fa:45:f2:9e:01:0c:31:2f:89: - 84:fe:31:60:0f:fd:ee:a6:5b:84:d5:c7:18:e6:a4:f9:40:30: - 29:18:1e:fe:fc:41:b5:b9:29:05:75:8b:62:1a:5b:22:2e:bf: - e4:59:6c:b0 ------BEGIN CERTIFICATE----- -MIIEjzCCA3egAwIBAgIQfCoMIT/GVVNFyR8ZH7hO+jANBgkqhkiG9w0BAQsFADBM -MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv -YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMjA0MjAxMjAwMDBaFw0y -NTA0MjAwMDAwMDBaMFgxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu -IG52LXNhMS4wLAYDVQQDEyVHbG9iYWxTaWduIEF0bGFzIFIzIERWIFRMUyBDQSAy -MDIyIFEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKh6ZjxOZpzO -N6VUNU02x5nTqCc28i/G1Rg+6QndBdbXLDQyfAhjSdEQN+V4XRFizm37Lz83lNuP -ezDpXizZVT+y27mgtWA3i6QGMjVQpAmvCkX/qB+bZY7dSuBAoeNjN1iQ3XU7/A4c -gkCYvXCxwUgUFDwES2nd1JwBpukh44IK/uSqvzSgjMvJeW4+XGpSnsTtK8Vp/lA8 -k521/y0oqGwGbJ3Fr7JZ+1l3DXR6iISk1B3UuiAGzLUeSE50IRWGdcDMWtEFz1cW -ehMX7MJKrtUecqoiWoycgjLEEOZCbiGGaHyAIzA1072wXgopK/AUsRg32Vklw+c4 -2enULTY1ZQIDAQABo4IBXzCCAVswDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQG -CCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQW -BBT6kTljmvutECTlvrW52qvZxEZpqzAfBgNVHSMEGDAWgBSP8Et/qC5FJK5NUPpj -move4t0bvDB7BggrBgEFBQcBAQRvMG0wLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3Nw -Mi5nbG9iYWxzaWduLmNvbS9yb290cjMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9zZWN1 -cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L3Jvb3QtcjMuY3J0MDYGA1UdHwQvMC0w -K6ApoCeGJWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vcm9vdC1yMy5jcmwwIQYD -VR0gBBowGDAIBgZngQwBAgEwDAYKKwYBBAGgMgoBAzANBgkqhkiG9w0BAQsFAAOC -AQEAFDMseeU/gsZwP9pZOKe7onasYRgFaFfZDfuKRrzxqOgMcAIdxi+X7TY+nlKG -L1xi2NVHQ5pz0Sslh59EtBTrJrwhR3QgvZ+kv7OAHU01fc25tdpV8pBQyLIXTg60 -YYgpX0RdA39XkYHQ6zCu1SrsgiDOTtKwi5UCYXPYaTT0rWMOXOQgH6l97Y7lHAS7 -Ip/HqSLKmT0Cp2foBi36BGu7SdJsmVdjbC3CYXjhILH79r/hgjk5PHvvfRqVSrJy -2lWQru3d4nCQfBrutTJaXc/W+kXyngEMMS+JhP4xYA/97qZbhNXHGOak+UAwKRge -/vxBtbkpBXWLYhpbIi6/5FlssA== ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 04:00:00:00:00:01:21:58:53:08:a2 - Signature Algorithm: sha256WithRSAEncryption - Issuer: OU = GlobalSign Root CA - R3, O = GlobalSign, CN = GlobalSign - Validity - Not Before: Mar 18 10:00:00 2009 GMT - Not After : Mar 18 10:00:00 2029 GMT - Subject: OU = GlobalSign Root CA - R3, O = GlobalSign, CN = GlobalSign - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:cc:25:76:90:79:06:78:22:16:f5:c0:83:b6:84: - ca:28:9e:fd:05:76:11:c5:ad:88:72:fc:46:02:43: - c7:b2:8a:9d:04:5f:24:cb:2e:4b:e1:60:82:46:e1: - 52:ab:0c:81:47:70:6c:dd:64:d1:eb:f5:2c:a3:0f: - 82:3d:0c:2b:ae:97:d7:b6:14:86:10:79:bb:3b:13: - 80:77:8c:08:e1:49:d2:6a:62:2f:1f:5e:fa:96:68: - df:89:27:95:38:9f:06:d7:3e:c9:cb:26:59:0d:73: - de:b0:c8:e9:26:0e:83:15:c6:ef:5b:8b:d2:04:60: - ca:49:a6:28:f6:69:3b:f6:cb:c8:28:91:e5:9d:8a: - 61:57:37:ac:74:14:dc:74:e0:3a:ee:72:2f:2e:9c: - fb:d0:bb:bf:f5:3d:00:e1:06:33:e8:82:2b:ae:53: - a6:3a:16:73:8c:dd:41:0e:20:3a:c0:b4:a7:a1:e9: - b2:4f:90:2e:32:60:e9:57:cb:b9:04:92:68:68:e5: - 38:26:60:75:b2:9f:77:ff:91:14:ef:ae:20:49:fc: - ad:40:15:48:d1:02:31:61:19:5e:b8:97:ef:ad:77: - b7:64:9a:7a:bf:5f:c1:13:ef:9b:62:fb:0d:6c:e0: - 54:69:16:a9:03:da:6e:e9:83:93:71:76:c6:69:85: - 82:17 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 8F:F0:4B:7F:A8:2E:45:24:AE:4D:50:FA:63:9A:8B:DE:E2:DD:1B:BC - Signature Algorithm: sha256WithRSAEncryption - Signature Value: - 4b:40:db:c0:50:aa:fe:c8:0c:ef:f7:96:54:45:49:bb:96:00: - 09:41:ac:b3:13:86:86:28:07:33:ca:6b:e6:74:b9:ba:00:2d: - ae:a4:0a:d3:f5:f1:f1:0f:8a:bf:73:67:4a:83:c7:44:7b:78: - e0:af:6e:6c:6f:03:29:8e:33:39:45:c3:8e:e4:b9:57:6c:aa: - fc:12:96:ec:53:c6:2d:e4:24:6c:b9:94:63:fb:dc:53:68:67: - 56:3e:83:b8:cf:35:21:c3:c9:68:fe:ce:da:c2:53:aa:cc:90: - 8a:e9:f0:5d:46:8c:95:dd:7a:58:28:1a:2f:1d:de:cd:00:37: - 41:8f:ed:44:6d:d7:53:28:97:7e:f3:67:04:1e:15:d7:8a:96: - b4:d3:de:4c:27:a4:4c:1b:73:73:76:f4:17:99:c2:1f:7a:0e: - e3:2d:08:ad:0a:1c:2c:ff:3c:ab:55:0e:0f:91:7e:36:eb:c3: - 57:49:be:e1:2e:2d:7c:60:8b:c3:41:51:13:23:9d:ce:f7:32: - 6b:94:01:a8:99:e7:2c:33:1f:3a:3b:25:d2:86:40:ce:3b:2c: - 86:78:c9:61:2f:14:ba:ee:db:55:6f:df:84:ee:05:09:4d:bd: - 28:d8:72:ce:d3:62:50:65:1e:eb:92:97:83:31:d9:b3:b5:ca: - 47:58:3f:5f ------BEGIN CERTIFICATE----- -MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G -A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp -Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4 -MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEG -A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWtiHL8 -RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsT -gHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmm -KPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zd -QQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZ -XriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCAwEAAaNCMEAw -DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI/wS3+o -LkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZU -RUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMp -jjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK -6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX -mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs -Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH -WD9f ------END CERTIFICATE----- diff --git a/certs/GlobalSign.pem b/certs/GlobalSign.pem new file mode 100644 index 0000000..47035e4 --- /dev/null +++ b/certs/GlobalSign.pem @@ -0,0 +1,28 @@ +# Issuer: CN=GlobalSign O=GlobalSign OU=GlobalSign Root CA - R3 +# Subject: CN=GlobalSign O=GlobalSign OU=GlobalSign Root CA - R3 +# Label: "GlobalSign Root CA - R3" +# Serial: 4835703278459759426209954 +# MD5 Fingerprint: c5:df:b8:49:ca:05:13:55:ee:2d:ba:1a:c3:3e:b0:28 +# SHA1 Fingerprint: d6:9b:56:11:48:f0:1c:77:c5:45:78:c1:09:26:df:5b:85:69:76:ad +# SHA256 Fingerprint: cb:b5:22:d7:b7:f1:27:ad:6a:01:13:86:5b:df:1c:d4:10:2e:7d:07:59:af:63:5a:7c:f4:72:0d:c9:63:c5:3b +-----BEGIN CERTIFICATE----- +MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G +A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp +Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4 +MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEG +A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWtiHL8 +RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsT +gHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmm +KPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zd +QQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZ +XriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCAwEAAaNCMEAw +DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI/wS3+o +LkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZU +RUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMp +jjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK +6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX +mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs +Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH +WD9f +-----END CERTIFICATE----- diff --git a/global-config.rsc b/global-config.rsc index f99fdf1..16de721 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -98,9 +98,9 @@ # { url="https://git.eworm.de/cgit/routeros-scripts/plain/fw-addr-lists.d/block"; # cert="ISRG Root X2" }; { url="https://feodotracker.abuse.ch/downloads/ipblocklist_recommended.txt"; - cert="GlobalSign Atlas R3 DV TLS CA 2022 Q3" }; + cert="GlobalSign" }; { url="https://sslbl.abuse.ch/blacklist/sslipblacklist.txt"; - cert="GlobalSign Atlas R3 DV TLS CA 2022 Q3" }; + cert="GlobalSign" }; { url="https://www.dshield.org/block.txt"; cidr="/24"; cert="ISRG Root X1" }; { url="https://lists.blocklist.de/lists/strongips.txt"; From 944e125ef9186d933609c131dfdd85178a57453b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 20 Jun 2024 10:29:40 +0200 Subject: [PATCH 535/908] certs: Certum Domain Validation CA SHA2 -> Certum Trusted Network CA --- certs/Certum-Domain-Validation-CA-SHA2.pem | 176 --------------------- certs/Certum-Trusted-Network-CA.pem | 29 ++++ global-config.rsc | 2 +- 3 files changed, 30 insertions(+), 177 deletions(-) delete mode 100644 certs/Certum-Domain-Validation-CA-SHA2.pem create mode 100644 certs/Certum-Trusted-Network-CA.pem diff --git a/certs/Certum-Domain-Validation-CA-SHA2.pem b/certs/Certum-Domain-Validation-CA-SHA2.pem deleted file mode 100644 index 0cc17ac..0000000 --- a/certs/Certum-Domain-Validation-CA-SHA2.pem +++ /dev/null @@ -1,176 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 279744 (0x444c0) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA - Validity - Not Before: Oct 22 12:07:37 2008 GMT - Not After : Dec 31 12:07:37 2029 GMT - Subject: C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:e3:fb:7d:a3:72:ba:c2:f0:c9:14:87:f5:6b:01: - 4e:e1:6e:40:07:ba:6d:27:5d:7f:f7:5b:2d:b3:5a: - c7:51:5f:ab:a4:32:a6:61:87:b6:6e:0f:86:d2:30: - 02:97:f8:d7:69:57:a1:18:39:5d:6a:64:79:c6:01: - 59:ac:3c:31:4a:38:7c:d2:04:d2:4b:28:e8:20:5f: - 3b:07:a2:cc:4d:73:db:f3:ae:4f:c7:56:d5:5a:a7: - 96:89:fa:f3:ab:68:d4:23:86:59:27:cf:09:27:bc: - ac:6e:72:83:1c:30:72:df:e0:a2:e9:d2:e1:74:75: - 19:bd:2a:9e:7b:15:54:04:1b:d7:43:39:ad:55:28: - c5:e2:1a:bb:f4:c0:e4:ae:38:49:33:cc:76:85:9f: - 39:45:d2:a4:9e:f2:12:8c:51:f8:7c:e4:2d:7f:f5: - ac:5f:eb:16:9f:b1:2d:d1:ba:cc:91:42:77:4c:25: - c9:90:38:6f:db:f0:cc:fb:8e:1e:97:59:3e:d5:60: - 4e:e6:05:28:ed:49:79:13:4b:ba:48:db:2f:f9:72: - d3:39:ca:fe:1f:d8:34:72:f5:b4:40:cf:31:01:c3: - ec:de:11:2d:17:5d:1f:b8:50:d1:5e:19:a7:69:de: - 07:33:28:ca:50:95:f9:a7:54:cb:54:86:50:45:a9: - f9:49 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 08:76:CD:CB:07:FF:24:F6:C5:CD:ED:BB:90:BC:E2:84:37:46:75:F7 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - Signature Value: - a6:a8:ad:22:ce:01:3d:a6:a3:ff:62:d0:48:9d:8b:5e:72:b0: - 78:44:e3:dc:1c:af:09:fd:23:48:fa:bd:2a:c4:b9:55:04:b5: - 10:a3:8d:27:de:0b:82:63:d0:ee:de:0c:37:79:41:5b:22:b2: - b0:9a:41:5c:a6:70:e0:d4:d0:77:cb:23:d3:00:e0:6c:56:2f: - e1:69:0d:0d:d9:aa:bf:21:81:50:d9:06:a5:a8:ff:95:37:d0: - aa:fe:e2:b3:f5:99:2d:45:84:8a:e5:42:09:d7:74:02:2f:f7: - 89:d8:99:e9:bc:27:d4:47:8d:ba:0d:46:1c:77:cf:14:a4:1c: - b9:a4:31:c4:9c:28:74:03:34:ff:33:19:26:a5:e9:0d:74:b7: - 3e:97:c6:76:e8:27:96:a3:66:dd:e1:ae:f2:41:5b:ca:98:56: - 83:73:70:e4:86:1a:d2:31:41:ba:2f:be:2d:13:5a:76:6f:4e: - e8:4e:81:0e:3f:5b:03:22:a0:12:be:66:58:11:4a:cb:03:c4: - b4:2a:2a:2d:96:17:e0:39:54:bc:48:d3:76:27:9d:9a:2d:06: - a6:c9:ec:39:d2:ab:db:9f:9a:0b:27:02:35:29:b1:40:95:e7: - f9:e8:9c:55:88:19:46:d6:b7:34:f5:7e:ce:39:9a:d9:38:f1: - 51:f7:4f:2c ------BEGIN CERTIFICATE----- -MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM -MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D -ZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxIjAgBgNVBAMTGUNlcnR1bSBU -cnVzdGVkIE5ldHdvcmsgQ0EwHhcNMDgxMDIyMTIwNzM3WhcNMjkxMjMxMTIwNzM3 -WjB+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMg -Uy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIw -IAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMIIBIjANBgkqhkiG9w0B -AQEFAAOCAQ8AMIIBCgKCAQEA4/t9o3K6wvDJFIf1awFO4W5AB7ptJ11/91sts1rH -UV+rpDKmYYe2bg+G0jACl/jXaVehGDldamR5xgFZrDwxSjh80gTSSyjoIF87B6LM -TXPb865Px1bVWqeWifrzq2jUI4ZZJ88JJ7ysbnKDHDBy3+Ci6dLhdHUZvSqeexVU -BBvXQzmtVSjF4hq79MDkrjhJM8x2hZ85RdKknvISjFH4fOQtf/WsX+sWn7Et0brM -kUJ3TCXJkDhv2/DM+44el1k+1WBO5gUo7Ul5E0u6SNsv+XLTOcr+H9g0cvW0QM8x -AcPs3hEtF10fuFDRXhmnad4HMyjKUJX5p1TLVIZQRan5SQIDAQABo0IwQDAPBgNV -HRMBAf8EBTADAQH/MB0GA1UdDgQWBBQIds3LB/8k9sXN7buQvOKEN0Z19zAOBgNV -HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAKaorSLOAT2mo/9i0Eidi15y -sHhE49wcrwn9I0j6vSrEuVUEtRCjjSfeC4Jj0O7eDDd5QVsisrCaQVymcODU0HfL -I9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1mS1FhIrlQgnXdAIv94nYmem8 -J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5ajZt3hrvJBW8qY -VoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI -03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw= ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 26:dd:d2:2b:46:c9:c4:4d:5a:69:4d:39:80:7e:72:ad - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA - Validity - Not Before: Sep 11 12:00:00 2014 GMT - Not After : Jun 9 10:46:39 2027 GMT - Subject: C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Domain Validation CA SHA2 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:a1:25:63:df:8d:e4:20:07:d9:54:d1:d1:04:f6: - 17:e2:3e:47:fb:c3:74:25:b8:c4:bf:12:12:bc:e0: - 70:d1:39:05:c2:17:b3:f7:82:70:a0:4e:07:fe:10: - 2a:ff:db:0d:46:5e:24:94:a3:8b:45:9f:18:9b:ce: - 42:c4:ae:db:83:33:bc:c2:bb:b4:30:b6:a7:37:87: - 78:7b:48:cb:25:2c:82:bb:0a:48:12:60:76:89:ec: - 8e:cc:8f:1e:52:48:e9:86:02:5a:c2:b0:8a:7c:85: - 3d:d9:ff:60:4f:33:6c:a6:a1:a0:85:e1:d7:53:f2: - ea:27:3d:65:a9:72:c1:08:83:cc:b0:25:9c:11:46: - 24:e0:3e:f4:a7:ef:ed:51:b1:65:93:42:b4:f6:e6: - 86:0a:10:79:32:36:58:b2:6b:a8:dc:d5:7a:1e:9d: - 14:ee:40:e7:b2:46:4c:bd:9a:29:c2:ec:f8:30:c1: - 62:02:2a:e2:1c:83:62:d0:85:36:1a:83:de:12:84: - 29:65:ef:d2:32:be:31:60:42:a8:cf:f8:dd:ea:d0: - 56:47:1d:bd:76:96:24:13:e7:be:d9:99:2b:fa:30: - 64:f1:8a:38:7a:a6:e1:2a:96:02:b0:9d:ba:d8:8f: - 6d:4e:7a:94:69:7d:b0:93:aa:74:e5:93:90:13:fa: - a2:99 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - E5:31:AD:BF:3A:11:96:F4:83:BC:50:3C:D4:B7:90:9B:90:EE:DE:25 - X509v3 Authority Key Identifier: - 08:76:CD:CB:07:FF:24:F6:C5:CD:ED:BB:90:BC:E2:84:37:46:75:F7 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 CRL Distribution Points: - Full Name: - URI:http://crl.certum.pl/ctnca.crl - Authority Information Access: - OCSP - URI:http://subca.ocsp-certum.com - CA Issuers - URI:http://repository.certum.pl/ctnca.cer - X509v3 Certificate Policies: - Policy: X509v3 Any Policy - CPS: http://www.certum.pl/CPS - Signature Algorithm: sha256WithRSAEncryption - Signature Value: - ba:bf:f0:e1:dd:4d:2b:42:43:64:58:df:64:f3:ff:80:1a:5f: - 56:be:3b:a9:b2:76:f7:54:7a:4c:30:c1:99:24:4b:72:d2:ca: - d4:fa:08:c6:90:de:88:12:ed:f8:90:f9:fc:a9:84:fd:92:f2: - 78:e5:db:c9:22:57:ab:41:30:42:6b:0b:9f:d7:73:33:fb:01: - 67:1c:42:5c:8f:27:67:c7:6e:07:03:8d:0e:96:cb:0a:03:cc: - 3e:f8:87:3c:35:30:cd:18:8c:d5:71:dd:cd:dd:61:b0:13:a3: - 64:46:4e:fe:71:4e:6b:65:e9:14:04:f2:3f:a8:bd:0c:36:3d: - 2a:5d:9e:07:f2:c2:4f:90:c5:5e:4d:18:37:d1:27:28:80:a4: - 36:e5:ca:93:6a:65:0e:f8:93:b9:af:52:58:4b:7a:71:d8:ba: - f3:ef:d2:f3:f6:a2:97:e4:5d:14:02:9a:cb:e5:ae:b6:93:e1: - 23:9f:9b:3f:46:f7:ee:8e:a1:00:5b:66:c3:1e:68:23:86:0f: - 5d:77:ba:53:ad:f9:52:fb:70:15:c5:75:eb:cf:79:ad:49:7c: - f2:76:62:ae:44:2f:c5:5f:51:34:25:41:6a:12:0a:5f:8e:ae: - 10:c4:43:89:35:fd:ec:ff:31:e6:ec:1e:87:e9:3a:7c:29:50: - 45:41:a3:14 ------BEGIN CERTIFICATE----- -MIIEzjCCA7agAwIBAgIQJt3SK0bJxE1aaU05gH5yrTANBgkqhkiG9w0BAQsFADB+ -MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMgUy5B -LjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIwIAYD -VQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMB4XDTE0MDkxMTEyMDAwMFoX -DTI3MDYwOTEwNDYzOVowgYUxCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRv -IFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlv -biBBdXRob3JpdHkxKTAnBgNVBAMTIENlcnR1bSBEb21haW4gVmFsaWRhdGlvbiBD -QSBTSEEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSVj343kIAfZ -VNHRBPYX4j5H+8N0JbjEvxISvOBw0TkFwhez94JwoE4H/hAq/9sNRl4klKOLRZ8Y -m85CxK7bgzO8wru0MLanN4d4e0jLJSyCuwpIEmB2ieyOzI8eUkjphgJawrCKfIU9 -2f9gTzNspqGgheHXU/LqJz1lqXLBCIPMsCWcEUYk4D70p+/tUbFlk0K09uaGChB5 -MjZYsmuo3NV6Hp0U7kDnskZMvZopwuz4MMFiAiriHINi0IU2GoPeEoQpZe/SMr4x -YEKoz/jd6tBWRx29dpYkE+e+2Zkr+jBk8Yo4eqbhKpYCsJ262I9tTnqUaX2wk6p0 -5ZOQE/qimQIDAQABo4IBPjCCATowDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU -5TGtvzoRlvSDvFA81LeQm5Du3iUwHwYDVR0jBBgwFoAUCHbNywf/JPbFze27kLzi -hDdGdfcwDgYDVR0PAQH/BAQDAgEGMC8GA1UdHwQoMCYwJKAioCCGHmh0dHA6Ly9j -cmwuY2VydHVtLnBsL2N0bmNhLmNybDBrBggrBgEFBQcBAQRfMF0wKAYIKwYBBQUH -MAGGHGh0dHA6Ly9zdWJjYS5vY3NwLWNlcnR1bS5jb20wMQYIKwYBBQUHMAKGJWh0 -dHA6Ly9yZXBvc2l0b3J5LmNlcnR1bS5wbC9jdG5jYS5jZXIwOQYDVR0gBDIwMDAu -BgRVHSAAMCYwJAYIKwYBBQUHAgEWGGh0dHA6Ly93d3cuY2VydHVtLnBsL0NQUzAN -BgkqhkiG9w0BAQsFAAOCAQEAur/w4d1NK0JDZFjfZPP/gBpfVr47qbJ291R6TDDB -mSRLctLK1PoIxpDeiBLt+JD5/KmE/ZLyeOXbySJXq0EwQmsLn9dzM/sBZxxCXI8n -Z8duBwONDpbLCgPMPviHPDUwzRiM1XHdzd1hsBOjZEZO/nFOa2XpFATyP6i9DDY9 -Kl2eB/LCT5DFXk0YN9EnKICkNuXKk2plDviTua9SWEt6cdi68+/S8/ail+RdFAKa -y+WutpPhI5+bP0b37o6hAFtmwx5oI4YPXXe6U635UvtwFcV16895rUl88nZirkQv -xV9RNCVBahIKX46uEMRDiTX97P8x5uweh+k6fClQRUGjFA== ------END CERTIFICATE----- diff --git a/certs/Certum-Trusted-Network-CA.pem b/certs/Certum-Trusted-Network-CA.pem new file mode 100644 index 0000000..a48e706 --- /dev/null +++ b/certs/Certum-Trusted-Network-CA.pem @@ -0,0 +1,29 @@ +# Issuer: CN=Certum Trusted Network CA O=Unizeto Technologies S.A. OU=Certum Certification Authority +# Subject: CN=Certum Trusted Network CA O=Unizeto Technologies S.A. OU=Certum Certification Authority +# Label: "Certum Trusted Network CA" +# Serial: 279744 +# MD5 Fingerprint: d5:e9:81:40:c5:18:69:fc:46:2c:89:75:62:0f:aa:78 +# SHA1 Fingerprint: 07:e0:32:e0:20:b7:2c:3f:19:2f:06:28:a2:59:3a:19:a7:0f:06:9e +# SHA256 Fingerprint: 5c:58:46:8d:55:f5:8e:49:7e:74:39:82:d2:b5:00:10:b6:d1:65:37:4a:cf:83:a7:d4:a3:2d:b7:68:c4:40:8e +-----BEGIN CERTIFICATE----- +MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM +MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D +ZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxIjAgBgNVBAMTGUNlcnR1bSBU +cnVzdGVkIE5ldHdvcmsgQ0EwHhcNMDgxMDIyMTIwNzM3WhcNMjkxMjMxMTIwNzM3 +WjB+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMg +Uy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIw +IAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEA4/t9o3K6wvDJFIf1awFO4W5AB7ptJ11/91sts1rH +UV+rpDKmYYe2bg+G0jACl/jXaVehGDldamR5xgFZrDwxSjh80gTSSyjoIF87B6LM +TXPb865Px1bVWqeWifrzq2jUI4ZZJ88JJ7ysbnKDHDBy3+Ci6dLhdHUZvSqeexVU +BBvXQzmtVSjF4hq79MDkrjhJM8x2hZ85RdKknvISjFH4fOQtf/WsX+sWn7Et0brM +kUJ3TCXJkDhv2/DM+44el1k+1WBO5gUo7Ul5E0u6SNsv+XLTOcr+H9g0cvW0QM8x +AcPs3hEtF10fuFDRXhmnad4HMyjKUJX5p1TLVIZQRan5SQIDAQABo0IwQDAPBgNV +HRMBAf8EBTADAQH/MB0GA1UdDgQWBBQIds3LB/8k9sXN7buQvOKEN0Z19zAOBgNV +HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAKaorSLOAT2mo/9i0Eidi15y +sHhE49wcrwn9I0j6vSrEuVUEtRCjjSfeC4Jj0O7eDDd5QVsisrCaQVymcODU0HfL +I9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1mS1FhIrlQgnXdAIv94nYmem8 +J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5ajZt3hrvJBW8qY +VoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI +03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw= +-----END CERTIFICATE----- diff --git a/global-config.rsc b/global-config.rsc index 16de721..73a9ca0 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -104,7 +104,7 @@ { url="https://www.dshield.org/block.txt"; cidr="/24"; cert="ISRG Root X1" }; { url="https://lists.blocklist.de/lists/strongips.txt"; - cert="Certum Domain Validation CA SHA2" }; + cert="Certum Trusted Network CA" }; # { url="https://www.spamhaus.org/drop/drop.txt"; # cert="Cloudflare Inc ECC CA-3" }; # { url="https://www.spamhaus.org/drop/edrop.txt"; From 7553870f2aac7182f5181273fb4a73e219fc68c7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 20 Jun 2024 10:32:01 +0200 Subject: [PATCH 536/908] certs: Cloudflare Inc ECC CA-3 -> Baltimore CyberTrust Root --- certs/Baltimore-CyberTrust-Root.pem | 28 +++++ certs/Cloudflare-Inc-ECC-CA-3.pem | 163 ---------------------------- global-config.rsc | 4 +- 3 files changed, 30 insertions(+), 165 deletions(-) create mode 100644 certs/Baltimore-CyberTrust-Root.pem delete mode 100644 certs/Cloudflare-Inc-ECC-CA-3.pem diff --git a/certs/Baltimore-CyberTrust-Root.pem b/certs/Baltimore-CyberTrust-Root.pem new file mode 100644 index 0000000..de8121a --- /dev/null +++ b/certs/Baltimore-CyberTrust-Root.pem @@ -0,0 +1,28 @@ +# Issuer: CN=Baltimore CyberTrust Root O=Baltimore OU=CyberTrust +# Subject: CN=Baltimore CyberTrust Root O=Baltimore OU=CyberTrust +# Label: "Baltimore CyberTrust Root" +# Serial: 33554617 +# MD5 Fingerprint: ac:b6:94:a5:9c:17:e0:d7:91:52:9b:b1:97:06:a6:e4 +# SHA1 Fingerprint: d4:de:20:d0:5e:66:fc:53:fe:1a:50:88:2c:78:db:28:52:ca:e4:74 +# SHA256 Fingerprint: 16:af:57:a9:f6:76:b0:ab:12:60:95:aa:5e:ba:de:f2:2a:b3:11:19:d6:44:ac:95:cd:4b:93:db:f3:f2:6a:eb +-----BEGIN CERTIFICATE----- +MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ +RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD +VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX +DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y +ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy +VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr +mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr +IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK +mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu +XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy +dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye +jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1 +BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3 +DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92 +9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx +jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0 +Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz +ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS +R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp +-----END CERTIFICATE----- diff --git a/certs/Cloudflare-Inc-ECC-CA-3.pem b/certs/Cloudflare-Inc-ECC-CA-3.pem deleted file mode 100644 index fa91603..0000000 --- a/certs/Cloudflare-Inc-ECC-CA-3.pem +++ /dev/null @@ -1,163 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 0a:37:87:64:5e:5f:b4:8c:22:4e:fd:1b:ed:14:0c:3c - Signature Algorithm: sha256WithRSAEncryption - Issuer: C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root - Validity - Not Before: Jan 27 12:48:08 2020 GMT - Not After : Dec 31 23:59:59 2024 GMT - Subject: C = US, O = "Cloudflare, Inc.", CN = Cloudflare Inc ECC CA-3 - Subject Public Key Info: - Public Key Algorithm: id-ecPublicKey - Public-Key: (256 bit) - pub: - 04:b9:ad:4d:66:99:14:0b:46:ec:1f:81:d1:2a:50: - 1e:9d:03:15:2f:34:12:7d:2d:96:b8:88:38:9b:85: - 5f:8f:bf:bb:4d:ef:61:46:c4:c9:73:d4:24:4f:e0: - ee:1c:ce:6c:b3:51:71:2f:6a:ee:4c:05:09:77:d3: - 72:62:a4:9b:d7 - ASN1 OID: prime256v1 - NIST CURVE: P-256 - X509v3 extensions: - X509v3 Subject Key Identifier: - A5:CE:37:EA:EB:B0:75:0E:94:67:88:B4:45:FA:D9:24:10:87:96:1F - X509v3 Authority Key Identifier: - E5:9D:59:30:82:47:58:CC:AC:FA:08:54:36:86:7B:3A:B5:04:4D:F0 - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Extended Key Usage: - TLS Web Server Authentication, TLS Web Client Authentication - X509v3 Basic Constraints: critical - CA:TRUE, pathlen:0 - Authority Information Access: - OCSP - URI:http://ocsp.digicert.com - X509v3 CRL Distribution Points: - Full Name: - URI:http://crl3.digicert.com/Omniroot2025.crl - X509v3 Certificate Policies: - Policy: 2.16.840.1.114412.1.1 - CPS: https://www.digicert.com/CPS - Policy: 2.16.840.1.114412.1.2 - Policy: 2.23.140.1.2.1 - Policy: 2.23.140.1.2.2 - Policy: 2.23.140.1.2.3 - Signature Algorithm: sha256WithRSAEncryption - Signature Value: - 05:24:1d:dd:1b:b0:2a:eb:98:d6:85:e3:39:4d:5e:6b:57:9d: - 82:57:fc:eb:e8:31:a2:57:90:65:05:be:16:44:38:5a:77:02: - b9:cf:10:42:c6:e1:92:a4:e3:45:27:f8:00:47:2c:68:a8:56: - 99:53:54:8f:ad:9e:40:c1:d0:0f:b6:d7:0d:0b:38:48:6c:50: - 2c:49:90:06:5b:64:1d:8b:cc:48:30:2e:de:08:e2:9b:49:22: - c0:92:0c:11:5e:96:92:94:d5:fc:20:dc:56:6c:e5:92:93:bf: - 7a:1c:c0:37:e3:85:49:15:fa:2b:e1:74:39:18:0f:b7:da:f3: - a2:57:58:60:4f:cc:8e:94:00:fc:46:7b:34:31:3e:4d:47:82: - 81:3a:cb:f4:89:5d:0e:ef:4d:0d:6e:9c:1b:82:24:dd:32:25: - 5d:11:78:51:10:3d:a0:35:23:04:2f:65:6f:9c:c1:d1:43:d7: - d0:1e:f3:31:67:59:27:dd:6b:d2:75:09:93:11:24:24:14:cf: - 29:be:e6:23:c3:b8:8f:72:3f:e9:07:c8:24:44:53:7a:b3:b9: - 61:65:a1:4c:0e:c6:48:00:c9:75:63:05:87:70:45:52:83:d3: - 95:9d:45:ea:f0:e8:31:1d:7e:09:1f:0a:fe:3e:dd:aa:3c:5e: - 74:d2:ac:b1 ------BEGIN CERTIFICATE----- -MIIDzTCCArWgAwIBAgIQCjeHZF5ftIwiTv0b7RQMPDANBgkqhkiG9w0BAQsFADBa -MQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJl -clRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTIw -MDEyNzEyNDgwOFoXDTI0MTIzMTIzNTk1OVowSjELMAkGA1UEBhMCVVMxGTAXBgNV -BAoTEENsb3VkZmxhcmUsIEluYy4xIDAeBgNVBAMTF0Nsb3VkZmxhcmUgSW5jIEVD -QyBDQS0zMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEua1NZpkUC0bsH4HRKlAe -nQMVLzQSfS2WuIg4m4Vfj7+7Te9hRsTJc9QkT+DuHM5ss1FxL2ruTAUJd9NyYqSb -16OCAWgwggFkMB0GA1UdDgQWBBSlzjfq67B1DpRniLRF+tkkEIeWHzAfBgNVHSME -GDAWgBTlnVkwgkdYzKz6CFQ2hns6tQRN8DAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0l -BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYI -KwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5j -b20wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL09t -bmlyb290MjAyNS5jcmwwbQYDVR0gBGYwZDA3BglghkgBhv1sAQEwKjAoBggrBgEF -BQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzALBglghkgBhv1sAQIw -CAYGZ4EMAQIBMAgGBmeBDAECAjAIBgZngQwBAgMwDQYJKoZIhvcNAQELBQADggEB -AAUkHd0bsCrrmNaF4zlNXmtXnYJX/OvoMaJXkGUFvhZEOFp3ArnPEELG4ZKk40Un -+ABHLGioVplTVI+tnkDB0A+21w0LOEhsUCxJkAZbZB2LzEgwLt4I4ptJIsCSDBFe -lpKU1fwg3FZs5ZKTv3ocwDfjhUkV+ivhdDkYD7fa86JXWGBPzI6UAPxGezQxPk1H -goE6y/SJXQ7vTQ1unBuCJN0yJV0ReFEQPaA1IwQvZW+cwdFD19Ae8zFnWSfda9J1 -CZMRJCQUzym+5iPDuI9yP+kHyCREU3qzuWFloUwOxkgAyXVjBYdwRVKD05WdRerw -6DEdfgkfCv4+3ao8XnTSrLE= ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 33554617 (0x20000b9) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root - Validity - Not Before: May 12 18:46:00 2000 GMT - Not After : May 12 23:59:00 2025 GMT - Subject: C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:a3:04:bb:22:ab:98:3d:57:e8:26:72:9a:b5:79: - d4:29:e2:e1:e8:95:80:b1:b0:e3:5b:8e:2b:29:9a: - 64:df:a1:5d:ed:b0:09:05:6d:db:28:2e:ce:62:a2: - 62:fe:b4:88:da:12:eb:38:eb:21:9d:c0:41:2b:01: - 52:7b:88:77:d3:1c:8f:c7:ba:b9:88:b5:6a:09:e7: - 73:e8:11:40:a7:d1:cc:ca:62:8d:2d:e5:8f:0b:a6: - 50:d2:a8:50:c3:28:ea:f5:ab:25:87:8a:9a:96:1c: - a9:67:b8:3f:0c:d5:f7:f9:52:13:2f:c2:1b:d5:70: - 70:f0:8f:c0:12:ca:06:cb:9a:e1:d9:ca:33:7a:77: - d6:f8:ec:b9:f1:68:44:42:48:13:d2:c0:c2:a4:ae: - 5e:60:fe:b6:a6:05:fc:b4:dd:07:59:02:d4:59:18: - 98:63:f5:a5:63:e0:90:0c:7d:5d:b2:06:7a:f3:85: - ea:eb:d4:03:ae:5e:84:3e:5f:ff:15:ed:69:bc:f9: - 39:36:72:75:cf:77:52:4d:f3:c9:90:2c:b9:3d:e5: - c9:23:53:3f:1f:24:98:21:5c:07:99:29:bd:c6:3a: - ec:e7:6e:86:3a:6b:97:74:63:33:bd:68:18:31:f0: - 78:8d:76:bf:fc:9e:8e:5d:2a:86:a7:4d:90:dc:27: - 1a:39 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - E5:9D:59:30:82:47:58:CC:AC:FA:08:54:36:86:7B:3A:B5:04:4D:F0 - X509v3 Basic Constraints: critical - CA:TRUE, pathlen:3 - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - Signature Algorithm: sha1WithRSAEncryption - Signature Value: - 85:0c:5d:8e:e4:6f:51:68:42:05:a0:dd:bb:4f:27:25:84:03: - bd:f7:64:fd:2d:d7:30:e3:a4:10:17:eb:da:29:29:b6:79:3f: - 76:f6:19:13:23:b8:10:0a:f9:58:a4:d4:61:70:bd:04:61:6a: - 12:8a:17:d5:0a:bd:c5:bc:30:7c:d6:e9:0c:25:8d:86:40:4f: - ec:cc:a3:7e:38:c6:37:11:4f:ed:dd:68:31:8e:4c:d2:b3:01: - 74:ee:be:75:5e:07:48:1a:7f:70:ff:16:5c:84:c0:79:85:b8: - 05:fd:7f:be:65:11:a3:0f:c0:02:b4:f8:52:37:39:04:d5:a9: - 31:7a:18:bf:a0:2a:f4:12:99:f7:a3:45:82:e3:3c:5e:f5:9d: - 9e:b5:c8:9e:7c:2e:c8:a4:9e:4e:08:14:4b:6d:fd:70:6d:6b: - 1a:63:bd:64:e6:1f:b7:ce:f0:f2:9f:2e:bb:1b:b7:f2:50:88: - 73:92:c2:e2:e3:16:8d:9a:32:02:ab:8e:18:dd:e9:10:11:ee: - 7e:35:ab:90:af:3e:30:94:7a:d0:33:3d:a7:65:0f:f5:fc:8e: - 9e:62:cf:47:44:2c:01:5d:bb:1d:b5:32:d2:47:d2:38:2e:d0: - fe:81:dc:32:6a:1e:b5:ee:3c:d5:fc:e7:81:1d:19:c3:24:42: - ea:63:39:a9 ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ -RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD -VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX -DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y -ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy -VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr -mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr -IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK -mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu -XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy -dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye -jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1 -BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3 -DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92 -9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx -jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0 -Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz -ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS -R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp ------END CERTIFICATE----- diff --git a/global-config.rsc b/global-config.rsc index 73a9ca0..cdc1d5c 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -106,9 +106,9 @@ { url="https://lists.blocklist.de/lists/strongips.txt"; cert="Certum Trusted Network CA" }; # { url="https://www.spamhaus.org/drop/drop.txt"; -# cert="Cloudflare Inc ECC CA-3" }; +# cert="Baltimore CyberTrust Root" }; # { url="https://www.spamhaus.org/drop/edrop.txt"; -# cert="Cloudflare Inc ECC CA-3" }; +# cert="Baltimore CyberTrust Root" }; }; # "mikrotik"={ # { url="https://git.eworm.de/cgit/routeros-scripts/plain/fw-addr-lists.d/mikrotik"; From a744508d4f59bb95106b454c930fbb3f9eb28066 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 20 Jun 2024 10:34:49 +0200 Subject: [PATCH 537/908] certs: Starfield Secure Certificate Authority - G2 -> Starfield Root Certificate Authority - G2 --- ...tarfield-Root-Certificate-Authority-G2.pem | 30 +++ ...rfield-Secure-Certificate-Authority-G2.pem | 179 ------------------ update-tunnelbroker.rsc | 2 +- 3 files changed, 31 insertions(+), 180 deletions(-) create mode 100644 certs/Starfield-Root-Certificate-Authority-G2.pem delete mode 100644 certs/Starfield-Secure-Certificate-Authority-G2.pem diff --git a/certs/Starfield-Root-Certificate-Authority-G2.pem b/certs/Starfield-Root-Certificate-Authority-G2.pem new file mode 100644 index 0000000..4e6774d --- /dev/null +++ b/certs/Starfield-Root-Certificate-Authority-G2.pem @@ -0,0 +1,30 @@ +# Issuer: CN=Starfield Root Certificate Authority - G2 O=Starfield Technologies, Inc. +# Subject: CN=Starfield Root Certificate Authority - G2 O=Starfield Technologies, Inc. +# Label: "Starfield Root Certificate Authority - G2" +# Serial: 0 +# MD5 Fingerprint: d6:39:81:c6:52:7e:96:69:fc:fc:ca:66:ed:05:f2:96 +# SHA1 Fingerprint: b5:1c:06:7c:ee:2b:0c:3d:f8:55:ab:2d:92:f4:fe:39:d4:e7:0f:0e +# SHA256 Fingerprint: 2c:e1:cb:0b:f9:d2:f9:e1:02:99:3f:be:21:51:52:c3:b2:dd:0c:ab:de:1c:68:e5:31:9b:83:91:54:db:b7:f5 +-----BEGIN CERTIFICATE----- +MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMx +EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT +HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVs +ZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAw +MFoXDTM3MTIzMTIzNTk1OVowgY8xCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6 +b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVj +aG5vbG9naWVzLCBJbmMuMTIwMAYDVQQDEylTdGFyZmllbGQgUm9vdCBDZXJ0aWZp +Y2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAL3twQP89o/8ArFvW59I2Z154qK3A2FWGMNHttfKPTUuiUP3oWmb3ooa/RMg +nLRJdzIpVv257IzdIvpy3Cdhl+72WoTsbhm5iSzchFvVdPtrX8WJpRBSiUZV9Lh1 +HOZ/5FSuS/hVclcCGfgXcVnrHigHdMWdSL5stPSksPNkN3mSwOxGXn/hbVNMYq/N +Hwtjuzqd+/x5AJhhdM8mgkBj87JyahkNmcrUDnXMN/uLicFZ8WJ/X7NfZTD4p7dN +dloedl40wOiWVpmKs/B/pM293DIxfJHP4F8R+GuqSVzRmZTRouNjWwl2tVZi4Ut0 +HZbUJtQIBFnQmA4O5t78w+wfkPECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO +BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFHwMMh+n2TB/xH1oo2Kooc6rB1snMA0G +CSqGSIb3DQEBCwUAA4IBAQARWfolTwNvlJk7mh+ChTnUdgWUXuEok21iXQnCoKjU +sHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx4mcujJUDJi5DnUox9g61DLu3 +4jd/IroAow57UvtruzvE03lRTs2Q9GcHGcg8RnoNAX3FWOdt5oUwF5okxBDgBPfg +8n/Uqgr/Qh037ZTlZFkSIHc40zI+OIF1lnP6aI+xy84fxez6nH7PfrHxBy22/L/K +pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1 +mMpYjn0q7pBZc2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0 +-----END CERTIFICATE----- diff --git a/certs/Starfield-Secure-Certificate-Authority-G2.pem b/certs/Starfield-Secure-Certificate-Authority-G2.pem deleted file mode 100644 index 7772e6b..0000000 --- a/certs/Starfield-Secure-Certificate-Authority-G2.pem +++ /dev/null @@ -1,179 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 7 (0x7) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Root Certificate Authority - G2 - Validity - Not Before: May 3 07:00:00 2011 GMT - Not After : May 3 07:00:00 2031 GMT - Subject: C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", OU = http://certs.starfieldtech.com/repository/, CN = Starfield Secure Certificate Authority - G2 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public-Key: (2048 bit) - Modulus: - 00:e5:90:66:4b:ec:f9:46:71:a9:20:83:be:e9:6c: - bf:4a:c9:48:69:81:75:4e:6d:24:f6:cb:17:13:f8: - b0:71:59:84:7a:6b:2b:85:a4:34:b5:16:e5:cb:cc: - e9:41:70:2c:a4:2e:d6:fa:32:7d:e1:a8:de:94:10: - ac:31:c1:c0:d8:6a:ff:59:27:ab:76:d6:fc:0b:74: - 6b:b8:a7:ae:3f:c4:54:f4:b4:31:44:dd:93:56:8c: - a4:4c:5e:9b:89:cb:24:83:9b:e2:57:7d:b7:d8:12: - 1f:c9:85:6d:f4:d1:80:f1:50:9b:87:ae:d4:0b:10: - 05:fb:27:ba:28:6d:17:e9:0e:d6:4d:b9:39:55:06: - ff:0a:24:05:7e:2f:c6:1d:72:6c:d4:8b:29:8c:57: - 7d:da:d9:eb:66:1a:d3:4f:a7:df:7f:52:c4:30:c5: - a5:c9:0e:02:c5:53:bf:77:38:68:06:24:c3:66:c8: - 37:7e:30:1e:45:71:23:35:ff:90:d8:2a:9d:8d:e7: - b0:92:4d:3c:7f:2a:0a:93:dc:cd:16:46:65:f7:60: - 84:8b:76:4b:91:27:73:14:92:e0:ea:ee:8f:16:ea: - 8d:0e:3e:76:17:bf:7d:89:80:80:44:43:e7:2d:e0: - 43:09:75:da:36:e8:ad:db:89:3a:f5:5d:12:8e:23: - 04:83 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 25:45:81:68:50:26:38:3D:3B:2D:2C:BE:CD:6A:D9:B6:3D:B3:66:63 - X509v3 Authority Key Identifier: - keyid:7C:0C:32:1F:A7:D9:30:7F:C4:7D:68:A3:62:A8:A1:CE:AB:07:5B:27 - - Authority Information Access: - OCSP - URI:http://ocsp.starfieldtech.com/ - - X509v3 CRL Distribution Points: - - Full Name: - URI:http://crl.starfieldtech.com/sfroot-g2.crl - - X509v3 Certificate Policies: - Policy: X509v3 Any Policy - CPS: https://certs.starfieldtech.com/repository/ - - Signature Algorithm: sha256WithRSAEncryption - 56:65:ca:fe:f3:3f:0a:a8:93:8b:18:c7:de:43:69:13:34:20: - be:4e:5f:78:a8:6b:9c:db:6a:4d:41:db:c1:13:ec:dc:31:00: - 22:5e:f7:00:9e:0c:e0:34:65:34:f9:b1:3a:4e:48:c8:12:81: - 88:5c:5b:3e:08:53:7a:f7:1a:64:df:b8:50:61:cc:53:51:40: - 29:4b:c2:f4:ae:3a:5f:e4:ca:ad:26:cc:4e:61:43:e5:fd:57: - a6:37:70:ce:43:2b:b0:94:c3:92:e9:e1:5f:aa:10:49:b7:69: - e4:e0:d0:1f:64:a4:2b:cd:1f:6f:a0:f8:84:24:18:ce:79:3d: - a9:91:bf:54:18:13:89:99:54:11:0d:55:c5:26:0b:79:4f:5a: - 1c:6e:f9:63:db:14:80:a4:07:ab:fa:b2:a5:b9:88:dd:91:fe: - 65:3b:a4:a3:79:be:89:4d:e1:d0:b0:f4:c8:17:0c:0a:96:14: - 7c:09:b7:6c:e1:c2:d8:55:d4:18:a0:aa:41:69:70:24:a3:b9: - ef:e9:5a:dc:3e:eb:94:4a:f0:b7:de:5f:0e:76:fa:fb:fb:69: - 03:45:40:50:ee:72:0c:a4:12:86:81:cd:13:d1:4e:c4:3c:ca: - 4e:0d:d2:26:f1:00:b7:b4:a6:a2:e1:6e:7a:81:fd:30:ac:7a: - 1f:c7:59:7b ------BEGIN CERTIFICATE----- -MIIFADCCA+igAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT -HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVs -ZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTExMDUwMzA3MDAw -MFoXDTMxMDUwMzA3MDAwMFowgcYxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6 -b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVj -aG5vbG9naWVzLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydHMuc3RhcmZpZWxk -dGVjaC5jb20vcmVwb3NpdG9yeS8xNDAyBgNVBAMTK1N0YXJmaWVsZCBTZWN1cmUg -Q2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB -DwAwggEKAoIBAQDlkGZL7PlGcakgg77pbL9KyUhpgXVObST2yxcT+LBxWYR6ayuF -pDS1FuXLzOlBcCykLtb6Mn3hqN6UEKwxwcDYav9ZJ6t21vwLdGu4p64/xFT0tDFE -3ZNWjKRMXpuJyySDm+JXfbfYEh/JhW300YDxUJuHrtQLEAX7J7oobRfpDtZNuTlV -Bv8KJAV+L8YdcmzUiymMV33a2etmGtNPp99/UsQwxaXJDgLFU793OGgGJMNmyDd+ -MB5FcSM1/5DYKp2N57CSTTx/KgqT3M0WRmX3YISLdkuRJ3MUkuDq7o8W6o0OPnYX -v32JgIBEQ+ct4EMJddo26K3biTr1XRKOIwSDAgMBAAGjggEsMIIBKDAPBgNVHRMB -Af8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUJUWBaFAmOD07LSy+ -zWrZtj2zZmMwHwYDVR0jBBgwFoAUfAwyH6fZMH/EfWijYqihzqsHWycwOgYIKwYB -BQUHAQEELjAsMCoGCCsGAQUFBzABhh5odHRwOi8vb2NzcC5zdGFyZmllbGR0ZWNo -LmNvbS8wOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5zdGFyZmllbGR0ZWNo -LmNvbS9zZnJvb3QtZzIuY3JsMEwGA1UdIARFMEMwQQYEVR0gADA5MDcGCCsGAQUF -BwIBFitodHRwczovL2NlcnRzLnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkv -MA0GCSqGSIb3DQEBCwUAA4IBAQBWZcr+8z8KqJOLGMfeQ2kTNCC+Tl94qGuc22pN -QdvBE+zcMQAiXvcAngzgNGU0+bE6TkjIEoGIXFs+CFN69xpk37hQYcxTUUApS8L0 -rjpf5MqtJsxOYUPl/VemN3DOQyuwlMOS6eFfqhBJt2nk4NAfZKQrzR9voPiEJBjO -eT2pkb9UGBOJmVQRDVXFJgt5T1ocbvlj2xSApAer+rKluYjdkf5lO6Sjeb6JTeHQ -sPTIFwwKlhR8Cbds4cLYVdQYoKpBaXAko7nv6VrcPuuUSvC33l8Odvr7+2kDRUBQ -7nIMpBKGgc0T0U7EPMpODdIm8QC3tKai4W56gf0wrHofx1l7 ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 0 (0x0) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Root Certificate Authority - G2 - Validity - Not Before: Sep 1 00:00:00 2009 GMT - Not After : Dec 31 23:59:59 2037 GMT - Subject: C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Root Certificate Authority - G2 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public-Key: (2048 bit) - Modulus: - 00:bd:ed:c1:03:fc:f6:8f:fc:02:b1:6f:5b:9f:48: - d9:9d:79:e2:a2:b7:03:61:56:18:c3:47:b6:d7:ca: - 3d:35:2e:89:43:f7:a1:69:9b:de:8a:1a:fd:13:20: - 9c:b4:49:77:32:29:56:fd:b9:ec:8c:dd:22:fa:72: - dc:27:61:97:ee:f6:5a:84:ec:6e:19:b9:89:2c:dc: - 84:5b:d5:74:fb:6b:5f:c5:89:a5:10:52:89:46:55: - f4:b8:75:1c:e6:7f:e4:54:ae:4b:f8:55:72:57:02: - 19:f8:17:71:59:eb:1e:28:07:74:c5:9d:48:be:6c: - b4:f4:a4:b0:f3:64:37:79:92:c0:ec:46:5e:7f:e1: - 6d:53:4c:62:af:cd:1f:0b:63:bb:3a:9d:fb:fc:79: - 00:98:61:74:cf:26:82:40:63:f3:b2:72:6a:19:0d: - 99:ca:d4:0e:75:cc:37:fb:8b:89:c1:59:f1:62:7f: - 5f:b3:5f:65:30:f8:a7:b7:4d:76:5a:1e:76:5e:34: - c0:e8:96:56:99:8a:b3:f0:7f:a4:cd:bd:dc:32:31: - 7c:91:cf:e0:5f:11:f8:6b:aa:49:5c:d1:99:94:d1: - a2:e3:63:5b:09:76:b5:56:62:e1:4b:74:1d:96:d4: - 26:d4:08:04:59:d0:98:0e:0e:e6:de:fc:c3:ec:1f: - 90:f1 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 7C:0C:32:1F:A7:D9:30:7F:C4:7D:68:A3:62:A8:A1:CE:AB:07:5B:27 - Signature Algorithm: sha256WithRSAEncryption - 11:59:fa:25:4f:03:6f:94:99:3b:9a:1f:82:85:39:d4:76:05: - 94:5e:e1:28:93:6d:62:5d:09:c2:a0:a8:d4:b0:75:38:f1:34: - 6a:9d:e4:9f:8a:86:26:51:e6:2c:d1:c6:2d:6e:95:20:4a:92: - 01:ec:b8:8a:67:7b:31:e2:67:2e:8c:95:03:26:2e:43:9d:4a: - 31:f6:0e:b5:0c:bb:b7:e2:37:7f:22:ba:00:a3:0e:7b:52:fb: - 6b:bb:3b:c4:d3:79:51:4e:cd:90:f4:67:07:19:c8:3c:46:7a: - 0d:01:7d:c5:58:e7:6d:e6:85:30:17:9a:24:c4:10:e0:04:f7: - e0:f2:7f:d4:aa:0a:ff:42:1d:37:ed:94:e5:64:59:12:20:77: - 38:d3:32:3e:38:81:75:96:73:fa:68:8f:b1:cb:ce:1f:c5:ec: - fa:9c:7e:cf:7e:b1:f1:07:2d:b6:fc:bf:ca:a4:bf:d0:97:05: - 4a:bc:ea:18:28:02:90:bd:54:78:09:21:71:d3:d1:7d:1d:d9: - 16:b0:a9:61:3d:d0:0a:00:22:fc:c7:7b:cb:09:64:45:0b:3b: - 40:81:f7:7d:7c:32:f5:98:ca:58:8e:7d:2a:ee:90:59:73:64: - f9:36:74:5e:25:a1:f5:66:05:2e:7f:39:15:a9:2a:fb:50:8b: - 8e:85:69:f4 ------BEGIN CERTIFICATE----- -MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT -HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVs -ZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAw -MFoXDTM3MTIzMTIzNTk1OVowgY8xCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6 -b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVj -aG5vbG9naWVzLCBJbmMuMTIwMAYDVQQDEylTdGFyZmllbGQgUm9vdCBDZXJ0aWZp -Y2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC -ggEBAL3twQP89o/8ArFvW59I2Z154qK3A2FWGMNHttfKPTUuiUP3oWmb3ooa/RMg -nLRJdzIpVv257IzdIvpy3Cdhl+72WoTsbhm5iSzchFvVdPtrX8WJpRBSiUZV9Lh1 -HOZ/5FSuS/hVclcCGfgXcVnrHigHdMWdSL5stPSksPNkN3mSwOxGXn/hbVNMYq/N -Hwtjuzqd+/x5AJhhdM8mgkBj87JyahkNmcrUDnXMN/uLicFZ8WJ/X7NfZTD4p7dN -dloedl40wOiWVpmKs/B/pM293DIxfJHP4F8R+GuqSVzRmZTRouNjWwl2tVZi4Ut0 -HZbUJtQIBFnQmA4O5t78w+wfkPECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAO -BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFHwMMh+n2TB/xH1oo2Kooc6rB1snMA0G -CSqGSIb3DQEBCwUAA4IBAQARWfolTwNvlJk7mh+ChTnUdgWUXuEok21iXQnCoKjU -sHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx4mcujJUDJi5DnUox9g61DLu3 -4jd/IroAow57UvtruzvE03lRTs2Q9GcHGcg8RnoNAX3FWOdt5oUwF5okxBDgBPfg -8n/Uqgr/Qh037ZTlZFkSIHc40zI+OIF1lnP6aI+xy84fxez6nH7PfrHxBy22/L/K -pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1 -mMpYjn0q7pBZc2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0 ------END CERTIFICATE----- diff --git a/update-tunnelbroker.rsc b/update-tunnelbroker.rsc index 364dc08..f9ba202 100644 --- a/update-tunnelbroker.rsc +++ b/update-tunnelbroker.rsc @@ -25,7 +25,7 @@ :error false; } - :if ([ $CertificateAvailable "Starfield Secure Certificate Authority - G2" ] = false) do={ + :if ([ $CertificateAvailable "Starfield Root Certificate Authority - G2" ] = false) do={ $LogPrint error $ScriptName ("Downloading required certificate failed."); :error false; } From 0ae3d31c58d57578092e76368ebd82bdc859123d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 20 Jun 2024 10:38:35 +0200 Subject: [PATCH 538/908] certs: GTS CA 1C3 / GTS CA 1P5 -> GTS Root R1 --- certs/GTS-CA-1C3.pem | 242 ------------------------------------------ certs/GTS-CA-1P5.pem | 238 ----------------------------------------- certs/GTS-Root-R1.pem | 38 +++++++ doc/netwatch-dns.md | 2 +- global-functions.rsc | 2 +- 5 files changed, 40 insertions(+), 482 deletions(-) delete mode 100644 certs/GTS-CA-1C3.pem delete mode 100644 certs/GTS-CA-1P5.pem create mode 100644 certs/GTS-Root-R1.pem diff --git a/certs/GTS-CA-1C3.pem b/certs/GTS-CA-1C3.pem deleted file mode 100644 index a8432d2..0000000 --- a/certs/GTS-CA-1C3.pem +++ /dev/null @@ -1,242 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 02:03:bc:53:59:6b:34:c7:18:f5:01:50:66 - Signature Algorithm: sha256WithRSAEncryption - Issuer: C = US, O = Google Trust Services LLC, CN = GTS Root R1 - Validity - Not Before: Aug 13 00:00:42 2020 GMT - Not After : Sep 30 00:00:42 2027 GMT - Subject: C = US, O = Google Trust Services LLC, CN = GTS CA 1C3 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public-Key: (2048 bit) - Modulus: - 00:f5:88:df:e7:62:8c:1e:37:f8:37:42:90:7f:6c: - 87:d0:fb:65:82:25:fd:e8:cb:6b:a4:ff:6d:e9:5a: - 23:e2:99:f6:1c:e9:92:03:99:13:7c:09:0a:8a:fa: - 42:d6:5e:56:24:aa:7a:33:84:1f:d1:e9:69:bb:b9: - 74:ec:57:4c:66:68:93:77:37:55:53:fe:39:10:4d: - b7:34:bb:5f:25:77:37:3b:17:94:ea:3c:e5:9d:d5: - bc:c3:b4:43:eb:2e:a7:47:ef:b0:44:11:63:d8:b4: - 41:85:dd:41:30:48:93:1b:bf:b7:f6:e0:45:02:21: - e0:96:42:17:cf:d9:2b:65:56:34:07:26:04:0d:a8: - fd:7d:ca:2e:ef:ea:48:7c:37:4d:3f:00:9f:83:df: - ef:75:84:2e:79:57:5c:fc:57:6e:1a:96:ff:fc:8c: - 9a:a6:99:be:25:d9:7f:96:2c:06:f7:11:2a:02:80: - 80:eb:63:18:3c:50:49:87:e5:8a:ca:5f:19:2b:59: - 96:81:00:a0:fb:51:db:ca:77:0b:0b:c9:96:4f:ef: - 70:49:c7:5c:6d:20:fd:99:b4:b4:e2:ca:2e:77:fd: - 2d:dc:0b:b6:6b:13:0c:8c:19:2b:17:96:98:b9:f0: - 8b:f6:a0:27:bb:b6:e3:8d:51:8f:bd:ae:c7:9b:b1: - 89:9d - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Extended Key Usage: - TLS Web Server Authentication, TLS Web Client Authentication - X509v3 Basic Constraints: critical - CA:TRUE, pathlen:0 - X509v3 Subject Key Identifier: - 8A:74:7F:AF:85:CD:EE:95:CD:3D:9C:D0:E2:46:14:F3:71:35:1D:27 - X509v3 Authority Key Identifier: - keyid:E4:AF:2B:26:71:1A:2B:48:27:85:2F:52:66:2C:EF:F0:89:13:71:3E - - Authority Information Access: - OCSP - URI:http://ocsp.pki.goog/gtsr1 - CA Issuers - URI:http://pki.goog/repo/certs/gtsr1.der - - X509v3 CRL Distribution Points: - - Full Name: - URI:http://crl.pki.goog/gtsr1/gtsr1.crl - - X509v3 Certificate Policies: - Policy: 1.3.6.1.4.1.11129.2.5.3 - CPS: https://pki.goog/repository/ - Policy: 2.23.140.1.2.1 - Policy: 2.23.140.1.2.2 - - Signature Algorithm: sha256WithRSAEncryption - 89:7d:ac:20:5c:0c:3c:be:9a:a8:57:95:1b:b4:ae:fa:ab:a5: - 72:71:b4:36:95:fd:df:40:11:03:4c:c2:46:14:bb:14:24:ab: - f0:50:71:22:db:ad:c4:6e:7f:cf:f1:6a:6f:c8:83:1b:d8:ce: - 89:5f:87:6c:87:b8:a9:0c:a3:9b:a1:62:94:93:95:df:5b:ae: - 66:19:0b:02:96:9e:fc:b5:e7:10:69:3e:7a:cb:46:49:5f:46: - e1:41:b1:d7:98:4d:65:34:00:80:1a:3f:4f:9f:6c:7f:49:00: - 81:53:41:a4:92:21:82:82:1a:f1:a3:44:5b:2a:50:12:13:4d: - c1:53:36:f3:42:08:af:54:fa:8e:77:53:1b:64:38:27:17:09: - bd:58:c9:1b:7c:39:2d:5b:f3:ce:d4:ed:97:db:14:03:bf:09: - 53:24:1f:c2:0c:04:79:98:26:f2:61:f1:53:52:fd:42:8c:1b: - 66:2b:3f:15:a1:bb:ff:f6:9b:e3:81:9a:01:06:71:89:35:28: - 24:dd:e1:bd:eb:19:2d:e1:48:cb:3d:59:83:51:b4:74:c6:9d: - 7c:c6:b1:86:5b:af:cc:34:c4:d3:cc:d4:81:11:95:00:a1:f4: - 12:22:01:fa:b4:83:71:af:8c:b7:8c:73:24:ac:37:53:c2:00: - 90:3f:11:fe:5c:ed:36:94:10:3b:bd:29:ae:e2:c7:3a:62:3b: - 6c:63:d9:80:bf:59:71:ac:63:27:b9:4c:17:a0:da:f6:73:15: - bf:2a:de:8f:f3:a5:6c:32:81:33:03:d0:86:51:71:99:34:ba: - 93:8d:5d:b5:51:58:f7:b2:93:e8:01:f6:59:be:71:9b:fd:4d: - 28:ce:cf:6d:c7:16:dc:f7:d1:d6:46:9b:a7:ca:6b:e9:77:0f: - fd:a0:b6:1b:23:83:1d:10:1a:d9:09:00:84:e0:44:d3:a2:75: - 23:b3:34:86:f6:20:b0:a4:5e:10:1d:e0:52:46:00:9d:b1:0f: - 1f:21:70:51:f5:9a:dd:06:fc:55:f4:2b:0e:33:77:c3:4b:42: - c2:f1:77:13:fc:73:80:94:eb:1f:bb:37:3f:ce:02:2a:66:b0: - 73:1d:32:a5:32:6c:32:b0:8e:e0:c4:23:ff:5b:7d:4d:65:70: - ac:2b:9b:3d:ce:db:e0:6d:8e:32:80:be:96:9f:92:63:bc:97: - bb:5d:b9:f4:e1:71:5e:2a:e4:ef:03:22:b1:8a:65:3a:8f:c0: - 93:65:d4:85:cd:0f:0f:5b:83:59:16:47:16:2d:9c:24:3a:c8: - 80:a6:26:14:85:9b:f6:37:9b:ac:6f:f9:c5:c3:06:51:f3:e2: - 7f:c5:b1:10:ba:51:f4:dd ------BEGIN CERTIFICATE----- -MIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw -CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU -MBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw -MDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp -Y2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD -ggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp -kgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX -lOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm -BA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA -gOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL -tmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud -DwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T -AQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD -VR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG -CCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw -AoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt -MCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG -A1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br -aS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN -AQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ -cSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL -RklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U -+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr -PxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER -lQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs -Yye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO -z23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG -AJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw -juDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl -1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 6e:47:a9:c5:4b:47:0c:0d:ec:33:d0:89:b9:1c:f4:e1 - Signature Algorithm: sha384WithRSAEncryption - Issuer: C = US, O = Google Trust Services LLC, CN = GTS Root R1 - Validity - Not Before: Jun 22 00:00:00 2016 GMT - Not After : Jun 22 00:00:00 2036 GMT - Subject: C = US, O = Google Trust Services LLC, CN = GTS Root R1 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public-Key: (4096 bit) - Modulus: - 00:b6:11:02:8b:1e:e3:a1:77:9b:3b:dc:bf:94:3e: - b7:95:a7:40:3c:a1:fd:82:f9:7d:32:06:82:71:f6: - f6:8c:7f:fb:e8:db:bc:6a:2e:97:97:a3:8c:4b:f9: - 2b:f6:b1:f9:ce:84:1d:b1:f9:c5:97:de:ef:b9:f2: - a3:e9:bc:12:89:5e:a7:aa:52:ab:f8:23:27:cb:a4: - b1:9c:63:db:d7:99:7e:f0:0a:5e:eb:68:a6:f4:c6: - 5a:47:0d:4d:10:33:e3:4e:b1:13:a3:c8:18:6c:4b: - ec:fc:09:90:df:9d:64:29:25:23:07:a1:b4:d2:3d: - 2e:60:e0:cf:d2:09:87:bb:cd:48:f0:4d:c2:c2:7a: - 88:8a:bb:ba:cf:59:19:d6:af:8f:b0:07:b0:9e:31: - f1:82:c1:c0:df:2e:a6:6d:6c:19:0e:b5:d8:7e:26: - 1a:45:03:3d:b0:79:a4:94:28:ad:0f:7f:26:e5:a8: - 08:fe:96:e8:3c:68:94:53:ee:83:3a:88:2b:15:96: - 09:b2:e0:7a:8c:2e:75:d6:9c:eb:a7:56:64:8f:96: - 4f:68:ae:3d:97:c2:84:8f:c0:bc:40:c0:0b:5c:bd: - f6:87:b3:35:6c:ac:18:50:7f:84:e0:4c:cd:92:d3: - 20:e9:33:bc:52:99:af:32:b5:29:b3:25:2a:b4:48: - f9:72:e1:ca:64:f7:e6:82:10:8d:e8:9d:c2:8a:88: - fa:38:66:8a:fc:63:f9:01:f9:78:fd:7b:5c:77:fa: - 76:87:fa:ec:df:b1:0e:79:95:57:b4:bd:26:ef:d6: - 01:d1:eb:16:0a:bb:8e:0b:b5:c5:c5:8a:55:ab:d3: - ac:ea:91:4b:29:cc:19:a4:32:25:4e:2a:f1:65:44: - d0:02:ce:aa:ce:49:b4:ea:9f:7c:83:b0:40:7b:e7: - 43:ab:a7:6c:a3:8f:7d:89:81:fa:4c:a5:ff:d5:8e: - c3:ce:4b:e0:b5:d8:b3:8e:45:cf:76:c0:ed:40:2b: - fd:53:0f:b0:a7:d5:3b:0d:b1:8a:a2:03:de:31:ad: - cc:77:ea:6f:7b:3e:d6:df:91:22:12:e6:be:fa:d8: - 32:fc:10:63:14:51:72:de:5d:d6:16:93:bd:29:68: - 33:ef:3a:66:ec:07:8a:26:df:13:d7:57:65:78:27: - de:5e:49:14:00:a2:00:7f:9a:a8:21:b6:a9:b1:95: - b0:a5:b9:0d:16:11:da:c7:6c:48:3c:40:e0:7e:0d: - 5a:cd:56:3c:d1:97:05:b9:cb:4b:ed:39:4b:9c:c4: - 3f:d2:55:13:6e:24:b0:d6:71:fa:f4:c1:ba:cc:ed: - 1b:f5:fe:81:41:d8:00:98:3d:3a:c8:ae:7a:98:37: - 18:05:95 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - E4:AF:2B:26:71:1A:2B:48:27:85:2F:52:66:2C:EF:F0:89:13:71:3E - Signature Algorithm: sha384WithRSAEncryption - 38:96:0a:ee:3d:b4:96:1e:5f:ef:9d:9c:0b:33:9f:2b:e0:ca: - fd:d2:8e:0a:1f:41:74:a5:7c:aa:84:d4:e5:f2:1e:e6:37:52: - 32:9c:0b:d1:61:1d:bf:28:c1:b6:44:29:35:75:77:98:b2:7c: - d9:bd:74:ac:8a:68:e3:a9:31:09:29:01:60:73:e3:47:7c:53: - a8:90:4a:27:ef:4b:d7:9f:93:e7:82:36:ce:9a:68:0c:82:e7: - cf:d4:10:16:6f:5f:0e:99:5c:f6:1f:71:7d:ef:ef:7b:2f:7e: - ea:36:d6:97:70:0b:15:ee:d7:5c:56:6a:33:a5:e3:49:38:0c: - b8:7d:fb:8d:85:a4:b1:59:5e:f4:6a:e1:dd:a1:f6:64:44:ae: - e6:51:83:21:66:c6:11:3e:f3:ce:47:ee:9c:28:1f:25:da:ff: - ac:66:95:dd:35:0f:5c:ef:20:2c:62:fd:91:ba:a9:cc:fc:5a: - 9c:93:81:83:29:97:4a:7c:5a:72:b4:39:d0:b7:77:cb:79:fd: - 69:3a:92:37:ed:6e:38:65:46:7e:e9:60:bd:79:88:97:5f:38: - 12:f4:ee:af:5b:82:c8:86:d5:e1:99:6d:8c:04:f2:76:ba:49: - f6:6e:e9:6d:1e:5f:a0:ef:27:82:76:40:f8:a6:d3:58:5c:0f: - 2c:42:da:42:c6:7b:88:34:c7:c1:d8:45:9b:c1:3e:c5:61:1d: - d9:63:50:49:f6:34:85:6a:e0:18:c5:6e:47:ab:41:42:29:9b: - f6:60:0d:d2:31:d3:63:98:23:93:5a:00:81:48:b4:ef:cd:8a: - cd:c9:cf:99:ee:d9:9e:aa:36:e1:68:4b:71:49:14:36:28:3a: - 3d:1d:ce:9a:8f:25:e6:80:71:61:2b:b5:7b:cc:f9:25:16:81: - e1:31:5f:a1:a3:7e:16:a4:9c:16:6a:97:18:bd:76:72:a5:0b: - 9e:1d:36:e6:2f:a1:2f:be:70:91:0f:a8:e6:da:f8:c4:92:40: - 6c:25:7e:7b:b3:09:dc:b2:17:ad:80:44:f0:68:a5:8f:94:75: - ff:74:5a:e8:a8:02:7c:0c:09:e2:a9:4b:0b:a0:85:0b:62:b9: - ef:a1:31:92:fb:ef:f6:51:04:89:6c:e8:a9:74:a1:bb:17:b3: - b5:fd:49:0f:7c:3c:ec:83:18:20:43:4e:d5:93:ba:b4:34:b1: - 1f:16:36:1f:0c:e6:64:39:16:4c:dc:e0:fe:1d:c8:a9:62:3d: - 40:ea:ca:c5:34:02:b4:ae:89:88:33:35:dc:2c:13:73:d8:27: - f1:d0:72:ee:75:3b:22:de:98:68:66:5b:f1:c6:63:47:55:1c: - ba:a5:08:51:75:a6:48:25 ------BEGIN CERTIFICATE----- -MIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH -MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM -QzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy -MDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl -cnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB -AQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM -f/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX -mX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7 -zUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P -fyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc -vfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4 -Zor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp -zBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO -Rc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW -k70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+ -DVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF -lQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV -HQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW -Cu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1 -d5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z -XPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR -gyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3 -d8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv -J4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg -DdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM -+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy -F62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9 -SQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws -E3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl ------END CERTIFICATE----- diff --git a/certs/GTS-CA-1P5.pem b/certs/GTS-CA-1P5.pem deleted file mode 100644 index 5be738d..0000000 --- a/certs/GTS-CA-1P5.pem +++ /dev/null @@ -1,238 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 02:03:bc:50:a3:27:53:f0:91:80:22:ed:f1 - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, O=Google Trust Services LLC, CN=GTS Root R1 - Validity - Not Before: Aug 13 00:00:42 2020 GMT - Not After : Sep 30 00:00:42 2027 GMT - Subject: C=US, O=Google Trust Services LLC, CN=GTS CA 1P5 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:b3:82:f0:24:8c:bf:2d:87:af:b2:d9:a7:ae:fa: - ca:ba:44:d6:5b:3e:fe:b2:f7:b2:65:16:dc:de:10: - e8:4f:2d:10:58:5a:28:86:87:a1:ee:6a:b3:a0:d9: - 75:4f:7f:a1:52:01:8b:55:a8:4a:5b:06:48:c8:36: - 12:25:ab:89:f9:f2:23:5f:9d:60:65:f9:5c:da:be: - 3a:e8:5c:6d:7d:9c:d0:84:18:85:30:cd:4e:9b:ec: - 3c:d8:b3:e1:96:d4:f3:c5:0b:65:db:8f:b0:74:cb: - f6:1e:f3:78:f1:ac:95:c5:dd:73:c3:31:88:81:af: - 74:aa:6f:fd:0c:e3:05:95:f0:c5:10:4f:65:63:fa: - a0:af:c6:18:3d:c5:a1:df:97:79:d7:05:89:b3:30: - b0:74:ae:3d:92:10:6b:8c:15:77:dd:0b:04:57:fb: - 81:03:dd:ea:22:34:d5:e5:56:b2:f0:c4:8d:41:b1: - c3:02:db:62:ec:80:d0:ff:76:d4:86:e4:04:1a:b6: - b6:0c:2b:62:71:7d:d9:af:d9:f1:5e:fa:c0:1e:ca: - a0:19:5c:55:f0:80:d1:2a:0c:07:86:90:9f:35:e3: - 28:2b:5b:ef:23:c8:a3:1d:a4:a3:3a:ee:fe:83:dc: - 82:4c:25:b0:4d:c5:51:ad:9e:9b:d3:5b:84:c2:1a: - 5a:e9 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Extended Key Usage: - TLS Web Server Authentication, TLS Web Client Authentication - X509v3 Basic Constraints: critical - CA:TRUE, pathlen:0 - X509v3 Subject Key Identifier: - D5:FC:9E:0D:DF:1E:CA:DD:08:97:97:6E:2B:C5:5F:C5:2B:F5:EC:B8 - X509v3 Authority Key Identifier: - E4:AF:2B:26:71:1A:2B:48:27:85:2F:52:66:2C:EF:F0:89:13:71:3E - Authority Information Access: - OCSP - URI:http://ocsp.pki.goog/gtsr1 - CA Issuers - URI:http://pki.goog/repo/certs/gtsr1.der - X509v3 CRL Distribution Points: - Full Name: - URI:http://crl.pki.goog/gtsr1/gtsr1.crl - X509v3 Certificate Policies: - Policy: 1.3.6.1.4.1.11129.2.5.3 - CPS: https://pki.goog/repository/ - Policy: 2.23.140.1.2.1 - Signature Algorithm: sha256WithRSAEncryption - Signature Value: - 6c:63:27:ee:23:df:e5:52:68:4d:81:66:91:85:df:7d:65:e5: - 5b:37:31:08:26:b2:07:5d:9a:be:b1:ca:01:b9:ad:bf:9d:77: - f6:51:1d:d7:98:c5:0b:49:a1:7b:a1:d7:d3:68:e5:44:0f:8b: - ba:36:dd:42:82:77:d2:8d:dd:f5:3f:fb:eb:c8:07:98:93:ee: - 5a:d0:b5:3d:de:4b:1c:2d:8c:4d:ec:7e:8c:7b:fe:4e:40:fd: - f0:b4:b3:59:02:10:51:5c:e3:c0:2b:fd:b7:06:48:51:7e:09: - 5e:3f:0f:dc:a7:fe:97:e7:79:c5:0e:44:89:78:c5:69:59:29: - a0:9a:3a:48:36:29:a6:94:93:55:2d:b8:47:b5:e9:96:b5:9f: - 07:cd:a6:ab:3e:32:8a:c0:86:83:c5:c1:41:c8:9f:2f:35:8e: - 0d:c0:07:7a:e1:ac:c9:65:b5:cb:8a:a7:dd:71:d8:61:65:39: - 84:ac:32:3e:f7:7a:36:f1:56:9f:57:a9:41:6d:5a:90:a7:db: - 3a:ea:75:80:0c:63:0b:69:74:6f:07:4c:15:f3:37:28:a5:19: - a4:6e:f5:f6:20:cd:63:b2:7e:c4:2b:09:75:89:da:d1:3c:2e: - 72:4f:36:1a:a1:9e:44:d0:cd:9b:a6:23:08:3f:97:a1:a7:9e: - 5a:a5:f7:09:94:ad:5d:76:5d:28:56:d1:1a:66:51:51:07:7b: - de:3d:b0:c8:ef:30:7a:24:2d:be:b8:b3:86:f6:4b:f7:f0:b5: - 4f:ff:ce:c6:f9:f6:3f:2a:27:08:0f:09:3e:23:5a:c7:e3:42: - 2d:7a:36:e4:3d:98:96:60:39:98:ea:d1:db:63:2a:eb:78:09: - b1:4e:21:b3:8e:b7:ce:3e:92:f1:95:5c:a4:39:d0:c0:2b:c8: - 53:15:f5:d2:2f:82:cd:06:74:67:99:90:77:37:0a:97:2d:c5: - 1c:1e:f4:d0:5b:e9:15:e3:ea:02:09:c8:13:d7:13:70:65:bf: - fb:88:9b:5a:25:be:77:09:e1:a7:6a:4e:11:75:b9:1e:4d:f1: - 00:1b:6a:66:79:8e:c3:6e:d8:6d:a2:22:a2:6d:05:fb:2c:f2: - f1:50:e5:a0:d1:d8:9f:35:7d:fc:70:ab:59:2a:02:f1:be:b0: - d3:f1:f8:cd:12:b9:6a:25:90:5b:e3:85:20:e6:f5:da:cb:40: - 1c:19:34:20:03:61:77:ba:7f:48:0f:49:0b:29:eb:e7:61:64: - c7:63:d1:47:eb:1c:e1:ee:94:46:ef:39:73:cc:ee:4f:2b:8d: - dc:fb:58:a7:b3:65:20:99:95:b9:fb:55:6f:d7:96:6e:94:3d: - f4:7a:92:8e:63:1d:df:6d ------BEGIN CERTIFICATE----- -MIIFjDCCA3SgAwIBAgINAgO8UKMnU/CRgCLt8TANBgkqhkiG9w0BAQsFADBHMQsw -CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU -MBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw -MDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp -Y2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFQNTCCASIwDQYJKoZIhvcNAQEBBQAD -ggEPADCCAQoCggEBALOC8CSMvy2Hr7LZp676yrpE1ls+/rL3smUW3N4Q6E8tEFha -KIaHoe5qs6DZdU9/oVIBi1WoSlsGSMg2EiWrifnyI1+dYGX5XNq+OuhcbX2c0IQY -hTDNTpvsPNiz4ZbU88ULZduPsHTL9h7zePGslcXdc8MxiIGvdKpv/QzjBZXwxRBP -ZWP6oK/GGD3Fod+XedcFibMwsHSuPZIQa4wVd90LBFf7gQPd6iI01eVWsvDEjUGx -wwLbYuyA0P921IbkBBq2tgwrYnF92a/Z8V76wB7KoBlcVfCA0SoMB4aQnzXjKCtb -7yPIox2kozru/oPcgkwlsE3FUa2em9NbhMIaWukCAwEAAaOCAXYwggFyMA4GA1Ud -DwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T -AQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU1fyeDd8eyt0Il5duK8VfxSv17LgwHwYD -VR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG -CCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw -AoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt -MCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsME0G -A1UdIARGMEQwOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br -aS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATANBgkqhkiG9w0BAQsFAAOCAgEA -bGMn7iPf5VJoTYFmkYXffWXlWzcxCCayB12avrHKAbmtv5139lEd15jFC0mhe6HX -02jlRA+LujbdQoJ30o3d9T/768gHmJPuWtC1Pd5LHC2MTex+jHv+TkD98LSzWQIQ -UVzjwCv9twZIUX4JXj8P3Kf+l+d5xQ5EiXjFaVkpoJo6SDYpppSTVS24R7XplrWf -B82mqz4yisCGg8XBQcifLzWODcAHeuGsyWW1y4qn3XHYYWU5hKwyPvd6NvFWn1ep -QW1akKfbOup1gAxjC2l0bwdMFfM3KKUZpG719iDNY7J+xCsJdYna0Twuck82GqGe -RNDNm6YjCD+XoaeeWqX3CZStXXZdKFbRGmZRUQd73j2wyO8weiQtvrizhvZL9/C1 -T//Oxvn2PyonCA8JPiNax+NCLXo25D2YlmA5mOrR22Mq63gJsU4hs463zj6S8ZVc -pDnQwCvIUxX10i+CzQZ0Z5mQdzcKly3FHB700FvpFePqAgnIE9cTcGW/+4ibWiW+ -dwnhp2pOEXW5Hk3xABtqZnmOw27YbaIiom0F+yzy8VDloNHYnzV9/HCrWSoC8b6w -0/H4zRK5aiWQW+OFIOb12stAHBk0IANhd7p/SA9JCynr52Fkx2PRR+sc4e6URu85 -c8zuTyuN3PtYp7NlIJmVuftVb9eWbpQ99HqSjmMd320= ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 02:03:e5:93:6f:31:b0:13:49:88:6b:a2:17 - Signature Algorithm: sha384WithRSAEncryption - Issuer: C=US, O=Google Trust Services LLC, CN=GTS Root R1 - Validity - Not Before: Jun 22 00:00:00 2016 GMT - Not After : Jun 22 00:00:00 2036 GMT - Subject: C=US, O=Google Trust Services LLC, CN=GTS Root R1 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (4096 bit) - Modulus: - 00:b6:11:02:8b:1e:e3:a1:77:9b:3b:dc:bf:94:3e: - b7:95:a7:40:3c:a1:fd:82:f9:7d:32:06:82:71:f6: - f6:8c:7f:fb:e8:db:bc:6a:2e:97:97:a3:8c:4b:f9: - 2b:f6:b1:f9:ce:84:1d:b1:f9:c5:97:de:ef:b9:f2: - a3:e9:bc:12:89:5e:a7:aa:52:ab:f8:23:27:cb:a4: - b1:9c:63:db:d7:99:7e:f0:0a:5e:eb:68:a6:f4:c6: - 5a:47:0d:4d:10:33:e3:4e:b1:13:a3:c8:18:6c:4b: - ec:fc:09:90:df:9d:64:29:25:23:07:a1:b4:d2:3d: - 2e:60:e0:cf:d2:09:87:bb:cd:48:f0:4d:c2:c2:7a: - 88:8a:bb:ba:cf:59:19:d6:af:8f:b0:07:b0:9e:31: - f1:82:c1:c0:df:2e:a6:6d:6c:19:0e:b5:d8:7e:26: - 1a:45:03:3d:b0:79:a4:94:28:ad:0f:7f:26:e5:a8: - 08:fe:96:e8:3c:68:94:53:ee:83:3a:88:2b:15:96: - 09:b2:e0:7a:8c:2e:75:d6:9c:eb:a7:56:64:8f:96: - 4f:68:ae:3d:97:c2:84:8f:c0:bc:40:c0:0b:5c:bd: - f6:87:b3:35:6c:ac:18:50:7f:84:e0:4c:cd:92:d3: - 20:e9:33:bc:52:99:af:32:b5:29:b3:25:2a:b4:48: - f9:72:e1:ca:64:f7:e6:82:10:8d:e8:9d:c2:8a:88: - fa:38:66:8a:fc:63:f9:01:f9:78:fd:7b:5c:77:fa: - 76:87:fa:ec:df:b1:0e:79:95:57:b4:bd:26:ef:d6: - 01:d1:eb:16:0a:bb:8e:0b:b5:c5:c5:8a:55:ab:d3: - ac:ea:91:4b:29:cc:19:a4:32:25:4e:2a:f1:65:44: - d0:02:ce:aa:ce:49:b4:ea:9f:7c:83:b0:40:7b:e7: - 43:ab:a7:6c:a3:8f:7d:89:81:fa:4c:a5:ff:d5:8e: - c3:ce:4b:e0:b5:d8:b3:8e:45:cf:76:c0:ed:40:2b: - fd:53:0f:b0:a7:d5:3b:0d:b1:8a:a2:03:de:31:ad: - cc:77:ea:6f:7b:3e:d6:df:91:22:12:e6:be:fa:d8: - 32:fc:10:63:14:51:72:de:5d:d6:16:93:bd:29:68: - 33:ef:3a:66:ec:07:8a:26:df:13:d7:57:65:78:27: - de:5e:49:14:00:a2:00:7f:9a:a8:21:b6:a9:b1:95: - b0:a5:b9:0d:16:11:da:c7:6c:48:3c:40:e0:7e:0d: - 5a:cd:56:3c:d1:97:05:b9:cb:4b:ed:39:4b:9c:c4: - 3f:d2:55:13:6e:24:b0:d6:71:fa:f4:c1:ba:cc:ed: - 1b:f5:fe:81:41:d8:00:98:3d:3a:c8:ae:7a:98:37: - 18:05:95 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - E4:AF:2B:26:71:1A:2B:48:27:85:2F:52:66:2C:EF:F0:89:13:71:3E - Signature Algorithm: sha384WithRSAEncryption - Signature Value: - 9f:aa:42:26:db:0b:9b:be:ff:1e:96:92:2e:3e:a2:65:4a:6a: - 98:ba:22:cb:7d:c1:3a:d8:82:0a:06:c6:f6:a5:de:c0:4e:87: - 66:79:a1:f9:a6:58:9c:aa:f9:b5:e6:60:e7:e0:e8:b1:1e:42: - 41:33:0b:37:3d:ce:89:70:15:ca:b5:24:a8:cf:6b:b5:d2:40: - 21:98:cf:22:34:cf:3b:c5:22:84:e0:c5:0e:8a:7c:5d:88:e4: - 35:24:ce:9b:3e:1a:54:1e:6e:db:b2:87:a7:fc:f3:fa:81:55: - 14:62:0a:59:a9:22:05:31:3e:82:d6:ee:db:57:34:bc:33:95: - d3:17:1b:e8:27:a2:8b:7b:4e:26:1a:7a:5a:64:b6:d1:ac:37: - f1:fd:a0:f3:38:ec:72:f0:11:75:9d:cb:34:52:8d:e6:76:6b: - 17:c6:df:86:ab:27:8e:49:2b:75:66:81:10:21:a6:ea:3e:f4: - ae:25:ff:7c:15:de:ce:8c:25:3f:ca:62:70:0a:f7:2f:09:66: - 07:c8:3f:1c:fc:f0:db:45:30:df:62:88:c1:b5:0f:9d:c3:9f: - 4a:de:59:59:47:c5:87:22:36:e6:82:a7:ed:0a:b9:e2:07:a0: - 8d:7b:7a:4a:3c:71:d2:e2:03:a1:1f:32:07:dd:1b:e4:42:ce: - 0c:00:45:61:80:b5:0b:20:59:29:78:bd:f9:55:cb:63:c5:3c: - 4c:f4:b6:ff:db:6a:5f:31:6b:99:9e:2c:c1:6b:50:a4:d7:e6: - 18:14:bd:85:3f:67:ab:46:9f:a0:ff:42:a7:3a:7f:5c:cb:5d: - b0:70:1d:2b:34:f5:d4:76:09:0c:eb:78:4c:59:05:f3:33:42: - c3:61:15:10:1b:77:4d:ce:22:8c:d4:85:f2:45:7d:b7:53:ea: - ef:40:5a:94:0a:5c:20:5f:4e:40:5d:62:22:76:df:ff:ce:61: - bd:8c:23:78:d2:37:02:e0:8e:de:d1:11:37:89:f6:bf:ed:49: - 07:62:ae:92:ec:40:1a:af:14:09:d9:d0:4e:b2:a2:f7:be:ee: - ee:d8:ff:dc:1a:2d:de:b8:36:71:e2:fc:79:b7:94:25:d1:48: - 73:5b:a1:35:e7:b3:99:67:75:c1:19:3a:2b:47:4e:d3:42:8e: - fd:31:c8:16:66:da:d2:0c:3c:db:b3:8e:c9:a1:0d:80:0f:7b: - 16:77:14:bf:ff:db:09:94:b2:93:bc:20:58:15:e9:db:71:43: - f3:de:10:c3:00:dc:a8:2a:95:b6:c2:d6:3f:90:6b:76:db:6c: - fe:8c:bc:f2:70:35:0c:dc:99:19:35:dc:d7:c8:46:63:d5:36: - 71:ae:57:fb:b7:82:6d:dc ------BEGIN CERTIFICATE----- -MIIFVzCCAz+gAwIBAgINAgPlk28xsBNJiGuiFzANBgkqhkiG9w0BAQwFADBHMQsw -CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU -MBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAw -MDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp -Y2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEBAQUA -A4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaMf/vo -27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vXmX7w -Cl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7zUjw -TcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0Pfybl -qAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtcvfaH -szVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4Zor8 -Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUspzBmk -MiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOORc92 -wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYWk70p -aDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+DVrN -VjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgFlQID -AQABo0IwQDAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E -FgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBAJ+qQibb -C5u+/x6Wki4+omVKapi6Ist9wTrYggoGxval3sBOh2Z5ofmmWJyq+bXmYOfg6LEe -QkEzCzc9zolwFcq1JKjPa7XSQCGYzyI0zzvFIoTgxQ6KfF2I5DUkzps+GlQebtuy -h6f88/qBVRRiClmpIgUxPoLW7ttXNLwzldMXG+gnoot7TiYaelpkttGsN/H9oPM4 -7HLwEXWdyzRSjeZ2axfG34arJ45JK3VmgRAhpuo+9K4l/3wV3s6MJT/KYnAK9y8J -ZgfIPxz88NtFMN9iiMG1D53Dn0reWVlHxYciNuaCp+0KueIHoI17eko8cdLiA6Ef -MgfdG+RCzgwARWGAtQsgWSl4vflVy2PFPEz0tv/bal8xa5meLMFrUKTX5hgUvYU/ -Z6tGn6D/Qqc6f1zLXbBwHSs09dR2CQzreExZBfMzQsNhFRAbd03OIozUhfJFfbdT -6u9AWpQKXCBfTkBdYiJ23//OYb2MI3jSNwLgjt7RETeJ9r/tSQdirpLsQBqvFAnZ -0E6yove+7u7Y/9waLd64NnHi/Hm3lCXRSHNboTXns5lndcEZOitHTtNCjv0xyBZm -2tIMPNuzjsmhDYAPexZ3FL//2wmUspO8IFgV6dtxQ/PeEMMA3KgqlbbC1j+Qa3bb -bP6MvPJwNQzcmRk13NfIRmPVNnGuV/u3gm3c ------END CERTIFICATE----- diff --git a/certs/GTS-Root-R1.pem b/certs/GTS-Root-R1.pem new file mode 100644 index 0000000..a6095d2 --- /dev/null +++ b/certs/GTS-Root-R1.pem @@ -0,0 +1,38 @@ +# Issuer: CN=GTS Root R1 O=Google Trust Services LLC +# Subject: CN=GTS Root R1 O=Google Trust Services LLC +# Label: "GTS Root R1" +# Serial: 159662320309726417404178440727 +# MD5 Fingerprint: 05:fe:d0:bf:71:a8:a3:76:63:da:01:e0:d8:52:dc:40 +# SHA1 Fingerprint: e5:8c:1c:c4:91:3b:38:63:4b:e9:10:6e:e3:ad:8e:6b:9d:d9:81:4a +# SHA256 Fingerprint: d9:47:43:2a:bd:e7:b7:fa:90:fc:2e:6b:59:10:1b:12:80:e0:e1:c7:e4:e4:0f:a3:c6:88:7f:ff:57:a7:f4:cf +-----BEGIN CERTIFICATE----- +MIIFVzCCAz+gAwIBAgINAgPlk28xsBNJiGuiFzANBgkqhkiG9w0BAQwFADBHMQsw +CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU +MBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAw +MDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp +Y2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEBAQUA +A4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaMf/vo +27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vXmX7w +Cl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7zUjw +TcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0Pfybl +qAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtcvfaH +szVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4Zor8 +Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUspzBmk +MiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOORc92 +wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYWk70p +aDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+DVrN +VjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgFlQID +AQABo0IwQDAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E +FgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBAJ+qQibb +C5u+/x6Wki4+omVKapi6Ist9wTrYggoGxval3sBOh2Z5ofmmWJyq+bXmYOfg6LEe +QkEzCzc9zolwFcq1JKjPa7XSQCGYzyI0zzvFIoTgxQ6KfF2I5DUkzps+GlQebtuy +h6f88/qBVRRiClmpIgUxPoLW7ttXNLwzldMXG+gnoot7TiYaelpkttGsN/H9oPM4 +7HLwEXWdyzRSjeZ2axfG34arJ45JK3VmgRAhpuo+9K4l/3wV3s6MJT/KYnAK9y8J +ZgfIPxz88NtFMN9iiMG1D53Dn0reWVlHxYciNuaCp+0KueIHoI17eko8cdLiA6Ef +MgfdG+RCzgwARWGAtQsgWSl4vflVy2PFPEz0tv/bal8xa5meLMFrUKTX5hgUvYU/ +Z6tGn6D/Qqc6f1zLXbBwHSs09dR2CQzreExZBfMzQsNhFRAbd03OIozUhfJFfbdT +6u9AWpQKXCBfTkBdYiJ23//OYb2MI3jSNwLgjt7RETeJ9r/tSQdirpLsQBqvFAnZ +0E6yove+7u7Y/9waLd64NnHi/Hm3lCXRSHNboTXns5lndcEZOitHTtNCjv0xyBZm +2tIMPNuzjsmhDYAPexZ3FL//2wmUspO8IFgV6dtxQ/PeEMMA3KgqlbbC1j+Qa3bb +bP6MvPJwNQzcmRk13NfIRmPVNnGuV/u3gm3c +-----END CERTIFICATE----- diff --git a/doc/netwatch-dns.md b/doc/netwatch-dns.md index 443106f..3214368 100644 --- a/doc/netwatch-dns.md +++ b/doc/netwatch-dns.md @@ -64,7 +64,7 @@ the repository (see `certs` sub directory). /tool/netwatch/add comment="doh, doh-cert=DigiCert Global G2 TLS RSA SHA256 2020 CA1" host=1.1.1.1; /tool/netwatch/add comment="doh, doh-cert=DigiCert TLS Hybrid ECC SHA384 2020 CA1" host=9.9.9.9; - /tool/netwatch/add comment="doh, doh-cert=GTS CA 1C3" host=8.8.8.8; + /tool/netwatch/add comment="doh, doh-cert=GTS Root R1" host=8.8.8.8; Sometimes using just one specific (possibly internal) DNS server may be desired, with fallback in case it fails. This is possible as well: diff --git a/global-functions.rsc b/global-functions.rsc index 567444e..ca8ecb1 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -509,7 +509,7 @@ } :do { - :if ([ $CertificateAvailable "GTS CA 1P5" ] = false) do={ + :if ([ $CertificateAvailable "GTS Root R1" ] = false) do={ $LogPrint warning $0 ("Downloading required certificate failed."); :error false; } From 588dacb5af93819021b71a88f200464359dee701 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 20 Jun 2024 10:47:42 +0200 Subject: [PATCH 539/908] certs: Go Daddy Secure Certificate Authority - G2 -> Go Daddy Root Certificate Authority - G2 --- ...Go-Daddy-Root-Certificate-Authority-G2.pem | 30 +++ ...-Daddy-Secure-Certificate-Authority-G2.pem | 178 ------------------ mod/notification-telegram.rsc | 2 +- telegram-chat.rsc | 2 +- 4 files changed, 32 insertions(+), 180 deletions(-) create mode 100644 certs/Go-Daddy-Root-Certificate-Authority-G2.pem delete mode 100644 certs/Go-Daddy-Secure-Certificate-Authority-G2.pem diff --git a/certs/Go-Daddy-Root-Certificate-Authority-G2.pem b/certs/Go-Daddy-Root-Certificate-Authority-G2.pem new file mode 100644 index 0000000..c61f300 --- /dev/null +++ b/certs/Go-Daddy-Root-Certificate-Authority-G2.pem @@ -0,0 +1,30 @@ +# Issuer: CN=Go Daddy Root Certificate Authority - G2 O=GoDaddy.com, Inc. +# Subject: CN=Go Daddy Root Certificate Authority - G2 O=GoDaddy.com, Inc. +# Label: "Go Daddy Root Certificate Authority - G2" +# Serial: 0 +# MD5 Fingerprint: 80:3a:bc:22:c1:e6:fb:8d:9b:3b:27:4a:32:1b:9a:01 +# SHA1 Fingerprint: 47:be:ab:c9:22:ea:e8:0e:78:78:34:62:a7:9f:45:c2:54:fd:e6:8b +# SHA256 Fingerprint: 45:14:0b:32:47:eb:9c:c8:c5:b4:f0:d7:b5:30:91:f7:32:92:08:9e:6e:5a:63:e2:74:9d:d3:ac:a9:19:8e:da +-----BEGIN CERTIFICATE----- +MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx +EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT +EUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRp +ZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIz +NTk1OVowgYMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQH +EwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8GA1UE +AxMoR28gRGFkZHkgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL9xYgjx+lk09xvJGKP3gElY6SKD +E6bFIEMBO4Tx5oVJnyfq9oQbTqC023CYxzIBsQU+B07u9PpPL1kwIuerGVZr4oAH +/PMWdYA5UXvl+TW2dE6pjYIT5LY/qQOD+qK+ihVqf94Lw7YZFAXK6sOoBJQ7Rnwy +DfMAZiLIjWltNowRGLfTshxgtDj6AozO091GB94KPutdfMh8+7ArU6SSYmlRJQVh +GkSBjCypQ5Yj36w6gZoOKcUcqeldHraenjAKOc7xiID7S13MMuyFYkMlNAJWJwGR +tDtwKj9useiciAF9n9T521NtYJ2/LOdYq7hfRvzOxBsDPAnrSTFcaUaz4EcCAwEA +AaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYE +FDqahQcQZyi27/a9BUFuIMGU2g/eMA0GCSqGSIb3DQEBCwUAA4IBAQCZ21151fmX +WWcDYfF+OwYxdS2hII5PZYe096acvNjpL9DbWu7PdIxztDhC2gV7+AJ1uP2lsdeu +9tfeE8tTEH6KRtGX+rcuKxGrkLAngPnon1rpN5+r5N9ss4UXnT3ZJE95kTXWXwTr +gIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYVN8Gb5DKj7Tjo +2GTzLH4U/ALqn83/B2gX2yKQOC16jdFU8WnjXzPKej17CuPKf1855eJ1usV2GDPO +LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI +4uJEvlz36hz1 +-----END CERTIFICATE----- diff --git a/certs/Go-Daddy-Secure-Certificate-Authority-G2.pem b/certs/Go-Daddy-Secure-Certificate-Authority-G2.pem deleted file mode 100644 index 4faba90..0000000 --- a/certs/Go-Daddy-Secure-Certificate-Authority-G2.pem +++ /dev/null @@ -1,178 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 7 (0x7) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", CN = Go Daddy Root Certificate Authority - G2 - Validity - Not Before: May 3 07:00:00 2011 GMT - Not After : May 3 07:00:00 2031 GMT - Subject: C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", OU = http://certs.godaddy.com/repository/, CN = Go Daddy Secure Certificate Authority - G2 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public-Key: (2048 bit) - Modulus: - 00:b9:e0:cb:10:d4:af:76:bd:d4:93:62:eb:30:64: - b8:81:08:6c:c3:04:d9:62:17:8e:2f:ff:3e:65:cf: - 8f:ce:62:e6:3c:52:1c:da:16:45:4b:55:ab:78:6b: - 63:83:62:90:ce:0f:69:6c:99:c8:1a:14:8b:4c:cc: - 45:33:ea:88:dc:9e:a3:af:2b:fe:80:61:9d:79:57: - c4:cf:2e:f4:3f:30:3c:5d:47:fc:9a:16:bc:c3:37: - 96:41:51:8e:11:4b:54:f8:28:be:d0:8c:be:f0:30: - 38:1e:f3:b0:26:f8:66:47:63:6d:de:71:26:47:8f: - 38:47:53:d1:46:1d:b4:e3:dc:00:ea:45:ac:bd:bc: - 71:d9:aa:6f:00:db:db:cd:30:3a:79:4f:5f:4c:47: - f8:1d:ef:5b:c2:c4:9d:60:3b:b1:b2:43:91:d8:a4: - 33:4e:ea:b3:d6:27:4f:ad:25:8a:a5:c6:f4:d5:d0: - a6:ae:74:05:64:57:88:b5:44:55:d4:2d:2a:3a:3e: - f8:b8:bd:e9:32:0a:02:94:64:c4:16:3a:50:f1:4a: - ae:e7:79:33:af:0c:20:07:7f:e8:df:04:39:c2:69: - 02:6c:63:52:fa:77:c1:1b:c8:74:87:c8:b9:93:18: - 50:54:35:4b:69:4e:bc:3b:d3:49:2e:1f:dc:c1:d2: - 52:fb - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 40:C2:BD:27:8E:CC:34:83:30:A2:33:D7:FB:6C:B3:F0:B4:2C:80:CE - X509v3 Authority Key Identifier: - keyid:3A:9A:85:07:10:67:28:B6:EF:F6:BD:05:41:6E:20:C1:94:DA:0F:DE - - Authority Information Access: - OCSP - URI:http://ocsp.godaddy.com/ - - X509v3 CRL Distribution Points: - - Full Name: - URI:http://crl.godaddy.com/gdroot-g2.crl - - X509v3 Certificate Policies: - Policy: X509v3 Any Policy - CPS: https://certs.godaddy.com/repository/ - - Signature Algorithm: sha256WithRSAEncryption - 08:7e:6c:93:10:c8:38:b8:96:a9:90:4b:ff:a1:5f:4f:04:ef: - 6c:3e:9c:88:06:c9:50:8f:a6:73:f7:57:31:1b:be:bc:e4:2f: - db:f8:ba:d3:5b:e0:b4:e7:e6:79:62:0e:0c:a2:d7:6a:63:73: - 31:b5:f5:a8:48:a4:3b:08:2d:a2:5d:90:d7:b4:7c:25:4f:11: - 56:30:c4:b6:44:9d:7b:2c:9d:e5:5e:e6:ef:0c:61:aa:bf:e4: - 2a:1b:ee:84:9e:b8:83:7d:c1:43:ce:44:a7:13:70:0d:91:1f: - f4:c8:13:ad:83:60:d9:d8:72:a8:73:24:1e:b5:ac:22:0e:ca: - 17:89:62:58:44:1b:ab:89:25:01:00:0f:cd:c4:1b:62:db:51: - b4:d3:0f:51:2a:9b:f4:bc:73:fc:76:ce:36:a4:cd:d9:d8:2c: - ea:ae:9b:f5:2a:b2:90:d1:4d:75:18:8a:3f:8a:41:90:23:7d: - 5b:4b:fe:a4:03:58:9b:46:b2:c3:60:60:83:f8:7d:50:41:ce: - c2:a1:90:c3:bb:ef:02:2f:d2:15:54:ee:44:15:d9:0a:ae:a7: - 8a:33:ed:b1:2d:76:36:26:dc:04:eb:9f:f7:61:1f:15:dc:87: - 6f:ee:46:96:28:ad:a1:26:7d:0a:09:a7:2e:04:a3:8d:bc:f8: - bc:04:30:01 ------BEGIN CERTIFICATE----- -MIIE0DCCA7igAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT -EUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRp -ZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTExMDUwMzA3MDAwMFoXDTMxMDUwMzA3 -MDAwMFowgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQH -EwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UE -CxMkaHR0cDovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQD -EypHbyBEYWRkeSBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEi -MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC54MsQ1K92vdSTYuswZLiBCGzD -BNliF44v/z5lz4/OYuY8UhzaFkVLVat4a2ODYpDOD2lsmcgaFItMzEUz6ojcnqOv -K/6AYZ15V8TPLvQ/MDxdR/yaFrzDN5ZBUY4RS1T4KL7QjL7wMDge87Am+GZHY23e -cSZHjzhHU9FGHbTj3ADqRay9vHHZqm8A29vNMDp5T19MR/gd71vCxJ1gO7GyQ5HY -pDNO6rPWJ0+tJYqlxvTV0KaudAVkV4i1RFXULSo6Pvi4vekyCgKUZMQWOlDxSq7n -eTOvDCAHf+jfBDnCaQJsY1L6d8EbyHSHyLmTGFBUNUtpTrw700kuH9zB0lL7AgMB -AAGjggEaMIIBFjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNV -HQ4EFgQUQMK9J47MNIMwojPX+2yz8LQsgM4wHwYDVR0jBBgwFoAUOpqFBxBnKLbv -9r0FQW4gwZTaD94wNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8v -b2NzcC5nb2RhZGR5LmNvbS8wNQYDVR0fBC4wLDAqoCigJoYkaHR0cDovL2NybC5n -b2RhZGR5LmNvbS9nZHJvb3QtZzIuY3JsMEYGA1UdIAQ/MD0wOwYEVR0gADAzMDEG -CCsGAQUFBwIBFiVodHRwczovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkv -MA0GCSqGSIb3DQEBCwUAA4IBAQAIfmyTEMg4uJapkEv/oV9PBO9sPpyIBslQj6Zz -91cxG7685C/b+LrTW+C05+Z5Yg4MotdqY3MxtfWoSKQ7CC2iXZDXtHwlTxFWMMS2 -RJ17LJ3lXubvDGGqv+QqG+6EnriDfcFDzkSnE3ANkR/0yBOtg2DZ2HKocyQetawi -DsoXiWJYRBuriSUBAA/NxBti21G00w9RKpv0vHP8ds42pM3Z2Czqrpv1KrKQ0U11 -GIo/ikGQI31bS/6kA1ibRrLDYGCD+H1QQc7CoZDDu+8CL9IVVO5EFdkKrqeKM+2x -LXY2JtwE65/3YR8V3Idv7kaWKK2hJn0KCacuBKONvPi8BDAB ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 0 (0x0) - Signature Algorithm: sha256WithRSAEncryption - Issuer: C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", CN = Go Daddy Root Certificate Authority - G2 - Validity - Not Before: Sep 1 00:00:00 2009 GMT - Not After : Dec 31 23:59:59 2037 GMT - Subject: C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", CN = Go Daddy Root Certificate Authority - G2 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public-Key: (2048 bit) - Modulus: - 00:bf:71:62:08:f1:fa:59:34:f7:1b:c9:18:a3:f7: - 80:49:58:e9:22:83:13:a6:c5:20:43:01:3b:84:f1: - e6:85:49:9f:27:ea:f6:84:1b:4e:a0:b4:db:70:98: - c7:32:01:b1:05:3e:07:4e:ee:f4:fa:4f:2f:59:30: - 22:e7:ab:19:56:6b:e2:80:07:fc:f3:16:75:80:39: - 51:7b:e5:f9:35:b6:74:4e:a9:8d:82:13:e4:b6:3f: - a9:03:83:fa:a2:be:8a:15:6a:7f:de:0b:c3:b6:19: - 14:05:ca:ea:c3:a8:04:94:3b:46:7c:32:0d:f3:00: - 66:22:c8:8d:69:6d:36:8c:11:18:b7:d3:b2:1c:60: - b4:38:fa:02:8c:ce:d3:dd:46:07:de:0a:3e:eb:5d: - 7c:c8:7c:fb:b0:2b:53:a4:92:62:69:51:25:05:61: - 1a:44:81:8c:2c:a9:43:96:23:df:ac:3a:81:9a:0e: - 29:c5:1c:a9:e9:5d:1e:b6:9e:9e:30:0a:39:ce:f1: - 88:80:fb:4b:5d:cc:32:ec:85:62:43:25:34:02:56: - 27:01:91:b4:3b:70:2a:3f:6e:b1:e8:9c:88:01:7d: - 9f:d4:f9:db:53:6d:60:9d:bf:2c:e7:58:ab:b8:5f: - 46:fc:ce:c4:1b:03:3c:09:eb:49:31:5c:69:46:b3: - e0:47 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 3A:9A:85:07:10:67:28:B6:EF:F6:BD:05:41:6E:20:C1:94:DA:0F:DE - Signature Algorithm: sha256WithRSAEncryption - 99:db:5d:79:d5:f9:97:59:67:03:61:f1:7e:3b:06:31:75:2d: - a1:20:8e:4f:65:87:b4:f7:a6:9c:bc:d8:e9:2f:d0:db:5a:ee: - cf:74:8c:73:b4:38:42:da:05:7b:f8:02:75:b8:fd:a5:b1:d7: - ae:f6:d7:de:13:cb:53:10:7e:8a:46:d1:97:fa:b7:2e:2b:11: - ab:90:b0:27:80:f9:e8:9f:5a:e9:37:9f:ab:e4:df:6c:b3:85: - 17:9d:3d:d9:24:4f:79:91:35:d6:5f:04:eb:80:83:ab:9a:02: - 2d:b5:10:f4:d8:90:c7:04:73:40:ed:72:25:a0:a9:9f:ec:9e: - ab:68:12:99:57:c6:8f:12:3a:09:a4:bd:44:fd:06:15:37:c1: - 9b:e4:32:a3:ed:38:e8:d8:64:f3:2c:7e:14:fc:02:ea:9f:cd: - ff:07:68:17:db:22:90:38:2d:7a:8d:d1:54:f1:69:e3:5f:33: - ca:7a:3d:7b:0a:e3:ca:7f:5f:39:e5:e2:75:ba:c5:76:18:33: - ce:2c:f0:2f:4c:ad:f7:b1:e7:ce:4f:a8:c4:9b:4a:54:06:c5: - 7f:7d:d5:08:0f:e2:1c:fe:7e:17:b8:ac:5e:f6:d4:16:b2:43: - 09:0c:4d:f6:a7:6b:b4:99:84:65:ca:7a:88:e2:e2:44:be:5c: - f7:ea:1c:f5 ------BEGIN CERTIFICATE----- -MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoT -EUdvRGFkZHkuY29tLCBJbmMuMTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRp -ZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIz -NTk1OVowgYMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQH -EwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8GA1UE -AxMoR28gRGFkZHkgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL9xYgjx+lk09xvJGKP3gElY6SKD -E6bFIEMBO4Tx5oVJnyfq9oQbTqC023CYxzIBsQU+B07u9PpPL1kwIuerGVZr4oAH -/PMWdYA5UXvl+TW2dE6pjYIT5LY/qQOD+qK+ihVqf94Lw7YZFAXK6sOoBJQ7Rnwy -DfMAZiLIjWltNowRGLfTshxgtDj6AozO091GB94KPutdfMh8+7ArU6SSYmlRJQVh -GkSBjCypQ5Yj36w6gZoOKcUcqeldHraenjAKOc7xiID7S13MMuyFYkMlNAJWJwGR -tDtwKj9useiciAF9n9T521NtYJ2/LOdYq7hfRvzOxBsDPAnrSTFcaUaz4EcCAwEA -AaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYE -FDqahQcQZyi27/a9BUFuIMGU2g/eMA0GCSqGSIb3DQEBCwUAA4IBAQCZ21151fmX -WWcDYfF+OwYxdS2hII5PZYe096acvNjpL9DbWu7PdIxztDhC2gV7+AJ1uP2lsdeu -9tfeE8tTEH6KRtGX+rcuKxGrkLAngPnon1rpN5+r5N9ss4UXnT3ZJE95kTXWXwTr -gIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYVN8Gb5DKj7Tjo -2GTzLH4U/ALqn83/B2gX2yKQOC16jdFU8WnjXzPKej17CuPKf1855eJ1usV2GDPO -LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI -4uJEvlz36hz1 ------END CERTIFICATE----- diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index 9a628ce..1890483 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -143,7 +143,7 @@ } :do { - :if ([ $CertificateAvailable "Go Daddy Secure Certificate Authority - G2" ] = false) do={ + :if ([ $CertificateAvailable "Go Daddy Root Certificate Authority - G2" ] = false) do={ $LogPrint warning $0 ("Downloading required certificate failed."); :error false; } diff --git a/telegram-chat.rsc b/telegram-chat.rsc index 0fd8a06..1c274ec 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -55,7 +55,7 @@ :set TelegramRandomDelay 0; } - :if ([ $CertificateAvailable "Go Daddy Secure Certificate Authority - G2" ] = false) do={ + :if ([ $CertificateAvailable "Go Daddy Root Certificate Authority - G2" ] = false) do={ $LogPrint warning $ScriptName ("Downloading required certificate failed."); :error false; } From a05efdc07fa912d0d17f4994ee9e892b51030be1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 20 Jun 2024 10:55:13 +0200 Subject: [PATCH 540/908] certs: DigiCert Global G2 TLS RSA SHA256 2020 CA1 -> DigiCert Global Root G2 This is used by Cloudflare DNS (1.1.1.1). $CertificateAvailable "DigiCert Global Root G2"; /ip/dns/set use-doh-server=https://1.1.1.1/dns-query verify-doh-cert=yes; --- ...Cert-Global-G2-TLS-RSA-SHA256-2020-CA1.pem | 182 ------------------ certs/DigiCert-Global-Root-G2.pem | 29 +++ doc/netwatch-dns.md | 2 +- 3 files changed, 30 insertions(+), 183 deletions(-) delete mode 100644 certs/DigiCert-Global-G2-TLS-RSA-SHA256-2020-CA1.pem create mode 100644 certs/DigiCert-Global-Root-G2.pem diff --git a/certs/DigiCert-Global-G2-TLS-RSA-SHA256-2020-CA1.pem b/certs/DigiCert-Global-G2-TLS-RSA-SHA256-2020-CA1.pem deleted file mode 100644 index 12084ee..0000000 --- a/certs/DigiCert-Global-G2-TLS-RSA-SHA256-2020-CA1.pem +++ /dev/null @@ -1,182 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 0c:f5:bd:06:2b:56:02:f4:7a:b8:50:2c:23:cc:f0:66 - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2 - Validity - Not Before: Mar 30 00:00:00 2021 GMT - Not After : Mar 29 23:59:59 2031 GMT - Subject: C=US, O=DigiCert Inc, CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:cc:f7:10:62:4f:a6:bb:63:6f:ed:90:52:56:c5: - 6d:27:7b:7a:12:56:8a:f1:f4:f9:d6:e7:e1:8f:bd: - 95:ab:f2:60:41:15:70:db:12:00:fa:27:0a:b5:57: - 38:5b:7d:b2:51:93:71:95:0e:6a:41:94:5b:35:1b: - fa:7b:fa:bb:c5:be:24:30:fe:56:ef:c4:f3:7d:97: - e3:14:f5:14:4d:cb:a7:10:f2:16:ea:ab:22:f0:31: - 22:11:61:69:90:26:ba:78:d9:97:1f:e3:7d:66:ab: - 75:44:95:73:c8:ac:ff:ef:5d:0a:8a:59:43:e1:ac: - b2:3a:0f:f3:48:fc:d7:6b:37:c1:63:dc:de:46:d6: - db:45:fe:7d:23:fd:90:e8:51:07:1e:51:a3:5f:ed: - 49:46:54:7f:2c:88:c5:f4:13:9c:97:15:3c:03:e8: - a1:39:dc:69:0c:32:c1:af:16:57:4c:94:47:42:7c: - a2:c8:9c:7d:e6:d4:4d:54:af:42:99:a8:c1:04:c2: - 77:9c:d6:48:e4:ce:11:e0:2a:80:99:f0:43:70:cf: - 3f:76:6b:d1:4c:49:ab:24:5e:c2:0d:82:fd:46:a8: - ab:6c:93:cc:62:52:42:75:92:f8:9a:fa:5e:5e:b2: - b0:61:e5:1f:1f:b9:7f:09:98:e8:3d:fa:83:7f:47: - 69:a1 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE, pathlen:0 - X509v3 Subject Key Identifier: - 74:85:80:C0:66:C7:DF:37:DE:CF:BD:29:37:AA:03:1D:BE:ED:CD:17 - X509v3 Authority Key Identifier: - 4E:22:54:20:18:95:E6:E3:6E:E6:0F:FA:FA:B9:12:ED:06:17:8F:39 - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Extended Key Usage: - TLS Web Server Authentication, TLS Web Client Authentication - Authority Information Access: - OCSP - URI:http://ocsp.digicert.com - CA Issuers - URI:http://cacerts.digicert.com/DigiCertGlobalRootG2.crt - X509v3 CRL Distribution Points: - Full Name: - URI:http://crl3.digicert.com/DigiCertGlobalRootG2.crl - X509v3 Certificate Policies: - Policy: 2.16.840.1.114412.2.1 - Policy: 2.23.140.1.1 - Policy: 2.23.140.1.2.1 - Policy: 2.23.140.1.2.2 - Policy: 2.23.140.1.2.3 - Signature Algorithm: sha256WithRSAEncryption - Signature Value: - 90:f1:70:cb:28:97:69:97:7c:74:fd:c0:fa:26:7b:53:ab:ad: - cd:65:fd:ba:9c:06:9c:8a:d7:5a:43:87:ed:4d:4c:56:5f:ad: - c1:c5:b5:05:20:2e:59:d1:ff:4a:f5:a0:2a:d8:b0:95:ad:c9: - 2e:4a:3b:d7:a7:f6:6f:88:29:fc:30:3f:24:84:bb:c3:b7:7b: - 93:07:2c:af:87:6b:76:33:ed:00:55:52:b2:59:9e:e4:b9:d0: - f3:df:e7:0f:fe:dd:f8:c4:b9:10:72:81:09:04:5f:cf:97:9e: - 2e:32:75:8e:cf:9a:58:d2:57:31:7e:37:01:81:b2:66:6d:29: - 1a:b1:66:09:6d:d1:6e:90:f4:b9:fa:2f:01:14:c5:5c:56:64: - 01:d9:7d:87:a8:38:53:9f:8b:5d:46:6d:5c:c6:27:84:81:d4: - 7e:8c:8c:a3:9b:52:e7:c6:88:ec:37:7c:2a:fb:f0:55:5a:38: - 72:10:d8:00:13:cf:4c:73:db:aa:37:35:a8:29:81:69:9c:76: - bc:de:18:7b:90:d4:ca:cf:ef:67:03:fd:04:5a:21:16:b1:ff: - ea:3f:df:dc:82:f5:eb:f4:59:92:23:0d:24:2a:95:25:4c:ca: - a1:91:e6:d4:b7:ac:87:74:b3:f1:6d:a3:99:db:f9:d5:bd:84: - 40:9f:07:98 ------BEGIN CERTIFICATE----- -MIIEyDCCA7CgAwIBAgIQDPW9BitWAvR6uFAsI8zwZjANBgkqhkiG9w0BAQsFADBh -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH -MjAeFw0yMTAzMzAwMDAwMDBaFw0zMTAzMjkyMzU5NTlaMFkxCzAJBgNVBAYTAlVT -MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxMzAxBgNVBAMTKkRpZ2lDZXJ0IEdsb2Jh -bCBHMiBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTCCASIwDQYJKoZIhvcNAQEBBQAD -ggEPADCCAQoCggEBAMz3EGJPprtjb+2QUlbFbSd7ehJWivH0+dbn4Y+9lavyYEEV -cNsSAPonCrVXOFt9slGTcZUOakGUWzUb+nv6u8W+JDD+Vu/E832X4xT1FE3LpxDy -FuqrIvAxIhFhaZAmunjZlx/jfWardUSVc8is/+9dCopZQ+GssjoP80j812s3wWPc -3kbW20X+fSP9kOhRBx5Ro1/tSUZUfyyIxfQTnJcVPAPooTncaQwywa8WV0yUR0J8 -osicfebUTVSvQpmowQTCd5zWSOTOEeAqgJnwQ3DPP3Zr0UxJqyRewg2C/Uaoq2yT -zGJSQnWS+Jr6Xl6ysGHlHx+5fwmY6D36g39HaaECAwEAAaOCAYIwggF+MBIGA1Ud -EwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFHSFgMBmx9833s+9KTeqAx2+7c0XMB8G -A1UdIwQYMBaAFE4iVCAYlebjbuYP+vq5Eu0GF485MA4GA1UdDwEB/wQEAwIBhjAd -BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdgYIKwYBBQUHAQEEajBoMCQG -CCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQAYIKwYBBQUHMAKG -NGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RH -Mi5jcnQwQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29t -L0RpZ2lDZXJ0R2xvYmFsUm9vdEcyLmNybDA9BgNVHSAENjA0MAsGCWCGSAGG/WwC -ATAHBgVngQwBATAIBgZngQwBAgEwCAYGZ4EMAQICMAgGBmeBDAECAzANBgkqhkiG -9w0BAQsFAAOCAQEAkPFwyyiXaZd8dP3A+iZ7U6utzWX9upwGnIrXWkOH7U1MVl+t -wcW1BSAuWdH/SvWgKtiwla3JLko716f2b4gp/DA/JIS7w7d7kwcsr4drdjPtAFVS -slme5LnQ89/nD/7d+MS5EHKBCQRfz5eeLjJ1js+aWNJXMX43AYGyZm0pGrFmCW3R -bpD0ufovARTFXFZkAdl9h6g4U5+LXUZtXMYnhIHUfoyMo5tS58aI7Dd8KvvwVVo4 -chDYABPPTHPbqjc1qCmBaZx2vN4Ye5DUys/vZwP9BFohFrH/6j/f3IL16/RZkiMN -JCqVJUzKoZHm1Lesh3Sz8W2jmdv51b2EQJ8HmA== ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 03:3a:f1:e6:a7:11:a9:a0:bb:28:64:b1:1d:09:fa:e5 - Signature Algorithm: sha256WithRSAEncryption - Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2 - Validity - Not Before: Aug 1 12:00:00 2013 GMT - Not After : Jan 15 12:00:00 2038 GMT - Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2 - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:bb:37:cd:34:dc:7b:6b:c9:b2:68:90:ad:4a:75: - ff:46:ba:21:0a:08:8d:f5:19:54:c9:fb:88:db:f3: - ae:f2:3a:89:91:3c:7a:e6:ab:06:1a:6b:cf:ac:2d: - e8:5e:09:24:44:ba:62:9a:7e:d6:a3:a8:7e:e0:54: - 75:20:05:ac:50:b7:9c:63:1a:6c:30:dc:da:1f:19: - b1:d7:1e:de:fd:d7:e0:cb:94:83:37:ae:ec:1f:43: - 4e:dd:7b:2c:d2:bd:2e:a5:2f:e4:a9:b8:ad:3a:d4: - 99:a4:b6:25:e9:9b:6b:00:60:92:60:ff:4f:21:49: - 18:f7:67:90:ab:61:06:9c:8f:f2:ba:e9:b4:e9:92: - 32:6b:b5:f3:57:e8:5d:1b:cd:8c:1d:ab:95:04:95: - 49:f3:35:2d:96:e3:49:6d:dd:77:e3:fb:49:4b:b4: - ac:55:07:a9:8f:95:b3:b4:23:bb:4c:6d:45:f0:f6: - a9:b2:95:30:b4:fd:4c:55:8c:27:4a:57:14:7c:82: - 9d:cd:73:92:d3:16:4a:06:0c:8c:50:d1:8f:1e:09: - be:17:a1:e6:21:ca:fd:83:e5:10:bc:83:a5:0a:c4: - 67:28:f6:73:14:14:3d:46:76:c3:87:14:89:21:34: - 4d:af:0f:45:0c:a6:49:a1:ba:bb:9c:c5:b1:33:83: - 29:85 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Subject Key Identifier: - 4E:22:54:20:18:95:E6:E3:6E:E6:0F:FA:FA:B9:12:ED:06:17:8F:39 - Signature Algorithm: sha256WithRSAEncryption - Signature Value: - 60:67:28:94:6f:0e:48:63:eb:31:dd:ea:67:18:d5:89:7d:3c: - c5:8b:4a:7f:e9:be:db:2b:17:df:b0:5f:73:77:2a:32:13:39: - 81:67:42:84:23:f2:45:67:35:ec:88:bf:f8:8f:b0:61:0c:34: - a4:ae:20:4c:84:c6:db:f8:35:e1:76:d9:df:a6:42:bb:c7:44: - 08:86:7f:36:74:24:5a:da:6c:0d:14:59:35:bd:f2:49:dd:b6: - 1f:c9:b3:0d:47:2a:3d:99:2f:bb:5c:bb:b5:d4:20:e1:99:5f: - 53:46:15:db:68:9b:f0:f3:30:d5:3e:31:e2:8d:84:9e:e3:8a: - da:da:96:3e:35:13:a5:5f:f0:f9:70:50:70:47:41:11:57:19: - 4e:c0:8f:ae:06:c4:95:13:17:2f:1b:25:9f:75:f2:b1:8e:99: - a1:6f:13:b1:41:71:fe:88:2a:c8:4f:10:20:55:d7:f3:14:45: - e5:e0:44:f4:ea:87:95:32:93:0e:fe:53:46:fa:2c:9d:ff:8b: - 22:b9:4b:d9:09:45:a4:de:a4:b8:9a:58:dd:1b:7d:52:9f:8e: - 59:43:88:81:a4:9e:26:d5:6f:ad:dd:0d:c6:37:7d:ed:03:92: - 1b:e5:77:5f:76:ee:3c:8d:c4:5d:56:5b:a2:d9:66:6e:b3:35: - 37:e5:32:b6 ------BEGIN CERTIFICATE----- -MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH -MjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVT -MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j -b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI -2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx -1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQ -q2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5Wz -tCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQ -vIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAP -BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV -5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY -1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4 -NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG -Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91 -8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe -pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl -MrY= ------END CERTIFICATE----- diff --git a/certs/DigiCert-Global-Root-G2.pem b/certs/DigiCert-Global-Root-G2.pem new file mode 100644 index 0000000..8af6c7a --- /dev/null +++ b/certs/DigiCert-Global-Root-G2.pem @@ -0,0 +1,29 @@ +# Issuer: CN=DigiCert Global Root G2 O=DigiCert Inc OU=www.digicert.com +# Subject: CN=DigiCert Global Root G2 O=DigiCert Inc OU=www.digicert.com +# Label: "DigiCert Global Root G2" +# Serial: 4293743540046975378534879503202253541 +# MD5 Fingerprint: e4:a6:8a:c8:54:ac:52:42:46:0a:fd:72:48:1b:2a:44 +# SHA1 Fingerprint: df:3c:24:f9:bf:d6:66:76:1b:26:80:73:fe:06:d1:cc:8d:4f:82:a4 +# SHA256 Fingerprint: cb:3c:cb:b7:60:31:e5:e0:13:8f:8d:d3:9a:23:f9:de:47:ff:c3:5e:43:c1:14:4c:ea:27:d4:6a:5a:b1:cb:5f +-----BEGIN CERTIFICATE----- +MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBh +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH +MjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVT +MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j +b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI +2/Ou8jqJkTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx +1x7e/dfgy5SDN67sH0NO3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQ +q2EGnI/yuum06ZIya7XzV+hdG82MHauVBJVJ8zUtluNJbd134/tJS7SsVQepj5Wz +tCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyMUNGPHgm+F6HmIcr9g+UQ +vIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQABo0IwQDAP +BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV +5uNu5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY +1Yl9PMWLSn/pvtsrF9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4 +NeF22d+mQrvHRAiGfzZ0JFrabA0UWTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NG +Fdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBHQRFXGU7Aj64GxJUTFy8bJZ91 +8rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/iyK5S9kJRaTe +pLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl +MrY= +-----END CERTIFICATE----- diff --git a/doc/netwatch-dns.md b/doc/netwatch-dns.md index 3214368..3d2c6be 100644 --- a/doc/netwatch-dns.md +++ b/doc/netwatch-dns.md @@ -62,7 +62,7 @@ manually! Importing a certificate automatically is possible, at least if available in the repository (see `certs` sub directory). - /tool/netwatch/add comment="doh, doh-cert=DigiCert Global G2 TLS RSA SHA256 2020 CA1" host=1.1.1.1; + /tool/netwatch/add comment="doh, doh-cert=DigiCert Global Root G2" host=1.1.1.1; /tool/netwatch/add comment="doh, doh-cert=DigiCert TLS Hybrid ECC SHA384 2020 CA1" host=9.9.9.9; /tool/netwatch/add comment="doh, doh-cert=GTS Root R1" host=8.8.8.8; From c4e8d01de19f9c5e1d19c74c010079233c4d4df5 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 20 Jun 2024 10:57:16 +0200 Subject: [PATCH 541/908] certs: DigiCert TLS Hybrid ECC SHA384 2020 CA1 -> DigiCert Global Root CA This is used by Cloudflare DNS Quard9 (9.9.9.9). $CertificateAvailable "DigiCert Global Root CA"; /ip/dns/set use-doh-server=https://9.9.9.9/dns-query verify-doh-cert=yes; --- certs/DigiCert-Global-Root-CA.pem | 29 +++ ...igiCert-TLS-Hybrid-ECC-SHA384-2020-CA1.pem | 174 ------------------ doc/netwatch-dns.md | 2 +- 3 files changed, 30 insertions(+), 175 deletions(-) create mode 100644 certs/DigiCert-Global-Root-CA.pem delete mode 100644 certs/DigiCert-TLS-Hybrid-ECC-SHA384-2020-CA1.pem diff --git a/certs/DigiCert-Global-Root-CA.pem b/certs/DigiCert-Global-Root-CA.pem new file mode 100644 index 0000000..b0f0013 --- /dev/null +++ b/certs/DigiCert-Global-Root-CA.pem @@ -0,0 +1,29 @@ +# Issuer: CN=DigiCert Global Root CA O=DigiCert Inc OU=www.digicert.com +# Subject: CN=DigiCert Global Root CA O=DigiCert Inc OU=www.digicert.com +# Label: "DigiCert Global Root CA" +# Serial: 10944719598952040374951832963794454346 +# MD5 Fingerprint: 79:e4:a9:84:0d:7d:3a:96:d7:c0:4f:e2:43:4c:89:2e +# SHA1 Fingerprint: a8:98:5d:3a:65:e5:e5:c4:b2:d7:d6:6d:40:c6:dd:2f:b1:9c:54:36 +# SHA256 Fingerprint: 43:48:a0:e9:44:4c:78:cb:26:5e:05:8d:5e:89:44:b4:d8:4f:96:62:bd:26:db:25:7f:89:34:a4:43:c7:01:61 +-----BEGIN CERTIFICATE----- +MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD +QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT +MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j +b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB +CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97 +nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt +43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P +T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4 +gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO +BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR +TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw +DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr +hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg +06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF +PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls +YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk +CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4= +-----END CERTIFICATE----- diff --git a/certs/DigiCert-TLS-Hybrid-ECC-SHA384-2020-CA1.pem b/certs/DigiCert-TLS-Hybrid-ECC-SHA384-2020-CA1.pem deleted file mode 100644 index 446f56f..0000000 --- a/certs/DigiCert-TLS-Hybrid-ECC-SHA384-2020-CA1.pem +++ /dev/null @@ -1,174 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 07:f2:f3:5c:87:a8:77:af:7a:ef:e9:47:99:35:25:bd - Signature Algorithm: sha384WithRSAEncryption - Issuer: C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA - Validity - Not Before: Apr 14 00:00:00 2021 GMT - Not After : Apr 13 23:59:59 2031 GMT - Subject: C = US, O = DigiCert Inc, CN = DigiCert TLS Hybrid ECC SHA384 2020 CA1 - Subject Public Key Info: - Public Key Algorithm: id-ecPublicKey - Public-Key: (384 bit) - pub: - 04:c1:1b:c6:9a:5b:98:d9:a4:29:a0:e9:d4:04:b5: - db:eb:a6:b2:6c:55:c0:ff:ed:98:c6:49:2f:06:27: - 51:cb:bf:70:c1:05:7a:c3:b1:9d:87:89:ba:ad:b4: - 13:17:c9:a8:b4:83:c8:b8:90:d1:cc:74:35:36:3c: - 83:72:b0:b5:d0:f7:22:69:c8:f1:80:c4:7b:40:8f: - cf:68:87:26:5c:39:89:f1:4d:91:4d:da:89:8b:e4: - 03:c3:43:e5:bf:2f:73 - ASN1 OID: secp384r1 - NIST CURVE: P-384 - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:TRUE, pathlen:0 - X509v3 Subject Key Identifier: - 0A:BC:08:29:17:8C:A5:39:6D:7A:0E:CE:33:C7:2E:B3:ED:FB:C3:7A - X509v3 Authority Key Identifier: - keyid:03:DE:50:35:56:D1:4C:BB:66:F0:A3:E2:1B:1B:C3:97:B2:3D:D1:55 - - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Extended Key Usage: - TLS Web Server Authentication, TLS Web Client Authentication - Authority Information Access: - OCSP - URI:http://ocsp.digicert.com - CA Issuers - URI:http://cacerts.digicert.com/DigiCertGlobalRootCA.crt - - X509v3 CRL Distribution Points: - - Full Name: - URI:http://crl3.digicert.com/DigiCertGlobalRootCA.crl - - X509v3 Certificate Policies: - Policy: 2.16.840.1.114412.2.1 - Policy: 2.23.140.1.1 - Policy: 2.23.140.1.2.1 - Policy: 2.23.140.1.2.2 - Policy: 2.23.140.1.2.3 - - Signature Algorithm: sha384WithRSAEncryption - 47:59:81:7f:d4:1b:1f:b0:71:f6:98:5d:18:ba:98:47:98:b0: - 7e:76:2b:ea:ff:1a:8b:ac:26:b3:42:8d:31:e6:4a:e8:19:d0: - ef:da:14:e7:d7:14:92:a1:92:f2:a7:2e:2d:af:fb:1d:f6:fb: - 53:b0:8a:3f:fc:d8:16:0a:e9:b0:2e:b6:a5:0b:18:90:35:26: - a2:da:f6:a8:b7:32:fc:95:23:4b:c6:45:b9:c4:cf:e4:7c:ee: - e6:c9:f8:90:bd:72:e3:99:c3:1d:0b:05:7c:6a:97:6d:b2:ab: - 02:36:d8:c2:bc:2c:01:92:3f:04:a3:8b:75:11:c7:b9:29:bc: - 11:d0:86:ba:92:bc:26:f9:65:c8:37:cd:26:f6:86:13:0c:04: - aa:89:e5:78:b1:c1:4e:79:bc:76:a3:0b:51:e4:c5:d0:9e:6a: - fe:1a:2c:56:ae:06:36:27:a3:73:1c:08:7d:93:32:d0:c2:44: - 19:da:8d:f4:0e:7b:1d:28:03:2b:09:8a:76:ca:77:dc:87:7a: - ac:7b:52:26:55:a7:72:0f:9d:d2:88:4f:fe:b1:21:c5:1a:a1: - aa:39:f5:56:db:c2:84:c4:35:1f:70:da:bb:46:f0:86:bf:64: - 00:c4:3e:f7:9f:46:1b:9d:23:05:b9:7d:b3:4f:0f:a9:45:3a: - e3:74:30:98 ------BEGIN CERTIFICATE----- -MIIEFzCCAv+gAwIBAgIQB/LzXIeod6967+lHmTUlvTANBgkqhkiG9w0BAQwFADBh -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD -QTAeFw0yMTA0MTQwMDAwMDBaFw0zMTA0MTMyMzU5NTlaMFYxCzAJBgNVBAYTAlVT -MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxMDAuBgNVBAMTJ0RpZ2lDZXJ0IFRMUyBI -eWJyaWQgRUNDIFNIQTM4NCAyMDIwIENBMTB2MBAGByqGSM49AgEGBSuBBAAiA2IA -BMEbxppbmNmkKaDp1AS12+umsmxVwP/tmMZJLwYnUcu/cMEFesOxnYeJuq20ExfJ -qLSDyLiQ0cx0NTY8g3KwtdD3ImnI8YDEe0CPz2iHJlw5ifFNkU3aiYvkA8ND5b8v -c6OCAYIwggF+MBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFAq8CCkXjKU5 -bXoOzjPHLrPt+8N6MB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA4G -A1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdgYI -KwYBBQUHAQEEajBoMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5j -b20wQAYIKwYBBQUHMAKGNGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdp -Q2VydEdsb2JhbFJvb3RDQS5jcnQwQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2Ny -bDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDA9BgNVHSAE -NjA0MAsGCWCGSAGG/WwCATAHBgVngQwBATAIBgZngQwBAgEwCAYGZ4EMAQICMAgG -BmeBDAECAzANBgkqhkiG9w0BAQwFAAOCAQEAR1mBf9QbH7Bx9phdGLqYR5iwfnYr -6v8ai6wms0KNMeZK6BnQ79oU59cUkqGS8qcuLa/7Hfb7U7CKP/zYFgrpsC62pQsY -kDUmotr2qLcy/JUjS8ZFucTP5Hzu5sn4kL1y45nDHQsFfGqXbbKrAjbYwrwsAZI/ -BKOLdRHHuSm8EdCGupK8JvllyDfNJvaGEwwEqonleLHBTnm8dqMLUeTF0J5q/hos -Vq4GNiejcxwIfZMy0MJEGdqN9A57HSgDKwmKdsp33Id6rHtSJlWncg+d0ohP/rEh -xRqhqjn1VtvChMQ1H3Dau0bwhr9kAMQ+959GG50jBbl9s08PqUU643QwmA== ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 08:3b:e0:56:90:42:46:b1:a1:75:6a:c9:59:91:c7:4a - Signature Algorithm: sha1WithRSAEncryption - Issuer: C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA - Validity - Not Before: Nov 10 00:00:00 2006 GMT - Not After : Nov 10 00:00:00 2031 GMT - Subject: C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public-Key: (2048 bit) - Modulus: - 00:e2:3b:e1:11:72:de:a8:a4:d3:a3:57:aa:50:a2: - 8f:0b:77:90:c9:a2:a5:ee:12:ce:96:5b:01:09:20: - cc:01:93:a7:4e:30:b7:53:f7:43:c4:69:00:57:9d: - e2:8d:22:dd:87:06:40:00:81:09:ce:ce:1b:83:bf: - df:cd:3b:71:46:e2:d6:66:c7:05:b3:76:27:16:8f: - 7b:9e:1e:95:7d:ee:b7:48:a3:08:da:d6:af:7a:0c: - 39:06:65:7f:4a:5d:1f:bc:17:f8:ab:be:ee:28:d7: - 74:7f:7a:78:99:59:85:68:6e:5c:23:32:4b:bf:4e: - c0:e8:5a:6d:e3:70:bf:77:10:bf:fc:01:f6:85:d9: - a8:44:10:58:32:a9:75:18:d5:d1:a2:be:47:e2:27: - 6a:f4:9a:33:f8:49:08:60:8b:d4:5f:b4:3a:84:bf: - a1:aa:4a:4c:7d:3e:cf:4f:5f:6c:76:5e:a0:4b:37: - 91:9e:dc:22:e6:6d:ce:14:1a:8e:6a:cb:fe:cd:b3: - 14:64:17:c7:5b:29:9e:32:bf:f2:ee:fa:d3:0b:42: - d4:ab:b7:41:32:da:0c:d4:ef:f8:81:d5:bb:8d:58: - 3f:b5:1b:e8:49:28:a2:70:da:31:04:dd:f7:b2:16: - f2:4c:0a:4e:07:a8:ed:4a:3d:5e:b5:7f:a3:90:c3: - af:27 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Key Usage: critical - Digital Signature, Certificate Sign, CRL Sign - X509v3 Basic Constraints: critical - CA:TRUE - X509v3 Subject Key Identifier: - 03:DE:50:35:56:D1:4C:BB:66:F0:A3:E2:1B:1B:C3:97:B2:3D:D1:55 - X509v3 Authority Key Identifier: - keyid:03:DE:50:35:56:D1:4C:BB:66:F0:A3:E2:1B:1B:C3:97:B2:3D:D1:55 - - Signature Algorithm: sha1WithRSAEncryption - cb:9c:37:aa:48:13:12:0a:fa:dd:44:9c:4f:52:b0:f4:df:ae: - 04:f5:79:79:08:a3:24:18:fc:4b:2b:84:c0:2d:b9:d5:c7:fe: - f4:c1:1f:58:cb:b8:6d:9c:7a:74:e7:98:29:ab:11:b5:e3:70: - a0:a1:cd:4c:88:99:93:8c:91:70:e2:ab:0f:1c:be:93:a9:ff: - 63:d5:e4:07:60:d3:a3:bf:9d:5b:09:f1:d5:8e:e3:53:f4:8e: - 63:fa:3f:a7:db:b4:66:df:62:66:d6:d1:6e:41:8d:f2:2d:b5: - ea:77:4a:9f:9d:58:e2:2b:59:c0:40:23:ed:2d:28:82:45:3e: - 79:54:92:26:98:e0:80:48:a8:37:ef:f0:d6:79:60:16:de:ac: - e8:0e:cd:6e:ac:44:17:38:2f:49:da:e1:45:3e:2a:b9:36:53: - cf:3a:50:06:f7:2e:e8:c4:57:49:6c:61:21:18:d5:04:ad:78: - 3c:2c:3a:80:6b:a7:eb:af:15:14:e9:d8:89:c1:b9:38:6c:e2: - 91:6c:8a:ff:64:b9:77:25:57:30:c0:1b:24:a3:e1:dc:e9:df: - 47:7c:b5:b4:24:08:05:30:ec:2d:bd:0b:bf:45:bf:50:b9:a9: - f3:eb:98:01:12:ad:c8:88:c6:98:34:5f:8d:0a:3c:c6:e9:d5: - 95:95:6d:de ------BEGIN CERTIFICATE----- -MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD -QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT -MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j -b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB -CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97 -nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt -43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P -T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4 -gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO -BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR -TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw -DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr -hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg -06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF -PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls -YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk -CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4= ------END CERTIFICATE----- diff --git a/doc/netwatch-dns.md b/doc/netwatch-dns.md index 3d2c6be..9fe486e 100644 --- a/doc/netwatch-dns.md +++ b/doc/netwatch-dns.md @@ -63,7 +63,7 @@ Importing a certificate automatically is possible, at least if available in the repository (see `certs` sub directory). /tool/netwatch/add comment="doh, doh-cert=DigiCert Global Root G2" host=1.1.1.1; - /tool/netwatch/add comment="doh, doh-cert=DigiCert TLS Hybrid ECC SHA384 2020 CA1" host=9.9.9.9; + /tool/netwatch/add comment="doh, doh-cert=DigiCert Global Root CA" host=9.9.9.9; /tool/netwatch/add comment="doh, doh-cert=GTS Root R1" host=8.8.8.8; Sometimes using just one specific (possibly internal) DNS server may be From 1a6812ef797a1683cec9678062cfaca367500ad0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 20 Jun 2024 20:51:46 +0200 Subject: [PATCH 542/908] notify on changes regarding certificates --- global-functions.rsc | 2 +- news-and-changes.rsc | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index ca8ecb1..eb9f638 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -12,7 +12,7 @@ :local ScriptName [ :jobname ]; # expected configuration version -:global ExpectedConfigVersion 129; +:global ExpectedConfigVersion 130; # global variables not to be changed by user :global GlobalFunctionsReady false; diff --git a/news-and-changes.rsc b/news-and-changes.rsc index b20bbaf..cf17e7a 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -54,6 +54,7 @@ 127="Added support for authentication to Ntfy notification module."; 128="Added another list from blocklist.de to default configuration for 'fw-addr-lists'."; 129="Extended 'backup-partition' to support RouterOS copy-over - interactively or before feature update."; + 130="Dropped intermediate certificates, depending on just root certificates now."; }; # Migration steps to be applied on script updates From cdb553d39b21e82e70f427b0a7c4e95dc4f2055f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 20 Jun 2024 12:25:26 +0200 Subject: [PATCH 543/908] global-functions: $CertificateDownload: try fallback to mkcert.org There's a nice API that allows to download certificate by exact common name. Let's use that, as a fallback at least. https://mkcert.org/ --- global-functions.rsc | 41 ++++++++++++++++++++++++++++++----------- news-and-changes.rsc | 1 + 2 files changed, 31 insertions(+), 11 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index eb9f638..26472b8 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -12,7 +12,7 @@ :local ScriptName [ :jobname ]; # expected configuration version -:global ExpectedConfigVersion 130; +:global ExpectedConfigVersion 131; # global variables not to be changed by user :global GlobalFunctionsReady false; @@ -135,6 +135,7 @@ :global ScriptUpdatesBaseUrl; :global ScriptUpdatesUrlSuffix; + :global CertificateAvailable; :global CertificateNameByCN; :global CleanName; :global FetchUserAgentStr; @@ -143,22 +144,40 @@ $LogPrint info $0 ("Downloading and importing certificate with " . \ "CommonName '" . $CommonName . "'."); + :local FileName ([ $CleanName $CommonName ] . ".pem"); :do { - :local FileName ([ $CleanName $CommonName ] . ".pem"); /tool/fetch check-certificate=yes-without-crl http-header-field=({ [ $FetchUserAgentStr $0 ] }) \ ($ScriptUpdatesBaseUrl . "certs/" . $FileName . $ScriptUpdatesUrlSuffix) \ dst-path=$FileName as-value; $WaitForFile $FileName; - /certificate/import file-name=$FileName passphrase="" as-value; - :delay 1s; - /file/remove [ find where name=$FileName ]; - - :foreach Cert in=[ /certificate/find where name~("^" . $FileName . "_[0-9]+\$") ] do={ - $CertificateNameByCN [ /certificate/get $Cert common-name ]; - } } on-error={ - $LogPrint warning $0 ("Failed importing certificate with CommonName '" . $CommonName . "'!"); - :return false; + $LogPrint warning $0 ("Failed downloading certificate with CommonName '" . $CommonName . \ + "' from repository! Trying fallback to mkcert.org..."); + :do { + :if ([ $CertificateAvailable "ISRG Root X1" ] = false) do={ + $LogPrint error $0 ("Downloading required certificate failed."); + :return false; + } + /tool/fetch check-certificate=yes-without-crl http-header-field=({ [ $FetchUserAgentStr $0 ] }) \ + "https://mkcert.org/generate/" http-data=[ :serialize to=json ({ $CommonName }) ] \ + dst-path=$FileName as-value; + $WaitForFile $FileName; + :if ([ /file/get $FileName size ] = 0) do={ + /file/remove $FileName; + :error false; + } + } on-error={ + $LogPrint warning $0 ("Failed downloading certificate with CommonName '" . $CommonName . "'!"); + :return false; + } + } + + /certificate/import file-name=$FileName passphrase="" as-value; + :delay 1s; + /file/remove [ find where name=$FileName ]; + + :foreach Cert in=[ /certificate/find where name~("^" . $FileName . "_[0-9]+\$") ] do={ + $CertificateNameByCN [ /certificate/get $Cert common-name ]; } :return true; } diff --git a/news-and-changes.rsc b/news-and-changes.rsc index cf17e7a..8ddc3d6 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -55,6 +55,7 @@ 128="Added another list from blocklist.de to default configuration for 'fw-addr-lists'."; 129="Extended 'backup-partition' to support RouterOS copy-over - interactively or before feature update."; 130="Dropped intermediate certificates, depending on just root certificates now."; + 131="Enhanced certificate download to fallback to mkcert.org, so all (commonly trusted) root certificates are available now."; }; # Migration steps to be applied on script updates From f3f7d3edc0f6bd895e27019ed5d48e4afafe95fa Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 25 Jun 2024 07:55:58 +0200 Subject: [PATCH 544/908] check-certificates: limit scope for $CertNew... ... into block where certificate is replaced. This should unbreak renewing with a certificate updated in place. --- check-certificates.rsc | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index e9235f1..c9622b7 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -139,7 +139,6 @@ :foreach Cert in=[ /certificate/find where !revoked !ca !scep-url expires-after<$CertRenewTime ] do={ :local CertVal [ /certificate/get $Cert ]; - :local CertNew; :local LastName; :do { @@ -166,7 +165,7 @@ } else={ $LogPrint debug $ScriptName ("Certificate '" . $CertVal->"name" . "' was not updated, but replaced."); - :set CertNew [ /certificate/find where name~("^" . [ $EscapeForRegEx [ $UrlEncode $LastName ] ] . "\\.(p12|pem)_[0-9]+\$") \ + :local CertNew [ /certificate/find where name~("^" . [ $EscapeForRegEx [ $UrlEncode $LastName ] ] . "\\.(p12|pem)_[0-9]+\$") \ (common-name=($CertVal->"common-name") or subject-alt-name~("(^|\\W)(DNS|IP):" . [ $EscapeForRegEx $LastName ] . "(\\W|\$)")) \ fingerprint!=[ :tostr ($CertVal->"fingerprint") ] expires-after>$CertRenewTime ]; :local CertNewVal [ /certificate/get $CertNew ]; @@ -190,13 +189,13 @@ /certificate/remove $Cert; /certificate/set $CertNew name=($CertVal->"name"); - :set CertNewVal; + :set Cert $CertNew; :set CertVal [ /certificate/get $CertNew ]; } $SendNotification2 ({ origin=$ScriptName; silent=true; \ subject=([ $SymbolForNotification "lock-with-ink-pen" ] . "Certificate renewed: " . ($CertVal->"name")); \ - message=("A certificate on " . $Identity . " has been renewed.\n\n" . [ $FormatInfo $CertNew ]) }); + message=("A certificate on " . $Identity . " has been renewed.\n\n" . [ $FormatInfo $Cert ]) }); $LogPrint info $ScriptName ("The certificate '" . ($CertVal->"name") . "' has been renewed."); } on-error={ $LogPrint debug $ScriptName ("Could not renew certificate '" . ($CertVal->"name") . "'."); From ce1b635eb2d96706ef0a8b603737062338f92238 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 2 Jul 2024 21:29:14 +0200 Subject: [PATCH 545/908] global-functions: $GetMacVendor: cert 'GTS Root R4' --- certs/GTS-Root-R4.pem | 20 ++++++++++++++++++++ global-functions.rsc | 2 +- 2 files changed, 21 insertions(+), 1 deletion(-) create mode 100644 certs/GTS-Root-R4.pem diff --git a/certs/GTS-Root-R4.pem b/certs/GTS-Root-R4.pem new file mode 100644 index 0000000..16a1c36 --- /dev/null +++ b/certs/GTS-Root-R4.pem @@ -0,0 +1,20 @@ +# Issuer: CN=GTS Root R4 O=Google Trust Services LLC +# Subject: CN=GTS Root R4 O=Google Trust Services LLC +# Label: "GTS Root R4" +# Serial: 159662532700760215368942768210 +# MD5 Fingerprint: 43:96:83:77:19:4d:76:b3:9d:65:52:e4:1d:22:a5:e8 +# SHA1 Fingerprint: 77:d3:03:67:b5:e0:0c:15:f6:0c:38:61:df:7c:e1:3b:92:46:4d:47 +# SHA256 Fingerprint: 34:9d:fa:40:58:c5:e2:63:12:3b:39:8a:e7:95:57:3c:4e:13:13:c8:3f:e6:8f:93:55:6c:d5:e8:03:1b:3c:7d +-----BEGIN CERTIFICATE----- +MIICCTCCAY6gAwIBAgINAgPlwGjvYxqccpBQUjAKBggqhkjOPQQDAzBHMQswCQYD +VQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIG +A1UEAxMLR1RTIFJvb3QgUjQwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAwMDAw +WjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2Vz +IExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjQwdjAQBgcqhkjOPQIBBgUrgQQAIgNi +AATzdHOnaItgrkO4NcWBMHtLSZ37wWHO5t5GvWvVYRg1rkDdc/eJkTBa6zzuhXyi +QHY7qca4R9gq55KRanPpsXI5nymfopjTX15YhmUPoYRlBtHci8nHc8iMai/lxKvR +HYqjQjBAMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW +BBSATNbrdP9JNqPV2Py1PsVq8JQdjDAKBggqhkjOPQQDAwNpADBmAjEA6ED/g94D +9J+uHXqnLrmvT/aDHQ4thQEd0dlq7A/Cr8deVl5c1RxYIigL9zC2L7F8AjEA8GE8 +p/SgguMh1YQdc4acLa/KNJvxn7kjNuK8YAOdgLOaVsjh4rsUecrNIdSUtUlD +-----END CERTIFICATE----- diff --git a/global-functions.rsc b/global-functions.rsc index 26472b8..121c5ec 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -528,7 +528,7 @@ } :do { - :if ([ $CertificateAvailable "GTS Root R1" ] = false) do={ + :if ([ $CertificateAvailable "GTS Root R4" ] = false) do={ $LogPrint warning $0 ("Downloading required certificate failed."); :error false; } From eab9b28cd28b1d12d3f0d178db22acdac5ad1758 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 4 Jul 2024 11:56:56 +0200 Subject: [PATCH 546/908] global-functions: $MkDir: enable tmpfs if disabled --- global-functions.rsc | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 121c5ec..44b3abe 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -829,7 +829,12 @@ :global LogPrint; :global WaitForFile; - :if ([ :len [ /disk/find where slot=tmpfs type=tmpfs ] ] = 1) do={ + :local TmpFs [ /disk/find where slot=tmpfs type=tmpfs ]; + :if ([ :len $TmpFs ] = 1) do={ + :if ([ /disk/get $TmpFs disabled ] = true) do={ + $LogPrint info $0 ("The tmpfs is disabled, enabling."); + /disk/enable $TmpFs; + } :return true; } From 64bc9f73f7ed24cfb7dec9f24fb101594ae4cb79 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 3 Jul 2024 16:35:39 +0200 Subject: [PATCH 547/908] packages-update: run backups before package download This reduces memory pressure, especially on device with very limited RAM like mAP with its 64 MB. --- packages-update.rsc | 52 ++++++++++++++++++++++----------------------- 1 file changed, 26 insertions(+), 26 deletions(-) diff --git a/packages-update.rsc b/packages-update.rsc index 0208b1e..97039ec 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -60,32 +60,6 @@ :error true; } - :local NumInstalled [ $VersionToNum ($Update->"installed-version") ]; - :local NumLatest [ $VersionToNum ($Update->"latest-version") ]; - - :local DoDowngrade false; - :if ($NumInstalled > $NumLatest) do={ - :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ - :put "Latest version is older than installed one. Want to downgrade? [y/N]"; - :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ - :set DoDowngrade true; - } else={ - :put "Canceled..."; - } - } else={ - $LogPrint warning $ScriptName ("Not installing downgrade automatically."); - :error false; - } - } - - :foreach Package in=[ /system/package/find where !bundle ] do={ - :local PkgName [ /system/package/get $Package name ]; - :if ([ $DownloadPackage $PkgName ($Update->"latest-version") ] = false) do={ - $LogPrint error $ScriptName ("Download for package " . $PkgName . " failed, update aborted."); - :error false; - } - } - :local RunOrder ({}); :foreach Script in=[ /system/script/find where source~("\n# provides: backup-script\\b") ] do={ :local ScriptVal [ /system/script/get $Script ]; @@ -120,6 +94,32 @@ } } + :local NumInstalled [ $VersionToNum ($Update->"installed-version") ]; + :local NumLatest [ $VersionToNum ($Update->"latest-version") ]; + + :local DoDowngrade false; + :if ($NumInstalled > $NumLatest) do={ + :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ + :put "Latest version is older than installed one. Want to downgrade? [y/N]"; + :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ + :set DoDowngrade true; + } else={ + :put "Canceled..."; + } + } else={ + $LogPrint warning $ScriptName ("Not installing downgrade automatically."); + :error false; + } + } + + :foreach Package in=[ /system/package/find where !bundle ] do={ + :local PkgName [ /system/package/get $Package name ]; + :if ([ $DownloadPackage $PkgName ($Update->"latest-version") ] = false) do={ + $LogPrint error $ScriptName ("Download for package " . $PkgName . " failed, update aborted."); + :error false; + } + } + :if ($DoDowngrade = true) do={ $LogPrint info $ScriptName ("Rebooting for downgrade."); :delay 1s; From 1bc6f9c45c7487c6b1fa1c26a9ceeaeadd86c90c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 5 Jul 2024 15:19:11 +0200 Subject: [PATCH 548/908] backup-partition: rename variable --- backup-partition.rsc | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/backup-partition.rsc b/backup-partition.rsc index 3c883f7..572c740 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -58,13 +58,13 @@ :error false; } - :local FallbackTo [ /partitions/get $ActiveRunning fallback-to ]; + :local FallbackToName [ /partitions/get $ActiveRunning fallback-to ]; - :if ([ /partitions/get $ActiveRunning version ] != [ /partitions/get $FallbackTo version]) do={ + :if ([ /partitions/get $ActiveRunning version ] != [ /partitions/get $FallbackToName version]) do={ :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ - :put ("The partitions have different RouterOS versions. Copy over to '" . $FallbackTo . "'? [y/N]"); + :put ("The partitions have different RouterOS versions. Copy over to '" . $FallbackToName . "'? [y/N]"); :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ - :if ([ $CopyTo $ScriptName $FallbackTo ] = false) do={ + :if ([ $CopyTo $ScriptName $FallbackToName ] = false) do={ :set PackagesUpdateBackupFailure true; :error false; } @@ -75,7 +75,7 @@ :local NumLatest [ $VersionToNum ($Update->"latest-version") ]; :if ($BackupPartitionCopyBeforeFeatureUpdate = true && $NumLatest > 0 && \ ($NumInstalled & 0xffff0000) != ($NumLatest & 0xffff0000)) do={ - :if ([ $CopyTo $ScriptName $FallbackTo ] = false) do={ + :if ([ $CopyTo $ScriptName $FallbackToName ] = false) do={ :set PackagesUpdateBackupFailure true; :error false; } @@ -87,12 +87,12 @@ /system/scheduler/add start-time=startup name="running-from-backup-partition" \ on-event=(":log warning (\"Running from partition '\" . " . \ "[ /partitions/get [ find where running ] name ] . \"'!\")"); - /partitions/save-config-to $FallbackTo; + /partitions/save-config-to $FallbackToName; /system/scheduler/remove "running-from-backup-partition"; - $LogPrint info $ScriptName ("Saved configuration to partition '" . $FallbackTo . "'."); + $LogPrint info $ScriptName ("Saved configuration to partition '" . $FallbackToName . "'."); } on-error={ /system/scheduler/remove [ find where name="running-from-backup-partition" ]; - $LogPrint error $ScriptName ("Failed saving configuration to partition '" . $FallbackTo . "'!"); + $LogPrint error $ScriptName ("Failed saving configuration to partition '" . $FallbackToName . "'!"); :set PackagesUpdateBackupFailure true; :error false; } From 235737c2327cf377a1208dc96af53d9c8642b305 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 5 Jul 2024 15:21:52 +0200 Subject: [PATCH 549/908] backup-partition: check the fallback partition actually exists... ... and use its id for actions. --- backup-partition.rsc | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/backup-partition.rsc b/backup-partition.rsc index 572c740..211db0f 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -24,17 +24,18 @@ :global VersionToNum; :local CopyTo do={ - :local ScriptName [ :tostr $1 ]; - :local FallbackTo [ :tostr $2 ]; + :local ScriptName [ :tostr $1 ]; + :local FallbackTo [ :toid $2 ]; + :local FallbackToName [ :tostr $3 ]; :global LogPrint; :do { /partitions/copy-to $FallbackTo; - $LogPrint info $ScriptName ("Copied RouterOS to partition '" . $FallbackTo . "'."); + $LogPrint info $ScriptName ("Copied RouterOS to partition '" . $FallbackToName . "'."); :return true; } on-error={ - $LogPrint error $ScriptName ("Failed copying RouterOS to partition '" . $FallbackTo . "'!"); + $LogPrint error $ScriptName ("Failed copying RouterOS to partition '" . $FallbackToName . "'!"); :return false; } } @@ -59,12 +60,19 @@ } :local FallbackToName [ /partitions/get $ActiveRunning fallback-to ]; + :local FallbackTo [ /partition/find where name=$FallbackToName ]; - :if ([ /partitions/get $ActiveRunning version ] != [ /partitions/get $FallbackToName version]) do={ + :if ([ :len $FallbackTo ] < 1) do={ + $LogPrint error $ScriptName ("There is no partition with name '" . $FallbackToName . "'."); + :set PackagesUpdateBackupFailure true; + :error false; + } + + :if ([ /partitions/get $ActiveRunning version ] != [ /partitions/get $FallbackTo version]) do={ :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ :put ("The partitions have different RouterOS versions. Copy over to '" . $FallbackToName . "'? [y/N]"); :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ - :if ([ $CopyTo $ScriptName $FallbackToName ] = false) do={ + :if ([ $CopyTo $ScriptName $FallbackTo $FallbackToName ] = false) do={ :set PackagesUpdateBackupFailure true; :error false; } @@ -75,7 +83,7 @@ :local NumLatest [ $VersionToNum ($Update->"latest-version") ]; :if ($BackupPartitionCopyBeforeFeatureUpdate = true && $NumLatest > 0 && \ ($NumInstalled & 0xffff0000) != ($NumLatest & 0xffff0000)) do={ - :if ([ $CopyTo $ScriptName $FallbackToName ] = false) do={ + :if ([ $CopyTo $ScriptName $FallbackTo $FallbackToName ] = false) do={ :set PackagesUpdateBackupFailure true; :error false; } @@ -87,7 +95,7 @@ /system/scheduler/add start-time=startup name="running-from-backup-partition" \ on-event=(":log warning (\"Running from partition '\" . " . \ "[ /partitions/get [ find where running ] name ] . \"'!\")"); - /partitions/save-config-to $FallbackToName; + /partitions/save-config-to $FallbackTo; /system/scheduler/remove "running-from-backup-partition"; $LogPrint info $ScriptName ("Saved configuration to partition '" . $FallbackToName . "'."); } on-error={ From 25135b64e549e129914b9b5dfb74ca2011ee3d5d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 5 Jul 2024 15:32:49 +0200 Subject: [PATCH 550/908] backup-partition: check that target is inactive --- backup-partition.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backup-partition.rsc b/backup-partition.rsc index 211db0f..34cdc8f 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -60,10 +60,10 @@ } :local FallbackToName [ /partitions/get $ActiveRunning fallback-to ]; - :local FallbackTo [ /partition/find where name=$FallbackToName ]; + :local FallbackTo [ /partition/find where name=$FallbackToName !active ]; :if ([ :len $FallbackTo ] < 1) do={ - $LogPrint error $ScriptName ("There is no partition with name '" . $FallbackToName . "'."); + $LogPrint error $ScriptName ("There is no inactive partition named '" . $FallbackToName . "'."); :set PackagesUpdateBackupFailure true; :error false; } From 35d3c058b83388b8e187bb53ff8c1e0d85c299b5 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 10 Jul 2024 11:02:53 +0200 Subject: [PATCH 551/908] update list of contributors --- CONTRIBUTIONS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CONTRIBUTIONS.md b/CONTRIBUTIONS.md index 13d0508..e9bf7d1 100644 --- a/CONTRIBUTIONS.md +++ b/CONTRIBUTIONS.md @@ -47,6 +47,7 @@ Add yourself to the list, * Marek Čábák * Oleksandr Yukhymchuk * Peter Holtkamp +* Peter Ponzel * Reiner Vehrenkamp * Richard Österreicher * Simon Hitzemann From 78dfc568c10332ea63cc26e39ccf165f3d384c9e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 11 Jul 2024 08:45:53 +0200 Subject: [PATCH 552/908] capsman-{download-packages,rolling-upgrade}: run matching script It is possible to run old and new CAPsMAN on one system simultaneously (... since RouterOS 7.13?). Thus it may make sense to have both variants of these scripts installed, and we have to make sure to run the correct one. --- capsman-download-packages.capsman.rsc | 2 +- capsman-download-packages.template.rsc | 2 +- capsman-download-packages.wifi.rsc | 2 +- capsman-rolling-upgrade.capsman.rsc | 2 +- capsman-rolling-upgrade.template.rsc | 2 +- capsman-rolling-upgrade.wifi.rsc | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/capsman-download-packages.capsman.rsc b/capsman-download-packages.capsman.rsc index f5695f4..84d36f7 100644 --- a/capsman-download-packages.capsman.rsc +++ b/capsman-download-packages.capsman.rsc @@ -73,7 +73,7 @@ } :if ($Updated = true) do={ - :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade\n" ]->0); + :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade.capsman\n" ]->0); :if ([ :len $Script ] > 0) do={ /system/script/run $Script; } else={ diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index 762dbb6..deb15a7 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -83,7 +83,7 @@ } :if ($Updated = true) do={ - :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade\n" ]->0); + :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade%TEMPL%\n" ]->0); :if ([ :len $Script ] > 0) do={ /system/script/run $Script; } else={ diff --git a/capsman-download-packages.wifi.rsc b/capsman-download-packages.wifi.rsc index 79aa9a7..6147d21 100644 --- a/capsman-download-packages.wifi.rsc +++ b/capsman-download-packages.wifi.rsc @@ -75,7 +75,7 @@ } :if ($Updated = true) do={ - :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade\n" ]->0); + :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade.wifi\n" ]->0); :if ([ :len $Script ] > 0) do={ /system/script/run $Script; } else={ diff --git a/capsman-rolling-upgrade.capsman.rsc b/capsman-rolling-upgrade.capsman.rsc index 2c9ae3d..e9ca5cc 100644 --- a/capsman-rolling-upgrade.capsman.rsc +++ b/capsman-rolling-upgrade.capsman.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# provides: capsman-rolling-upgrade +# provides: capsman-rolling-upgrade.capsman # requires RouterOS, version=7.13 # # upgrade CAPs one after another diff --git a/capsman-rolling-upgrade.template.rsc b/capsman-rolling-upgrade.template.rsc index 2098bc0..a28d7f7 100644 --- a/capsman-rolling-upgrade.template.rsc +++ b/capsman-rolling-upgrade.template.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# provides: capsman-rolling-upgrade +# provides: capsman-rolling-upgrade%TEMPL% # requires RouterOS, version=7.13 # # upgrade CAPs one after another diff --git a/capsman-rolling-upgrade.wifi.rsc b/capsman-rolling-upgrade.wifi.rsc index 36b8c0f..22f8818 100644 --- a/capsman-rolling-upgrade.wifi.rsc +++ b/capsman-rolling-upgrade.wifi.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# provides: capsman-rolling-upgrade +# provides: capsman-rolling-upgrade.wifi # requires RouterOS, version=7.13 # # upgrade CAPs one after another From 3fd1896ad622f8097cc14af8f37114f9fc47f5b7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 11 Jul 2024 08:55:26 +0200 Subject: [PATCH 553/908] capsman-download-packages: support running several scripts... ... as it is possible to have more than just one providing the functionality. --- capsman-download-packages.capsman.rsc | 8 +++++--- capsman-download-packages.template.rsc | 8 +++++--- capsman-download-packages.wifi.rsc | 8 +++++--- 3 files changed, 15 insertions(+), 9 deletions(-) diff --git a/capsman-download-packages.capsman.rsc b/capsman-download-packages.capsman.rsc index 84d36f7..4f9ab9d 100644 --- a/capsman-download-packages.capsman.rsc +++ b/capsman-download-packages.capsman.rsc @@ -73,9 +73,11 @@ } :if ($Updated = true) do={ - :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade.capsman\n" ]->0); - :if ([ :len $Script ] > 0) do={ - /system/script/run $Script; + :local Scripts [ /system/script/find where source~"\n# provides: capsman-rolling-upgrade.capsman\n" ]; + :if ([ :len $Scripts ] > 0) do={ + :foreach Script in=$Scripts do={ + /system/script/run $Script; + } } else={ /caps-man/remote-cap/upgrade [ find where version!=$InstalledVersion ]; } diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index deb15a7..c0e815b 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -83,9 +83,11 @@ } :if ($Updated = true) do={ - :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade%TEMPL%\n" ]->0); - :if ([ :len $Script ] > 0) do={ - /system/script/run $Script; + :local Scripts [ /system/script/find where source~"\n# provides: capsman-rolling-upgrade%TEMPL%\n" ]; + :if ([ :len $Scripts ] > 0) do={ + :foreach Script in=$Scripts do={ + /system/script/run $Script; + } } else={ /caps-man/remote-cap/upgrade [ find where version!=$InstalledVersion ]; /interface/wifi/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ]; diff --git a/capsman-download-packages.wifi.rsc b/capsman-download-packages.wifi.rsc index 6147d21..64ac7cd 100644 --- a/capsman-download-packages.wifi.rsc +++ b/capsman-download-packages.wifi.rsc @@ -75,9 +75,11 @@ } :if ($Updated = true) do={ - :local Script ([ /system/script/find where source~"\n# provides: capsman-rolling-upgrade.wifi\n" ]->0); - :if ([ :len $Script ] > 0) do={ - /system/script/run $Script; + :local Scripts [ /system/script/find where source~"\n# provides: capsman-rolling-upgrade.wifi\n" ]; + :if ([ :len $Scripts ] > 0) do={ + :foreach Script in=$Scripts do={ + /system/script/run $Script; + } } else={ /interface/wifi/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ]; } From f09fa83105ea40876e7103a118b3d6d57098cf0c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 16 Jul 2024 13:49:02 +0200 Subject: [PATCH 554/908] doc/mod/ssh-keys-import: drop hint on older RouterOS --- doc/mod/ssh-keys-import.md | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/doc/mod/ssh-keys-import.md b/doc/mod/ssh-keys-import.md index db8e322..88524ab 100644 --- a/doc/mod/ssh-keys-import.md +++ b/doc/mod/ssh-keys-import.md @@ -34,12 +34,8 @@ Usage and invocation Call the function `$SSHKeysImport` with key and user as parameter to import that key: - $SSHKeysImport "ssh-rsa AAAAB3Nza...QYZk8= user" admin; - -Starting with RouterOS *7.12beta1* support for keys of type `ed25519` has -been added: - $SSHKeysImport "ssh-ed25519 AAAAC3Nza...ZVugJT user" admin; + $SSHKeysImport "ssh-rsa AAAAB3Nza...QYZk8= user" admin; The third part of the key (`user` in this example) is inherited as `key-owner` in RouterOS. Also the `MD5` fingerprint is recorded, this helps From 0101b56bff0cfad4043c4e86aa7e68325530eca3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 11 Jul 2024 23:10:42 +0200 Subject: [PATCH 555/908] README: use :tocrlf to convert global-config-overlay --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 6b3cd05..4fd0e3e 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ RouterOS Scripts [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) @@ -155,7 +155,7 @@ This last step is required when ever you make changes to your configuration. > ℹ️ **Info**: It is recommended to edit the configuration using the command > line interface. If using Winbox on Windows OS, the line endings may be > missing. To fix this run: -> `/system/script/set source=[ $Unix2Dos [ get global-config-overlay source ] ] global-config-overlay;` +> `/system/script/set source=[ :tocrlf [ get global-config-overlay source ] ] global-config-overlay;` Updating scripts ---------------- From 2d42fed621f5bb79a187774afe46c04e06b9c71b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 16 Jul 2024 12:23:02 +0200 Subject: [PATCH 556/908] global-functions: $ScriptInstallUpdate: forcibly convert to LF... ... to make sure we do not have unintended CRLF line breaks. --- global-functions.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 44b3abe..2c7c87c 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # global functions # https://git.eworm.de/cgit/routeros-scripts/about/ @@ -1060,7 +1060,7 @@ :local Result [ /tool/fetch check-certificate=yes-without-crl \ http-header-field=({ [ $FetchUserAgentStr $0 ] }) $Url output=user as-value ]; :if ($Result->"status" = "finished") do={ - :set SourceNew ($Result->"data"); + :set SourceNew [ :tolf ($Result->"data") ]; } } on-error={ :if ($ScriptVal->"source" = "#!rsc by RouterOS\n") do={ From 68f61ae6221afeb279ea3823e42cb8da4656a2a6 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 16 Jul 2024 12:27:08 +0200 Subject: [PATCH 557/908] global-functions: $ScriptInstallUpdate: allow CRLF on device --- global-functions.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 2c7c87c..327443a 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1074,7 +1074,8 @@ } :if ([ :len $SourceNew ] > 0) do={ - :if ($SourceNew != $ScriptVal->"source") do={ + :local SourceCRLF [ :tocrlf $SourceNew ]; + :if ($SourceNew != $ScriptVal->"source" && $SourceCRLF != $ScriptVal->"source") do={ :if ([ :pick $SourceNew 0 18 ] = "#!rsc by RouterOS\n") do={ :local Required ([ $ParseKeyValueStore [ $Grep $SourceNew ("\23 requires RouterOS, ") ] ]->"version"); :if ([ $RequiredRouterOS $0 [ $EitherOr $Required "0.0" ] false ] = true) do={ From 7cf0c5b2056bb7522f6174bd76d4b0ea19d4c647 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 16 Jul 2024 12:38:18 +0200 Subject: [PATCH 558/908] capsman-download-packages: support scripts with CRLF line breaks --- capsman-download-packages.capsman.rsc | 2 +- capsman-download-packages.template.rsc | 2 +- capsman-download-packages.wifi.rsc | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/capsman-download-packages.capsman.rsc b/capsman-download-packages.capsman.rsc index 4f9ab9d..1247d9a 100644 --- a/capsman-download-packages.capsman.rsc +++ b/capsman-download-packages.capsman.rsc @@ -73,7 +73,7 @@ } :if ($Updated = true) do={ - :local Scripts [ /system/script/find where source~"\n# provides: capsman-rolling-upgrade.capsman\n" ]; + :local Scripts [ /system/script/find where source~"\n# provides: capsman-rolling-upgrade.capsman\r?\n" ]; :if ([ :len $Scripts ] > 0) do={ :foreach Script in=$Scripts do={ /system/script/run $Script; diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index c0e815b..8418841 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -83,7 +83,7 @@ } :if ($Updated = true) do={ - :local Scripts [ /system/script/find where source~"\n# provides: capsman-rolling-upgrade%TEMPL%\n" ]; + :local Scripts [ /system/script/find where source~"\n# provides: capsman-rolling-upgrade%TEMPL%\r?\n" ]; :if ([ :len $Scripts ] > 0) do={ :foreach Script in=$Scripts do={ /system/script/run $Script; diff --git a/capsman-download-packages.wifi.rsc b/capsman-download-packages.wifi.rsc index 64ac7cd..c5a6999 100644 --- a/capsman-download-packages.wifi.rsc +++ b/capsman-download-packages.wifi.rsc @@ -75,7 +75,7 @@ } :if ($Updated = true) do={ - :local Scripts [ /system/script/find where source~"\n# provides: capsman-rolling-upgrade.wifi\n" ]; + :local Scripts [ /system/script/find where source~"\n# provides: capsman-rolling-upgrade.wifi\r?\n" ]; :if ([ :len $Scripts ] > 0) do={ :foreach Script in=$Scripts do={ /system/script/run $Script; From ee928605df642ab9f917dd1e65f85f7cb09e8192 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 16 Jul 2024 12:41:17 +0200 Subject: [PATCH 559/908] news-and-changes: support scripts with CRLF line breaks --- news-and-changes.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/news-and-changes.rsc b/news-and-changes.rsc index 8ddc3d6..9ab811d 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -61,7 +61,7 @@ # Migration steps to be applied on script updates :global GlobalConfigMigration { 97=":local Rec [ /ip/dns/static/find where comment~\"^managed by dhcp-to-dns for \" ]; :if ([ :len \$Rec ] > 0) do={ /ip/dns/static/remove \$Rec; /system/script/run dhcp-to-dns; }"; - 100=":global ScriptInstallUpdate; :if ([ :len [ /system/script/find where name=\"ssh-keys-import\" source~\"^#!rsc by RouterOS\\n\" ] ] > 0) do={ /system/script/set name=\"mod/ssh-keys-import\" ssh-keys-import; \$ScriptInstallUpdate; }"; + 100=":global ScriptInstallUpdate; :if ([ :len [ /system/script/find where name=\"ssh-keys-import\" source~\"^#!rsc by RouterOS\\r?\\n\" ] ] > 0) do={ /system/script/set name=\"mod/ssh-keys-import\" ssh-keys-import; \$ScriptInstallUpdate; }"; 104=":global CharacterReplace; :global ScriptInstallUpdate; :foreach Script in={ \"capsman-download-packages\"; \"capsman-rolling-upgrade\"; \"hotspot-to-wpa\"; \"hotspot-to-wpa-cleanup\" } do={ /system/script/set name=(\$Script . \".capsman\") [ find where name=\$Script ]; :foreach Scheduler in=[ /system/scheduler/find where on-event~(\$Script . \"([^-.]|\\\$)\") ] do={ /system/scheduler/set \$Scheduler on-event=[ \$CharacterReplace [ get \$Scheduler on-event ] \$Script (\$Script . \".capsman\") ]; }; }; /ip/hotspot/user/profile/set on-login=\"hotspot-to-wpa.capsman\" [ find where on-login=\"hotspot-to-wpa\" ]; \$ScriptInstallUpdate;"; 111=":local Rec [ /ip/dns/static/find where comment~\"^managed by dhcp-to-dns for \" ]; :if ([ :len \$Rec ] > 0) do={ /ip/dns/static/remove \$Rec; /system/script/run dhcp-to-dns; }"; }; From a26f78329a1e941fcab969611ffbb83af4f2ea01 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 16 Jul 2024 12:42:24 +0200 Subject: [PATCH 560/908] ppp-on-up: support scripts with CRLF line breaks --- ppp-on-up.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ppp-on-up.rsc b/ppp-on-up.rsc index 4ed92c5..6484ecb 100644 --- a/ppp-on-up.rsc +++ b/ppp-on-up.rsc @@ -28,7 +28,7 @@ /ipv6/dhcp-client/release [ find where interface=$IntName !disabled ]; - :foreach Script in=[ /system/script/find where source~("\n# provides: ppp-on-up\n") ] do={ + :foreach Script in=[ /system/script/find where source~("\n# provides: ppp-on-up\r?\n") ] do={ :local ScriptName [ /system/script/get $Script name ]; :do { $LogPrint debug $ScriptName ("Running script: " . $ScriptName); From f2ca62aed0ff062b6e2dec13f8bb20e828bfdeb2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 16 Jul 2024 12:33:47 +0200 Subject: [PATCH 561/908] global-functions: $ScriptInstallUpdate: support storing with CRLF Adding this in `global-config-overlay` make the scripts being stored with CRLF line breaks: :global ScriptUpdatesCRLF true; Handle with care, I do not recommend it. Thus it's just a hidden setting. --- global-functions.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 327443a..b824d62 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1008,6 +1008,7 @@ :global IDonate; :global NoNewsAndChangesNotification; :global ScriptUpdatesBaseUrl; + :global ScriptUpdatesCRLF; :global ScriptUpdatesUrlSuffix; :global CertificateAvailable; @@ -1081,7 +1082,8 @@ :if ([ $RequiredRouterOS $0 [ $EitherOr $Required "0.0" ] false ] = true) do={ :if ([ $ValidateSyntax $SourceNew ] = true) do={ $LogPrint info $0 ("Updating script: " . $ScriptVal->"name"); - /system/script/set owner=($ScriptVal->"name") source=$SourceNew $Script; + /system/script/set owner=($ScriptVal->"name") \ + source=[ $IfThenElse ($ScriptUpdatesCRLF = true) $SourceCRLF $SourceNew ] $Script; :if ($ScriptVal->"name" = "global-config") do={ :set ReloadGlobalConfig true; } From 8074305b9250d98e182f5cb968de2c8bd438f7f3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 11 Jul 2024 23:09:32 +0200 Subject: [PATCH 562/908] global-functions: $Dos2Unix: use :tolf --- global-functions.rsc | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index b824d62..312936b 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -313,11 +313,7 @@ # convert line endings, DOS -> UNIX :set Dos2Unix do={ - :local Input [ :tostr $1 ]; - - :global CharacterReplace; - - :return [ $CharacterReplace $Input ("\r\n") ("\n") ]; + :return [ :tolf [ :tostr $1 ] ]; } # download package from upgrade server From 8f75d542f3aa7cb3c5726412daa0ab41c6880489 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 11 Jul 2024 23:06:57 +0200 Subject: [PATCH 563/908] global-functions: $PrettyPrint: use :tocrlf --- global-functions.rsc | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 312936b..950ccd6 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -909,11 +909,7 @@ # print lines with trailing carriage return :set PrettyPrint do={ - :local Input [ :tostr $1 ]; - - :global Unix2Dos; - - :put [ $Unix2Dos $Input ]; + :put [ :tocrlf [ :tostr $1 ] ]; } # strip protocol from from url string From 2fd0d27447b8ce6620ec3f6d68c9d5ca62bb9f02 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 11 Jul 2024 23:08:42 +0200 Subject: [PATCH 564/908] global-functions: $Unix2Dos: use :tocrlf --- global-functions.rsc | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 950ccd6..54dcb68 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1433,12 +1433,7 @@ # convert line endings, UNIX -> DOS :set Unix2Dos do={ - :local Input [ :tostr $1 ]; - - :global CharacterReplace; - - :return [ $CharacterReplace [ $CharacterReplace $Input \ - ("\n") ("\r\n") ] ("\r\r\n") ("\r\n") ]; + :return [ :tocrlf [ :tostr $1 ] ]; } # url encoding From 2b758b83fd47ca765dd8c5ed15ff3d001d60a6fc Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 11 Jul 2024 23:12:50 +0200 Subject: [PATCH 565/908] mod/inspectvar: use :tocrlf --- doc/mod/inspectvar.md | 2 +- mod/inspectvar.rsc | 5 ++--- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/doc/mod/inspectvar.md b/doc/mod/inspectvar.md index d4e59b3..4e2f4c1 100644 --- a/doc/mod/inspectvar.md +++ b/doc/mod/inspectvar.md @@ -4,7 +4,7 @@ Inspect variables [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/mod/inspectvar.rsc b/mod/inspectvar.rsc index 5adca0a..73205b2 100644 --- a/mod/inspectvar.rsc +++ b/mod/inspectvar.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # inspect variables # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/inspectvar.md @@ -14,9 +14,8 @@ # inspect variable and print on terminal :set InspectVar do={ :global InspectVarReturn; - :global PrettyPrint; - $PrettyPrint [ $InspectVarReturn $1 ]; + :put [ :tocrlf [ $InspectVarReturn $1 ] ]; } # inspect variable and return formatted string From 075a9bd6c43e08efee73eb6e1ec5b0ea0391fef2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 11 Jul 2024 23:13:50 +0200 Subject: [PATCH 566/908] mod/ipcalc: use :tocrlf --- doc/mod/ipcalc.md | 2 +- mod/ipcalc.rsc | 7 +++---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/doc/mod/ipcalc.md b/doc/mod/ipcalc.md index cb655bc..9f39429 100644 --- a/doc/mod/ipcalc.md +++ b/doc/mod/ipcalc.md @@ -4,7 +4,7 @@ IP address calculation [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/mod/ipcalc.rsc b/mod/ipcalc.rsc index 128ca54..003bdc3 100644 --- a/mod/ipcalc.rsc +++ b/mod/ipcalc.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # ip address calculation # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/ipcalc.md @@ -17,17 +17,16 @@ :global FormatLine; :global IPCalcReturn; - :global PrettyPrint; :local Values [ $IPCalcReturn $1 ]; - $PrettyPrint ( \ + :put [ :tocrlf ( \ [ $FormatLine "Address" ($Values->"address") ] . "\n" . \ [ $FormatLine "Netmask" ($Values->"netmask") ] . "\n" . \ [ $FormatLine "Network" ($Values->"network") ] . "\n" . \ [ $FormatLine "HostMin" ($Values->"hostmin") ] . "\n" . \ [ $FormatLine "HostMax" ($Values->"hostmax") ] . "\n" . \ - [ $FormatLine "Broadcast" ($Values->"broadcast") ]); + [ $FormatLine "Broadcast" ($Values->"broadcast") ]) ]; } # calculate and return netmask, network, min host, max host and broadcast From 6fbafe76ba27e35d1f3067430ba78cedfa85eb19 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 16 Jul 2024 13:45:16 +0200 Subject: [PATCH 567/908] bump RouterOS requirement for all scripts and modules... ... now that global-functions requires RouterOS 7.14 anyway. --- BRANCHES.md | 2 +- CONTRIBUTIONS.md | 2 +- INITIAL-COMMANDS.md | 2 +- accesslist-duplicates.capsman.rsc | 2 +- accesslist-duplicates.local.rsc | 2 +- accesslist-duplicates.template.rsc | 2 +- accesslist-duplicates.wifi.rsc | 2 +- backup-cloud.rsc | 2 +- backup-email.rsc | 2 +- backup-partition.rsc | 2 +- backup-upload.rsc | 2 +- capsman-download-packages.capsman.rsc | 2 +- capsman-download-packages.template.rsc | 2 +- capsman-download-packages.wifi.rsc | 2 +- capsman-rolling-upgrade.capsman.rsc | 2 +- capsman-rolling-upgrade.template.rsc | 2 +- capsman-rolling-upgrade.wifi.rsc | 2 +- certificate-renew-issued.rsc | 2 +- check-certificates.rsc | 2 +- check-health.rsc | 2 +- check-lte-firmware-upgrade.rsc | 2 +- check-routeros-update.rsc | 2 +- collect-wireless-mac.capsman.rsc | 2 +- collect-wireless-mac.local.rsc | 2 +- collect-wireless-mac.template.rsc | 2 +- collect-wireless-mac.wifi.rsc | 2 +- daily-psk.capsman.rsc | 2 +- daily-psk.local.rsc | 2 +- daily-psk.template.rsc | 2 +- daily-psk.wifi.rsc | 2 +- dhcp-lease-comment.capsman.rsc | 2 +- dhcp-lease-comment.local.rsc | 2 +- dhcp-lease-comment.template.rsc | 2 +- dhcp-lease-comment.wifi.rsc | 2 +- dhcp-to-dns.rsc | 2 +- doc/accesslist-duplicates.md | 2 +- doc/backup-cloud.md | 2 +- doc/backup-email.md | 2 +- doc/backup-partition.md | 2 +- doc/backup-upload.md | 2 +- doc/capsman-download-packages.md | 2 +- doc/capsman-rolling-upgrade.md | 2 +- doc/certificate-renew-issued.md | 2 +- doc/check-certificates.md | 2 +- doc/check-health.md | 2 +- doc/check-lte-firmware-upgrade.md | 2 +- doc/check-routeros-update.md | 2 +- doc/collect-wireless-mac.md | 2 +- doc/daily-psk.md | 2 +- doc/dhcp-lease-comment.md | 2 +- doc/dhcp-to-dns.md | 2 +- doc/firmware-upgrade-reboot.md | 2 +- doc/fw-addr-lists.md | 2 +- doc/global-wait.md | 2 +- doc/gps-track.md | 2 +- doc/hotspot-to-wpa.md | 2 +- doc/ip-addr-bridge.md | 2 +- doc/ipsec-to-dns.md | 2 +- doc/ipv6-update.md | 2 +- doc/lease-script.md | 2 +- doc/leds-mode.md | 2 +- doc/log-forward.md | 2 +- doc/mod/bridge-port-to.md | 2 +- doc/mod/bridge-port-vlan.md | 2 +- doc/mod/notification-email.md | 2 +- doc/mod/notification-matrix.md | 2 +- doc/mod/notification-ntfy.md | 2 +- doc/mod/notification-telegram.md | 2 +- doc/mod/scriptrunonce.md | 2 +- doc/mod/ssh-keys-import.md | 2 +- doc/mode-button.md | 2 +- doc/netwatch-dns.md | 2 +- doc/netwatch-notify.md | 2 +- doc/ospf-to-leds.md | 2 +- doc/packages-update.md | 2 +- doc/ppp-on-up.md | 2 +- doc/sms-action.md | 2 +- doc/sms-forward.md | 2 +- doc/super-mario-theme.md | 2 +- doc/telegram-chat.md | 2 +- doc/unattended-lte-firmware-upgrade.md | 2 +- doc/update-gre-address.md | 2 +- doc/update-tunnelbroker.md | 2 +- firmware-upgrade-reboot.rsc | 2 +- fw-addr-lists.rsc | 2 +- global-wait.rsc | 2 +- gps-track.rsc | 2 +- hotspot-to-wpa-cleanup.capsman.rsc | 2 +- hotspot-to-wpa-cleanup.template.rsc | 2 +- hotspot-to-wpa-cleanup.wifi.rsc | 2 +- hotspot-to-wpa.capsman.rsc | 2 +- hotspot-to-wpa.template.rsc | 2 +- hotspot-to-wpa.wifi.rsc | 2 +- ipsec-to-dns.rsc | 2 +- ipv6-update.rsc | 2 +- lease-script.rsc | 2 +- log-forward.rsc | 2 +- mod/bridge-port-to.rsc | 2 +- mod/bridge-port-vlan.rsc | 2 +- mod/notification-email.rsc | 2 +- mod/notification-matrix.rsc | 2 +- mod/notification-ntfy.rsc | 2 +- mod/notification-telegram.rsc | 2 +- mod/scriptrunonce.rsc | 2 +- mod/ssh-keys-import.rsc | 2 +- mode-button.rsc | 2 +- netwatch-dns.rsc | 2 +- netwatch-notify.rsc | 2 +- ospf-to-leds.rsc | 2 +- packages-update.rsc | 2 +- ppp-on-up.rsc | 2 +- sms-action.rsc | 2 +- sms-forward.rsc | 2 +- telegram-chat.rsc | 2 +- update-gre-address.rsc | 2 +- update-tunnelbroker.rsc | 2 +- 116 files changed, 116 insertions(+), 116 deletions(-) diff --git a/BRANCHES.md b/BRANCHES.md index f1062bb..2bacf8e 100644 --- a/BRANCHES.md +++ b/BRANCHES.md @@ -4,7 +4,7 @@ Installing from branches [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/CONTRIBUTIONS.md b/CONTRIBUTIONS.md index e9bf7d1..0b192fc 100644 --- a/CONTRIBUTIONS.md +++ b/CONTRIBUTIONS.md @@ -4,7 +4,7 @@ Past Contributions [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/INITIAL-COMMANDS.md b/INITIAL-COMMANDS.md index b3eff35..2be51c5 100644 --- a/INITIAL-COMMANDS.md +++ b/INITIAL-COMMANDS.md @@ -4,7 +4,7 @@ Initial commands [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/accesslist-duplicates.capsman.rsc b/accesslist-duplicates.capsman.rsc index 781ae78..d6e2928 100644 --- a/accesslist-duplicates.capsman.rsc +++ b/accesslist-duplicates.capsman.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # print duplicate antries in wireless access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md diff --git a/accesslist-duplicates.local.rsc b/accesslist-duplicates.local.rsc index b79a724..e90842d 100644 --- a/accesslist-duplicates.local.rsc +++ b/accesslist-duplicates.local.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # print duplicate antries in wireless access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md diff --git a/accesslist-duplicates.template.rsc b/accesslist-duplicates.template.rsc index b8067c8..d275340 100644 --- a/accesslist-duplicates.template.rsc +++ b/accesslist-duplicates.template.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # print duplicate antries in wireless access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md diff --git a/accesslist-duplicates.wifi.rsc b/accesslist-duplicates.wifi.rsc index c05e02c..f4dae4b 100644 --- a/accesslist-duplicates.wifi.rsc +++ b/accesslist-duplicates.wifi.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # print duplicate antries in wireless access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md diff --git a/backup-cloud.rsc b/backup-cloud.rsc index 697ee95..f70752e 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: backup-script, order=40 -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # upload backup to MikroTik cloud # https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-cloud.md diff --git a/backup-email.rsc b/backup-email.rsc index c32eb27..e507c6e 100644 --- a/backup-email.rsc +++ b/backup-email.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: backup-script, order=20 -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # create and email backup and config file # https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-email.md diff --git a/backup-partition.rsc b/backup-partition.rsc index 34cdc8f..23dd7ef 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: backup-script, order=70 -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # save configuration to fallback partition # https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-partition.md diff --git a/backup-upload.rsc b/backup-upload.rsc index 1dc98d5..8d96eba 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: backup-script, order=50 -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # create and upload backup and config file # https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-upload.md diff --git a/capsman-download-packages.capsman.rsc b/capsman-download-packages.capsman.rsc index 1247d9a..f2ff024 100644 --- a/capsman-download-packages.capsman.rsc +++ b/capsman-download-packages.capsman.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # download and cleanup packages for CAP installation from CAPsMAN # https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-download-packages.md diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index 8418841..ad9b926 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # download and cleanup packages for CAP installation from CAPsMAN # https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-download-packages.md diff --git a/capsman-download-packages.wifi.rsc b/capsman-download-packages.wifi.rsc index c5a6999..056136f 100644 --- a/capsman-download-packages.wifi.rsc +++ b/capsman-download-packages.wifi.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # download and cleanup packages for CAP installation from CAPsMAN # https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-download-packages.md diff --git a/capsman-rolling-upgrade.capsman.rsc b/capsman-rolling-upgrade.capsman.rsc index e9ca5cc..f287ea3 100644 --- a/capsman-rolling-upgrade.capsman.rsc +++ b/capsman-rolling-upgrade.capsman.rsc @@ -5,7 +5,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: capsman-rolling-upgrade.capsman -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # upgrade CAPs one after another # https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-rolling-upgrade.md diff --git a/capsman-rolling-upgrade.template.rsc b/capsman-rolling-upgrade.template.rsc index a28d7f7..3d98747 100644 --- a/capsman-rolling-upgrade.template.rsc +++ b/capsman-rolling-upgrade.template.rsc @@ -5,7 +5,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: capsman-rolling-upgrade%TEMPL% -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # upgrade CAPs one after another # https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-rolling-upgrade.md diff --git a/capsman-rolling-upgrade.wifi.rsc b/capsman-rolling-upgrade.wifi.rsc index 22f8818..369dccc 100644 --- a/capsman-rolling-upgrade.wifi.rsc +++ b/capsman-rolling-upgrade.wifi.rsc @@ -5,7 +5,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: capsman-rolling-upgrade.wifi -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # upgrade CAPs one after another # https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-rolling-upgrade.md diff --git a/certificate-renew-issued.rsc b/certificate-renew-issued.rsc index 7815443..f2c1dfe 100644 --- a/certificate-renew-issued.rsc +++ b/certificate-renew-issued.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # renew locally issued certificates # https://git.eworm.de/cgit/routeros-scripts/about/doc/certificate-renew-issued.md diff --git a/check-certificates.rsc b/check-certificates.rsc index c9622b7..7aaac84 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # check for certificate validity # https://git.eworm.de/cgit/routeros-scripts/about/doc/check-certificates.md diff --git a/check-health.rsc b/check-health.rsc index a769fa8..540336d 100644 --- a/check-health.rsc +++ b/check-health.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # check for RouterOS health state # https://git.eworm.de/cgit/routeros-scripts/about/doc/check-health.md diff --git a/check-lte-firmware-upgrade.rsc b/check-lte-firmware-upgrade.rsc index 5ea094e..2e52c2a 100644 --- a/check-lte-firmware-upgrade.rsc +++ b/check-lte-firmware-upgrade.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # check for LTE firmware upgrade, send notification # https://git.eworm.de/cgit/routeros-scripts/about/doc/check-lte-firmware-upgrade.md diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index 6dca99a..d45432a 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # check for RouterOS update, send notification and/or install # https://git.eworm.de/cgit/routeros-scripts/about/doc/check-routeros-update.md diff --git a/collect-wireless-mac.capsman.rsc b/collect-wireless-mac.capsman.rsc index 74c0754..9efa9ef 100644 --- a/collect-wireless-mac.capsman.rsc +++ b/collect-wireless-mac.capsman.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=40 -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # collect wireless mac adresses in access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md diff --git a/collect-wireless-mac.local.rsc b/collect-wireless-mac.local.rsc index 8a60fea..27c9d1c 100644 --- a/collect-wireless-mac.local.rsc +++ b/collect-wireless-mac.local.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=40 -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # collect wireless mac adresses in access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md diff --git a/collect-wireless-mac.template.rsc b/collect-wireless-mac.template.rsc index c5cf74a..d41c17d 100644 --- a/collect-wireless-mac.template.rsc +++ b/collect-wireless-mac.template.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=40 -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # collect wireless mac adresses in access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md diff --git a/collect-wireless-mac.wifi.rsc b/collect-wireless-mac.wifi.rsc index 12c3361..0075320 100644 --- a/collect-wireless-mac.wifi.rsc +++ b/collect-wireless-mac.wifi.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=40 -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # collect wireless mac adresses in access list # https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md diff --git a/daily-psk.capsman.rsc b/daily-psk.capsman.rsc index cd5b6b0..6dafc08 100644 --- a/daily-psk.capsman.rsc +++ b/daily-psk.capsman.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # update daily PSK (pre shared key) # https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md diff --git a/daily-psk.local.rsc b/daily-psk.local.rsc index fbdb784..4709f3a 100644 --- a/daily-psk.local.rsc +++ b/daily-psk.local.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # update daily PSK (pre shared key) # https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md diff --git a/daily-psk.template.rsc b/daily-psk.template.rsc index 35fa82c..6b7f5fd 100644 --- a/daily-psk.template.rsc +++ b/daily-psk.template.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # update daily PSK (pre shared key) # https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md diff --git a/daily-psk.wifi.rsc b/daily-psk.wifi.rsc index c1f7133..90c6ac5 100644 --- a/daily-psk.wifi.rsc +++ b/daily-psk.wifi.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # update daily PSK (pre shared key) # https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md diff --git a/dhcp-lease-comment.capsman.rsc b/dhcp-lease-comment.capsman.rsc index b7f3589..c435ec3 100644 --- a/dhcp-lease-comment.capsman.rsc +++ b/dhcp-lease-comment.capsman.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=60 -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # update dhcp-server lease comment with infos from access-list # https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md diff --git a/dhcp-lease-comment.local.rsc b/dhcp-lease-comment.local.rsc index e35bbe7..27e6605 100644 --- a/dhcp-lease-comment.local.rsc +++ b/dhcp-lease-comment.local.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=60 -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # update dhcp-server lease comment with infos from access-list # https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md diff --git a/dhcp-lease-comment.template.rsc b/dhcp-lease-comment.template.rsc index d4323ad..c562ca2 100644 --- a/dhcp-lease-comment.template.rsc +++ b/dhcp-lease-comment.template.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=60 -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # update dhcp-server lease comment with infos from access-list # https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md diff --git a/dhcp-lease-comment.wifi.rsc b/dhcp-lease-comment.wifi.rsc index f67ce6e..ba617d7 100644 --- a/dhcp-lease-comment.wifi.rsc +++ b/dhcp-lease-comment.wifi.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=60 -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # update dhcp-server lease comment with infos from access-list # https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md diff --git a/dhcp-to-dns.rsc b/dhcp-to-dns.rsc index a3d41c9..0ab5e2a 100644 --- a/dhcp-to-dns.rsc +++ b/dhcp-to-dns.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=20 -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # check DHCP leases and add/remove/update DNS entries # https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-to-dns.md diff --git a/doc/accesslist-duplicates.md b/doc/accesslist-duplicates.md index a1f9198..a6302f5 100644 --- a/doc/accesslist-duplicates.md +++ b/doc/accesslist-duplicates.md @@ -4,7 +4,7 @@ Find and remove access list duplicates [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/backup-cloud.md b/doc/backup-cloud.md index 1f9e123..d658760 100644 --- a/doc/backup-cloud.md +++ b/doc/backup-cloud.md @@ -4,7 +4,7 @@ Upload backup to Mikrotik cloud [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/backup-email.md b/doc/backup-email.md index 3b1dbb2..aedae4d 100644 --- a/doc/backup-email.md +++ b/doc/backup-email.md @@ -4,7 +4,7 @@ Send backup via e-mail [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/backup-partition.md b/doc/backup-partition.md index 1cef2c9..9f62967 100644 --- a/doc/backup-partition.md +++ b/doc/backup-partition.md @@ -4,7 +4,7 @@ Save configuration to fallback partition [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/backup-upload.md b/doc/backup-upload.md index c44217c..f2858b2 100644 --- a/doc/backup-upload.md +++ b/doc/backup-upload.md @@ -4,7 +4,7 @@ Upload backup to server [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/capsman-download-packages.md b/doc/capsman-download-packages.md index c68900e..d719934 100644 --- a/doc/capsman-download-packages.md +++ b/doc/capsman-download-packages.md @@ -4,7 +4,7 @@ Download packages for CAP upgrade from CAPsMAN [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/capsman-rolling-upgrade.md b/doc/capsman-rolling-upgrade.md index 27d855f..f366d40 100644 --- a/doc/capsman-rolling-upgrade.md +++ b/doc/capsman-rolling-upgrade.md @@ -4,7 +4,7 @@ Run rolling CAP upgrades from CAPsMAN [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/certificate-renew-issued.md b/doc/certificate-renew-issued.md index 91a1914..096e07b 100644 --- a/doc/certificate-renew-issued.md +++ b/doc/certificate-renew-issued.md @@ -4,7 +4,7 @@ Renew locally issued certificates [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/check-certificates.md b/doc/check-certificates.md index 636f719..4188815 100644 --- a/doc/check-certificates.md +++ b/doc/check-certificates.md @@ -4,7 +4,7 @@ Renew certificates and notify on expiration [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/check-health.md b/doc/check-health.md index f94a0bf..578ea43 100644 --- a/doc/check-health.md +++ b/doc/check-health.md @@ -4,7 +4,7 @@ Notify about health state [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/check-lte-firmware-upgrade.md b/doc/check-lte-firmware-upgrade.md index 59a62c7..66b2cf5 100644 --- a/doc/check-lte-firmware-upgrade.md +++ b/doc/check-lte-firmware-upgrade.md @@ -4,7 +4,7 @@ Notify on LTE firmware upgrade [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/check-routeros-update.md b/doc/check-routeros-update.md index f9d485c..2e9b8aa 100644 --- a/doc/check-routeros-update.md +++ b/doc/check-routeros-update.md @@ -4,7 +4,7 @@ Notify on RouterOS update [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/collect-wireless-mac.md b/doc/collect-wireless-mac.md index 57032d8..84c111d 100644 --- a/doc/collect-wireless-mac.md +++ b/doc/collect-wireless-mac.md @@ -4,7 +4,7 @@ Collect MAC addresses in wireless access list [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/daily-psk.md b/doc/daily-psk.md index 3894d52..2a15af5 100644 --- a/doc/daily-psk.md +++ b/doc/daily-psk.md @@ -4,7 +4,7 @@ Use wireless network with daily psk [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/dhcp-lease-comment.md b/doc/dhcp-lease-comment.md index f95b124..6a4c930 100644 --- a/doc/dhcp-lease-comment.md +++ b/doc/dhcp-lease-comment.md @@ -4,7 +4,7 @@ Comment DHCP leases with info from access list [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/dhcp-to-dns.md b/doc/dhcp-to-dns.md index 13d5ef3..572011f 100644 --- a/doc/dhcp-to-dns.md +++ b/doc/dhcp-to-dns.md @@ -4,7 +4,7 @@ Create DNS records for DHCP leases [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/firmware-upgrade-reboot.md b/doc/firmware-upgrade-reboot.md index bac17a7..7ab6ac5 100644 --- a/doc/firmware-upgrade-reboot.md +++ b/doc/firmware-upgrade-reboot.md @@ -4,7 +4,7 @@ Automatically upgrade firmware and reboot [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/fw-addr-lists.md b/doc/fw-addr-lists.md index e9a8ff7..2008c7e 100644 --- a/doc/fw-addr-lists.md +++ b/doc/fw-addr-lists.md @@ -4,7 +4,7 @@ Download, import and update firewall address-lists [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/global-wait.md b/doc/global-wait.md index 4b42717..6787d20 100644 --- a/doc/global-wait.md +++ b/doc/global-wait.md @@ -4,7 +4,7 @@ Wait for global functions and modules [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/gps-track.md b/doc/gps-track.md index 7006fb3..9685899 100644 --- a/doc/gps-track.md +++ b/doc/gps-track.md @@ -4,7 +4,7 @@ Send GPS position to server [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/hotspot-to-wpa.md b/doc/hotspot-to-wpa.md index 275fe4d..07d07dc 100644 --- a/doc/hotspot-to-wpa.md +++ b/doc/hotspot-to-wpa.md @@ -4,7 +4,7 @@ Use WPA network with hotspot credentials [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/ip-addr-bridge.md b/doc/ip-addr-bridge.md index 941a8ae..ddbcc0a 100644 --- a/doc/ip-addr-bridge.md +++ b/doc/ip-addr-bridge.md @@ -4,7 +4,7 @@ Manage IP addresses with bridge status [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/ipsec-to-dns.md b/doc/ipsec-to-dns.md index 0a91960..a688e80 100644 --- a/doc/ipsec-to-dns.md +++ b/doc/ipsec-to-dns.md @@ -4,7 +4,7 @@ Create DNS records for IPSec peers [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/ipv6-update.md b/doc/ipv6-update.md index 20265fe..88600c5 100644 --- a/doc/ipv6-update.md +++ b/doc/ipv6-update.md @@ -4,7 +4,7 @@ Update configuration on IPv6 prefix change [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/lease-script.md b/doc/lease-script.md index 4d2f3bc..1b59ff7 100644 --- a/doc/lease-script.md +++ b/doc/lease-script.md @@ -4,7 +4,7 @@ Run other scripts on DHCP lease [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/leds-mode.md b/doc/leds-mode.md index 90ea418..c01472e 100644 --- a/doc/leds-mode.md +++ b/doc/leds-mode.md @@ -4,7 +4,7 @@ Manage LEDs dark mode [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/log-forward.md b/doc/log-forward.md index 44409dc..55b1540 100644 --- a/doc/log-forward.md +++ b/doc/log-forward.md @@ -4,7 +4,7 @@ Forward log messages via notification [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/bridge-port-to.md b/doc/mod/bridge-port-to.md index 5c8bebc..2ed9dc7 100644 --- a/doc/mod/bridge-port-to.md +++ b/doc/mod/bridge-port-to.md @@ -4,7 +4,7 @@ Manage ports in bridge [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/bridge-port-vlan.md b/doc/mod/bridge-port-vlan.md index d23d5b5..ded2603 100644 --- a/doc/mod/bridge-port-vlan.md +++ b/doc/mod/bridge-port-vlan.md @@ -4,7 +4,7 @@ Manage VLANs on bridge ports [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/notification-email.md b/doc/mod/notification-email.md index 2138e31..0bef455 100644 --- a/doc/mod/notification-email.md +++ b/doc/mod/notification-email.md @@ -4,7 +4,7 @@ Send notifications via e-mail [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/notification-matrix.md b/doc/mod/notification-matrix.md index 18b6607..c96a719 100644 --- a/doc/mod/notification-matrix.md +++ b/doc/mod/notification-matrix.md @@ -4,7 +4,7 @@ Send notifications via Matrix [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/notification-ntfy.md b/doc/mod/notification-ntfy.md index b2330a5..2a43e3c 100644 --- a/doc/mod/notification-ntfy.md +++ b/doc/mod/notification-ntfy.md @@ -4,7 +4,7 @@ Send notifications via Ntfy [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/notification-telegram.md b/doc/mod/notification-telegram.md index 159fda9..f55f936 100644 --- a/doc/mod/notification-telegram.md +++ b/doc/mod/notification-telegram.md @@ -4,7 +4,7 @@ Send notifications via Telegram [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/scriptrunonce.md b/doc/mod/scriptrunonce.md index c5fa891..0127c6d 100644 --- a/doc/mod/scriptrunonce.md +++ b/doc/mod/scriptrunonce.md @@ -4,7 +4,7 @@ Download script and run it once [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/ssh-keys-import.md b/doc/mod/ssh-keys-import.md index 88524ab..dcfd95b 100644 --- a/doc/mod/ssh-keys-import.md +++ b/doc/mod/ssh-keys-import.md @@ -4,7 +4,7 @@ Import ssh keys for public key authentication [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mode-button.md b/doc/mode-button.md index 8734352..7feb19f 100644 --- a/doc/mode-button.md +++ b/doc/mode-button.md @@ -4,7 +4,7 @@ Mode button with multiple presses [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/netwatch-dns.md b/doc/netwatch-dns.md index 9fe486e..ff6c29c 100644 --- a/doc/netwatch-dns.md +++ b/doc/netwatch-dns.md @@ -4,7 +4,7 @@ Manage DNS and DoH servers from netwatch [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/netwatch-notify.md b/doc/netwatch-notify.md index 2db32bb..f504ed7 100644 --- a/doc/netwatch-notify.md +++ b/doc/netwatch-notify.md @@ -4,7 +4,7 @@ Notify on host up and down [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/ospf-to-leds.md b/doc/ospf-to-leds.md index 121f77b..23248b5 100644 --- a/doc/ospf-to-leds.md +++ b/doc/ospf-to-leds.md @@ -4,7 +4,7 @@ Visualize OSPF state via LEDs [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/packages-update.md b/doc/packages-update.md index fae3896..8b0d4a3 100644 --- a/doc/packages-update.md +++ b/doc/packages-update.md @@ -4,7 +4,7 @@ Manage system update [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/ppp-on-up.md b/doc/ppp-on-up.md index 21847c7..7902f3b 100644 --- a/doc/ppp-on-up.md +++ b/doc/ppp-on-up.md @@ -4,7 +4,7 @@ Run scripts on ppp connection [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/sms-action.md b/doc/sms-action.md index b4678af..5de7f0d 100644 --- a/doc/sms-action.md +++ b/doc/sms-action.md @@ -4,7 +4,7 @@ Act on received SMS [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/sms-forward.md b/doc/sms-forward.md index 597410b..8e7417b 100644 --- a/doc/sms-forward.md +++ b/doc/sms-forward.md @@ -4,7 +4,7 @@ Forward received SMS [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/super-mario-theme.md b/doc/super-mario-theme.md index e4bae2e..2ffb25b 100644 --- a/doc/super-mario-theme.md +++ b/doc/super-mario-theme.md @@ -4,7 +4,7 @@ Play Super Mario theme [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/telegram-chat.md b/doc/telegram-chat.md index eb4acf5..95f8cf9 100644 --- a/doc/telegram-chat.md +++ b/doc/telegram-chat.md @@ -4,7 +4,7 @@ Chat with your router and send commands via Telegram bot [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/unattended-lte-firmware-upgrade.md b/doc/unattended-lte-firmware-upgrade.md index 6680447..e9a888c 100644 --- a/doc/unattended-lte-firmware-upgrade.md +++ b/doc/unattended-lte-firmware-upgrade.md @@ -4,7 +4,7 @@ Install LTE firmware upgrade [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/update-gre-address.md b/doc/update-gre-address.md index 80902b9..7e101c4 100644 --- a/doc/update-gre-address.md +++ b/doc/update-gre-address.md @@ -4,7 +4,7 @@ Update GRE configuration with dynamic addresses [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/update-tunnelbroker.md b/doc/update-tunnelbroker.md index 2539e2f..126d470 100644 --- a/doc/update-tunnelbroker.md +++ b/doc/update-tunnelbroker.md @@ -4,7 +4,7 @@ Update tunnelbroker configuration [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.13-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/firmware-upgrade-reboot.rsc b/firmware-upgrade-reboot.rsc index 169a2e0..74847ac 100644 --- a/firmware-upgrade-reboot.rsc +++ b/firmware-upgrade-reboot.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2022-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # install firmware upgrade, and reboot # https://git.eworm.de/cgit/routeros-scripts/about/doc/firmware-upgrade-reboot.md diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 007282c..4930e86 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2023-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # download, import and update firewall address-lists # https://git.eworm.de/cgit/routeros-scripts/about/doc/fw-addr-lists.md diff --git a/global-wait.rsc b/global-wait.rsc index 239f575..f0631e2 100644 --- a/global-wait.rsc +++ b/global-wait.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # wait for global-functions to finish # https://git.eworm.de/cgit/routeros-scripts/about/doc/global-wait.md diff --git a/gps-track.rsc b/gps-track.rsc index e2a4e16..a2ea9ff 100644 --- a/gps-track.rsc +++ b/gps-track.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # track gps data by sending json data to http server # https://git.eworm.de/cgit/routeros-scripts/about/doc/gps-track.md diff --git a/hotspot-to-wpa-cleanup.capsman.rsc b/hotspot-to-wpa-cleanup.capsman.rsc index 8f55d71..29bd48d 100644 --- a/hotspot-to-wpa-cleanup.capsman.rsc +++ b/hotspot-to-wpa-cleanup.capsman.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=80 -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # manage and clean up private WPA passphrase after hotspot login # https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc index 7ac996c..06dd9f0 100644 --- a/hotspot-to-wpa-cleanup.template.rsc +++ b/hotspot-to-wpa-cleanup.template.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=80 -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # manage and clean up private WPA passphrase after hotspot login # https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md diff --git a/hotspot-to-wpa-cleanup.wifi.rsc b/hotspot-to-wpa-cleanup.wifi.rsc index 39c9f25..7c74d10 100644 --- a/hotspot-to-wpa-cleanup.wifi.rsc +++ b/hotspot-to-wpa-cleanup.wifi.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=80 -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # manage and clean up private WPA passphrase after hotspot login # https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md diff --git a/hotspot-to-wpa.capsman.rsc b/hotspot-to-wpa.capsman.rsc index 113c95d..b85c591 100644 --- a/hotspot-to-wpa.capsman.rsc +++ b/hotspot-to-wpa.capsman.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # add private WPA passphrase after hotspot login # https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md diff --git a/hotspot-to-wpa.template.rsc b/hotspot-to-wpa.template.rsc index 10f0c7e..44607cc 100644 --- a/hotspot-to-wpa.template.rsc +++ b/hotspot-to-wpa.template.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # add private WPA passphrase after hotspot login # https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md diff --git a/hotspot-to-wpa.wifi.rsc b/hotspot-to-wpa.wifi.rsc index dbf50e0..25933c6 100644 --- a/hotspot-to-wpa.wifi.rsc +++ b/hotspot-to-wpa.wifi.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # add private WPA passphrase after hotspot login # https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md diff --git a/ipsec-to-dns.rsc b/ipsec-to-dns.rsc index 8894eee..bd74a8f 100644 --- a/ipsec-to-dns.rsc +++ b/ipsec-to-dns.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2021-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # and add/remove/update DNS entries from IPSec mode-config # https://git.eworm.de/cgit/routeros-scripts/about/doc/ipsec-to-dns.md diff --git a/ipv6-update.rsc b/ipv6-update.rsc index ec9a03a..0577bdc 100644 --- a/ipv6-update.rsc +++ b/ipv6-update.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # update firewall and dns settings on IPv6 prefix change # https://git.eworm.de/cgit/routeros-scripts/about/doc/ipv6-update.md diff --git a/lease-script.rsc b/lease-script.rsc index a9d4b68..f484414 100644 --- a/lease-script.rsc +++ b/lease-script.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # run scripts on DHCP lease # https://git.eworm.de/cgit/routeros-scripts/about/doc/lease-script.md diff --git a/log-forward.rsc b/log-forward.rsc index 7abcb4d..5133e73 100644 --- a/log-forward.rsc +++ b/log-forward.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # forward log messages via notification # https://git.eworm.de/cgit/routeros-scripts/about/doc/log-forward.md diff --git a/mod/bridge-port-to.rsc b/mod/bridge-port-to.rsc index 000532a..7dae679 100644 --- a/mod/bridge-port-to.rsc +++ b/mod/bridge-port-to.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # reset bridge ports to default bridge # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/bridge-port-to.md diff --git a/mod/bridge-port-vlan.rsc b/mod/bridge-port-vlan.rsc index 760e8a6..c9f55ae 100644 --- a/mod/bridge-port-vlan.rsc +++ b/mod/bridge-port-vlan.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # manage VLANs on bridge ports # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/bridge-port-vlan.md diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index df2e81a..3d62ddf 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # send notifications via e-mail # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/notification-email.md diff --git a/mod/notification-matrix.rsc b/mod/notification-matrix.rsc index 196633a..3adc1df 100644 --- a/mod/notification-matrix.rsc +++ b/mod/notification-matrix.rsc @@ -4,7 +4,7 @@ # Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # send notifications via Matrix # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/notification-matrix.md diff --git a/mod/notification-ntfy.rsc b/mod/notification-ntfy.rsc index cdc10e7..661f69f 100644 --- a/mod/notification-ntfy.rsc +++ b/mod/notification-ntfy.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # send notifications via Ntfy (ntfy.sh) # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/notification-ntfy.md diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index 1890483..671bd1c 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # send notifications via Telegram # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/notification-telegram.md diff --git a/mod/scriptrunonce.rsc b/mod/scriptrunonce.rsc index c3972a0..3d5dce9 100644 --- a/mod/scriptrunonce.rsc +++ b/mod/scriptrunonce.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # download script and run it once # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/scriptrunonce.md diff --git a/mod/ssh-keys-import.rsc b/mod/ssh-keys-import.rsc index 6272a93..8cafa95 100644 --- a/mod/ssh-keys-import.rsc +++ b/mod/ssh-keys-import.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # import ssh keys for public key authentication # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/ssh-keys-import.md diff --git a/mode-button.rsc b/mode-button.rsc index 4994f6b..7908a7f 100644 --- a/mode-button.rsc +++ b/mode-button.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # act on multiple mode and reset button presses # https://git.eworm.de/cgit/routeros-scripts/about/doc/mode-button.md diff --git a/netwatch-dns.rsc b/netwatch-dns.rsc index 09365ba..9635be6 100644 --- a/netwatch-dns.rsc +++ b/netwatch-dns.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2022-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # monitor and manage dns/doh with netwatch # https://git.eworm.de/cgit/routeros-scripts/about/doc/netwatch-dns.md diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index 17682f0..b658eae 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # monitor netwatch and send notifications # https://git.eworm.de/cgit/routeros-scripts/about/doc/netwatch-notify.md diff --git a/ospf-to-leds.rsc b/ospf-to-leds.rsc index 0932815..b78faa4 100644 --- a/ospf-to-leds.rsc +++ b/ospf-to-leds.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # visualize ospf instance state via leds # https://git.eworm.de/cgit/routeros-scripts/about/doc/ospf-to-leds.md diff --git a/packages-update.rsc b/packages-update.rsc index 97039ec..b08a48d 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2019-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # download packages and reboot for installation # https://git.eworm.de/cgit/routeros-scripts/about/doc/packages-update.md diff --git a/ppp-on-up.rsc b/ppp-on-up.rsc index 6484ecb..337b32d 100644 --- a/ppp-on-up.rsc +++ b/ppp-on-up.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # run scripts on ppp up # https://git.eworm.de/cgit/routeros-scripts/about/doc/ppp-on-up.md diff --git a/sms-action.rsc b/sms-action.rsc index 70bfb28..c896659 100644 --- a/sms-action.rsc +++ b/sms-action.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # run action on received SMS # https://git.eworm.de/cgit/routeros-scripts/about/doc/sms-action.md diff --git a/sms-forward.rsc b/sms-forward.rsc index 477d11e..0d493b6 100644 --- a/sms-forward.rsc +++ b/sms-forward.rsc @@ -4,7 +4,7 @@ # Anatoly Bubenkov # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # forward SMS to e-mail # https://git.eworm.de/cgit/routeros-scripts/about/doc/sms-forward.md diff --git a/telegram-chat.rsc b/telegram-chat.rsc index 1c274ec..2bdc04d 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2023-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # use Telegram to chat with your Router and send commands # https://git.eworm.de/cgit/routeros-scripts/about/doc/telegram-chat.md diff --git a/update-gre-address.rsc b/update-gre-address.rsc index 76d0c81..6dd829d 100644 --- a/update-gre-address.rsc +++ b/update-gre-address.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # update gre interface remote address with dynamic address from # ipsec remote peer diff --git a/update-tunnelbroker.rsc b/update-tunnelbroker.rsc index f9ba202..67a5d30 100644 --- a/update-tunnelbroker.rsc +++ b/update-tunnelbroker.rsc @@ -5,7 +5,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: ppp-on-up -# requires RouterOS, version=7.13 +# requires RouterOS, version=7.14 # # update local address of tunnelbroker interface # https://git.eworm.de/cgit/routeros-scripts/about/doc/update-tunnelbroker.md From 8ea780554164ef14e5fddc1ab8692eec455a0d0c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 22 Jul 2024 17:57:22 +0200 Subject: [PATCH 568/908] global-functions: $EitherOr: pass boolean value Note that literal "true" or "false" (even without quotes) is converted to string. So you may have to enclose it in parentheses for a boolean value: > :put [ :typeof [ $EitherOr true false ] ]; str > :put [ :typeof [ $EitherOr (true) (false) ] ]; bool --- global-functions.rsc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 54dcb68..4f37fa5 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -382,6 +382,9 @@ :set EitherOr do={ :global IfThenElse; + :if ([ :typeof $1 ] = "bool") do={ + :return $1; + } :if ([ :typeof $1 ] = "num") do={ :return [ $IfThenElse ($1 != 0) $1 $2 ]; } From 511184a4a7bbabd6b7789defb9cc65c22bb50664 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 22 Jul 2024 21:13:02 +0200 Subject: [PATCH 569/908] global-functions: $EitherOr: revert... ... but leave a comment. --- global-functions.rsc | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 4f37fa5..41120fd 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -382,15 +382,13 @@ :set EitherOr do={ :global IfThenElse; - :if ([ :typeof $1 ] = "bool") do={ - :return $1; - } :if ([ :typeof $1 ] = "num") do={ :return [ $IfThenElse ($1 != 0) $1 $2 ]; } :if ([ :typeof $1 ] = "time") do={ :return [ $IfThenElse ($1 > 0s) $1 $2 ]; } + # this works for boolean values, literal ones with parentheses :return [ $IfThenElse ([ :len [ :tostr $1 ] ] > 0) $1 $2 ]; } From 22d93d07081cd23954abcae66aa448794f3dda51 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 23 Apr 2024 10:13:33 +0200 Subject: [PATCH 570/908] README: drop command to remove certificate file... ... as this is done automatically with RouterOS 7.15rc1 and later. Not bumping the required RouterOS version (badge) here... Worst thing that can happen is a stale certificate file left on storage. --- README.d/03-check-certs.avif | Bin 8932 -> 8047 bytes README.md | 3 +-- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/README.d/03-check-certs.avif b/README.d/03-check-certs.avif index 46b7220f1df02c8379e95113aeb13bf91859de0f..4717b3ea9cc9436ab94be0e471263f601fcf47c8 100644 GIT binary patch delta 3868 zcma)%_dnE+G8IIZh!dJ@ z0g;0UCMQ62h^%Om=OFbE!KN6Z6$p4g-eGH-5|P>?Ds4GQavHbx%Ld%iwW;)QWWt+#+l<^V!ww42Bj)VXOYhKU zqT=#3kJnPWG)604)dbNNjSTtUUWLDw#fjer2af) zDr7kSsFQV6FiICvOmED}za@8hgPmT|C>ss9m{Adi8#!67Il^FJI`-b~(w zO_g_0-j9a(-(|+%w^~0KIMC~mctnfHCPxag)InZd%u+hL%J<)O*;+7e(c}3L_C>BmiZ42U#qY6 z7#WF6Kl*Cq1JTy|F{_}rGWh5DjP=}ZdPJbuwI=PVK6C3^SfjShZTJA<%OT4~@;_?D zJHc}^z2%9Y&?C{Bi;bA}Bo)WRZonB4(;0+Tsyo&xi{6alay9c`aOm4}RBuE7ynp(( zg8vbPxePy9r~K}&9x;ojqnlKw>GH6Hw6o#rjIxSj_;QDDivs8u&Y(0FkZO;FsgGFQ z<3^F>h%0U6mwFkgm5<~z)!?(q84*7?}A3_^Nlk_d9y!TFsMlp1`k#J zN#$k>&d8Mg5A?E~BiT)qNP$!gI&U7O-4q4GMd9e9!UKK}fM|LwOdt1x9An~L!$dew=gpvBkzLEFY0C`t8qZqn}`MApcH(c|el5v+Ue~$O< z73amU73*AFlXtNIvD_#L*GMg2vJVE19;@vh(q$f$*pvi_OO3q5;abaaXG06AX$Gm5 zlkaK4N=FrQbI!j&pc)?kg!f3LiE2aEWGN+!T$Ao@9H2?nD!|gcRZH(R&Zb>mgza2& zZHfQ9`gBq%JBpdzdhYhY$i$Oyhw|MUsa@0o(~~=eKMp=OdH1eV?7qamn{FbU)u`XN z@qKJPx&M+#R-mAqjN6$ybDQ&223y|NhW+jc;@HFBIAvv_tZM!TC!(FGP#vlupIjZe zj_diWBxxy|U<$D{Z2LIDH4O>vr(G;b_8f#P6(Az?Cg;`pT(Cz&}Z%K*)CCbLrQ~Yq?6`n0JD`t<%cWc+> zWD0i+HsbG8>N9F&XqntQ-&Yx;>6&2cBS?P?oC zYmjTLP~NM)w#`q*j23;om}oV6#Mvmzh1AwjbO-Oxr0e#Ou27g~d(Lx?CUai1#}m>h z!;l3ku7Sqev}q9n29mK&pjRL?mJTN_zvse$lo5$b-dg08Nd7(@rnnp8`yneONN|VlPt8v!@}s2` z2e{&6C^wAqn1&=a0b}idr}9^}-t^L_X3HIaPnN`u4oMgfU!s8^3y$J=p;R6?_V`*h zg=MdJpB0P;Gx;J3@!BbA<|E!Tw%c9yWF^S|y7C6k1!~V;=r0)Q77to4DjeUPdkh4B zJm-?waLxjz->tg7-puJOobj&R`W6W}Cd0?NBB3u{P^qdw1H!Qkhzj%!z>A{y1K}K9 zyV;?6*m0}98~Tp;IjkoG{;km55VX=YcS;r!2tM;NA_r(Ci>Zx?N>FA!GKYGSztXMK zF!ux#h83E4YR%FBSD&xTzuv6#b8}*@Ygjp~>7=v8yGb)%e1688rqEd05)~o#(*Wz_kEK zEEywEK=l8Vde8ib^7lx775RQ-gEg+AUZJ$#a9#OpZ_awxy5YoMV3m8Uy7t-HhlWHp zyU}g9#J{Tcy+m;Qa@OijrIE}Oi~il5I#!_|ut%A{Hz@s$(-gSU(*8~-I75G=kY%n1 zSn-jw-vP+`sLl4bU($us+!*4V`E0i{O@XOk-2C^wj~_Xy!h z&x14)PI%t64`{u_nCI5~kgnRhO=y1ga|0xL29LL`G10O43*4cx_`ynRB@j#cPx+oq z?26Y9c_`SZ=qg#)TZ7P`M0u2TCH19d$@25F-iV>GxN%hu#INuQ8YPkVoGL}MuVsdq zszlu4DTmLPA29>h8-@4kuZ$*QpUN!7v4RC1kk)gXZ~pJ2^Mx6KVih zA&dmz@uSu{N2R3`KOcuPw#&!)AGjcywE4G271htKisLV9{bB&T^RKANud>bQd75 z`wK+9sbF>S``%ni-?FVij1q};j$2HU+m_l1g}ILj6Db-1jtkhB0lj`!r>^99$-r8L z|61ACsLLlVBc_KPyj%X!?O@>yKU&~=6c27?BG-rYhm95#DV!yQQLys;eqvUBf3wNo zNya|5SVqW{-ui*brWI*N*1wjUf-!s00tEcTSMjS#F)=<9Ty=6^8%Cwg_dKx)z_6o# zgh56Ky4}}R3IA>O{(4!d1ABKjFPAk?vlu2UuG-HfTgKVCF1J?9MR(>k-eipg_rG$b zQN-O46uf>Yw*^~pX#u|dxC`9({pEifDeB)NV2eI^ddo?H_?hsX2jHsWlm=0vHI4*_ zDzCm}P?dAN7-2!CoDqNa%|w+6E23^^VcOc6Yw|RAs9r6KY`$__3t%+)Kf%9q06lP< zLhk;toD41P7*etT`lyMB!GIDBl!}dZVek19MSlpN-zNQ3w8KifB&^sZnP%Pp@Hu-# zAe_l$(YWXGDTBRi*wkOw!u-5Jx$xrNanO8^w1H&oshlfcYS^+&o4oShThZulZb9xq zhTsbz#Iw=+?JeygJ&RR5Q(-e&)$l#Hn7@1rW)baxMxu6D~AN~$ripJBH7t0XFz z^+WP+#DMjXyZdHFr@(6{UZz!$3isB`Ds-Y`$Pk9Pr;V_>nTeKCuG#Z3AW9BC)}|uT zy%_hNRbRc5&4rhDL=ZF`>lRlOGmqS>%=dTBPvevv_I0nOx&xltWeIX1jN4q+iO0vZ z(GY{=@yJ<~YbAJnC>EsdyW6khwk&;Rqwag?^U_tUS(uvasvPxzZmhiHQ}oHV^Ibxi zLcEW<11E-hc?hS)!5*$s>ANF%sLR4u$i&{5Yk!)iwPj`PaW`D%%+qX_GMX{Xu>+p- z23A!XkN0Q-nvNLE$SD;alCA=}aUxrt4o!!4mhDlf{;Ez9b&I~D4|Lt1Pv37=*XOx3 zOg5{|REUrX&r#ggE@j&JrjkwmHi^VR`IAHYTb%Ua%aikAae>Wh zrxdOFBhRUattyU5>Ha2E@hle0;u0UjQ(492jKdHa-RtrlxX0sJGe&=_W2OOQBPQ}u zy^#TaBKZg;o-$9($It0qRpdH!_m6#Z;=?t;MUEyCL`tdZ8y<&}Kk~qJ%bp<+Os)E?I$1yJ9 z>U!gjJDxGcPLM(Nt6_fzgK)%29{&I}TMfz21mI_mq>i<{Z=vZaH1|{Zw%$vLBqiBo zjZ5?(GQpD7H4nnh;cl`A9tm(n!D!o-3jR0L@OllMWLl``Ldj!#p^zZ~|aTft|xTxgd~Az6PmmP55yVaHbFj!$gh zV-=<>wE6C!OHUE4x<*tpP9egTLc;(s$R1-a8RQ(}12$*2(`|zl@hUy3Srp6PJg|h!l^uQG?8tw zlt!|W>4UkK<;Z{a{{Z#ZXAP#2b|!nz5*1+(V9jw3ORz$4pdOe%mmal6G<^wXEWRW~ zjpC7+cd02Lz&zvT1dadzk%BwZbAyj7{E_Kl`C&uZ)ZOoGe;28Z7}Cix9U|%FMgl;L zP7kLBlG%(pjl097N|wT8^O8j0<}U7^Fu>y@uX^bq(|mtF2bm?eh{MYy>RF7D#kF?l zKQK8YvFXQS(B+G#*g+)F!{TUu$gZ1yXm_?0^ljXMz&RZ8+nV5&DJeG{SDR-qB}#LX zr1bM_u^zdh83GRqhi6@Yi&%(Lg1P$c8Oc4mcdYvhjXL7Z+Y@yLLsof@w z%G;hc5HZG7jANpXGBJwLIjv=D8&gwlsawdatgVa|Kj_{Xy0lf4lJ{{)I*t^!;6?^M zyq+sd#8J&GNBb+o#?_Wj-UPLYnMS~I@??*^803F{5{@y?HGkrbYgC8Hy}oIp++SlN z;GbM#oonK)YR#O%e9PuO_xTs*KQFiY3;9*GeHm%nR7L%bs(BGd{f~NN4$M#4o8|{- z1EzX|`PIRvO)h-R7U&RJfbxoEcWuBNZaFG2GfO{>b*qcJd75+)+qyh<>Yuw^j2H}c z##DbEzO_jBi&i&+?A|w?BN2z%yeMGc0gQ0K8n{ivV&PTCYkkFuZAFCAHTIJ_J)}taawbK<~RE!RUW7E>Ps=|MApEB#_*W__lr&4ts;`j4w@J6nQZKuyX zR+m~e%=b?ul57lDF>M3@ODGt_5=iGG)18Se{5t67-@;m>0z)guBS@eStOiwx&eNa7 zeJhMQh1r-)W@8|YqRt20WhzJF2_KDV>HaO%^yMiO=Yw7xac8H0YDinc8mHJyUn&Kc%vZ?gImR)c#MF~oXsuwrPlWX^wH0I} zGl9HyC3g~|k&OPeh`uk^7WPZie9v<5`2t2zO0Mwy3}ZPRYMgrBr46H6$8^FLE=u5X zSYf%wc@({sN4xx3Dm8AM_VZ@GnHzt{s>y3{rXj-!Vz-rJBsi4|09zZlRvmlep{}D= zvrEe>xGj7u6}*yLsftWnpP#JjHAb2F`K^PQKM} z_^Vqo2|nKYgKr-y<99sc81MQIL5_$fm6_b#^?RM4_BFGvm2Y|B3xg-wyt04LG9Z!F z23eV04^#7CocnW~Z(ygyM(}uL#e`6#FKsAA`NDu(EO2wQoQ}Qvl6m+%TdrFqX$|+5 zv8yTti3ZSmfyaJ7AxQoz)})uslJ|Upm4iG;NFz8SBeqZHRwGkd()B%0&b+bFjjo>> zg3IJb3jzmHpy!_0>ySA;b8mmNT}9$sl+vzaQ}PkyZDX|)b8Q^sCppGB>ryw3d_?>A zYH#!X@7s2J<6U2X@TxMnC16epNiG_bZv&#E;=!X%)${ z8Af#~CPLX!mH|U#kTJmZ6&$`B)uDmqmel$>|5J)V%7$A)c29UHW!LU@Q7&*Zs9OU44Ijmn2 z>S8e-LZ>+TV$AsT{Mi?aK4= z}Ue&Y-bo=YA0r%OGa^OV5AiBaGpcvVqVqPDTZD z1H?M~1{lV%sYYPOl%nQA<=_xDjPb!eJxu_55_st98n^Z|Iuu`OlIdApZy6VQj)xJ3 zBaVlu>J3_)>b@+o)_%vN+l9Hai_B?n3&#q^(jjF}ED*%R=js9E@m^f|j<0n*b3N7M zvp`5$H?d?Sl6imYlh5VtS{@qJ=Cajeitkd?t?benRL5;JirEP4hysz;M(M!$j&YJ` z16nVIz9E)PifsWMcSyhwkUlfF`>a1-Lx}$X;aPZu+&l`l%_=gfQ6U{m0C^ogQhmk< z&TFZ%zVNl}g`m{+{d7wutE|zPE?pF`17YCg5yl2V1FwHdY?s~=wzIh_t?P45_J(+2 zhD(()AR&SIfE%|noad>}u>kWuQ%sjhycW|-431+-GZ7>J${2M6oDhE+rCz5kr^7qD zo7r1YznV26V34ft#YVt0l;8!(=g@l!;I-&9{{Zb-n?#OQ(}J&-({HV0JL>AYlhClYgxGxRjw zEqs4Lp;+BnM{i*)Z6@dQi!owA9f$;H9eeXwLgT}PL|W49GRGKoUW~y2bIbFV+(t3R zDIRYP{_rKW@C5v%k&r*{uTR(7wMsVE^Zx*Va8#*XO{m`A;r)4zyTlrgi4$12wz`i- zdzcE`FOwTMAx|7OamhT4A47_xdE#AdZ0vv9TTL_><#;1>hCv`;6P~~H(Q$xzQN~nO z7N>RLskI&2eTCJ%p3l1NxwmJ~vEv!%Jx@+BXw5E|V6|9ak!4w(r)CEY840ujyRi@H z)N@?Xa^`95bw$gar?;o-be6itu?DfJTC5sqc_%?J!-U`Fa5o{#WsZJgP5~SYgHL}= z{?wCReQwxVO*?OwYlkSo_o3kP*|^WA(zN_Ax(wPkjAWA1JPT~teWEcV#&*fkvGSk0 z`f_oa;VWd(N)-8Gqp~@fusC zZD*!9M=Tht6O)2Z-uBLZwdd4TsZ)QpvHXAF9W>=lM$=b*w*48~N#i|bE-r1J$4g%| zUPnP2ZNOZSfZyy4XV7-VO$Uy(o5YMIj*!c>kVMeA2Lv8Q>~|lXaCB5B9&5FrDMOm} z)70#w@fNgN0PtB6G=U;Pyagnao*TJtbJqZ#MrzR2yh5`|=@y=$Sow*$_U?an^A2*~ z?vA*?1J^tq6`e%eyd9U{{zf&Fr7P2RUw`=?gAa)OL3yiNMID}!CAf!rov*c{L@k5! zX8-_4`=EM?)fT=qFht_dNxn|vy^6vI02kFvW+xWg+?;_}1A&J;T44`3( zatCZ|80o_>?}6kLR*5ycH*V*v*h%86i&!pg?EF0{UNcCrjIbmUgp#Le&fcV+-k14MJP;?E)M;pIdQn1y#`wckTZ(%`YDL@3%maS6n|ZtZl1iWp;#Nmx9NK^s9JHzenhJF)k#Fpfuw zi$=v*sZvLw1QGaxMK*>A>*DcluW@#6A&$_hOur^13dd}K9B%Fj&(VD;lYBzerGerW z_EGP1A#_F!xT##{cPD?G^W0Y`2~&_rIL8!}l6M=mj=20p)x6E=X{VvjMTxP{jB?y{ z{{T5O;qf0<-4n@Yr^@lJ-O@(qaP&VmG1rfC>s);l#C2)o?Ls&j6|mFx85T}a&&;Hd ze*XYml5^KQ_2!)y#64aX20MEd8FExaa6=rhBX>;m>z=2Ro=P-|0GjgU?{8CGt5o5D?I5GUFe!PZ3NEf0d*DcBlYP zvowE8<=rpMsFTWpxzukmSlEJf8*2|*4MtBu0b^zC``Cpz__*4dtUn~+$>~!i$K4ZqXYQL zL|6LeyVx>0nt9_|TtRnE6x9SOhUs}4zlD``ZTc%g{O zLun*VcXeK1MGGa=YarvUwmSKy#)k>Nd>f{7kg^kpe$o&BTGf1W>%aPPbADlym!bo$n5RO`y$PY~)#Z@l#QN9+HK1xw5xwU3+h zXT&Z~Y=Y!^Iww`4C|K9u)QW2iUm{skMX$IX=&tm(R`c5LiuTi0O_W7~jxWxiS#J_S zVlsRzXN_Iodj+C+C}nEMKzajp8hJnibOAps_^h%*bU)=~f8N0QaULLsJ4vuUAR^S^ z+9lS3aAz=1n058pjo#M_+DV%T5_xT|f->0Zg*BPeaR5DqlZ(UxSgY)m1Nevh4r#Yx zW3l`~0nL*pD1Zuom&ZPFh0NQT;?>Zv1k-$J5)fma=QY;a{{aUe3JlrPxWfZLW_GL; ziAvy|Sw`BYfAOI^>rF6xIVcz!?BRZs<0^(!?AyrVF6dzH$din+Oo&_aaf~ZISPi>skqZ`ZU=k}K$L4@I1M;|*S7Ckg$A)R&!;JbHhQ{WbCS{>+w m?X8>I9uN Date: Tue, 23 Apr 2024 10:14:47 +0200 Subject: [PATCH 571/908] INITIAL-COMMANDS: drop command to remove certificate file... ... as this is done automatically with RouterOS 7.15rc1 and later. --- INITIAL-COMMANDS.md | 1 - 1 file changed, 1 deletion(-) diff --git a/INITIAL-COMMANDS.md b/INITIAL-COMMANDS.md index 2be51c5..3f5f75c 100644 --- a/INITIAL-COMMANDS.md +++ b/INITIAL-COMMANDS.md @@ -23,7 +23,6 @@ Run the complete base installation: :if ([ :len [ /certificate/find where fingerprint="69729b8e15a86efc177a57afb7171dfc64add28c2fca8cf1507e34453ccb1470" ] ] != 1) do={ :error "Something is wrong with your certificates!"; }; - /file/remove [ find where name="ISRG-Root-X2.pem" ]; :delay 1s; /system/script/set name=("global-config-overlay-" . [ /system/clock/get date ] . "-" . [ /system/clock/get time ]) [ find where name="global-config-overlay" ]; :foreach Script in={ "global-config"; "global-config-overlay"; "global-functions" } do={ From 209c37664baddffb730dcb5d85ebc09b9bf8f3b0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 13 Mar 2024 09:13:39 +0100 Subject: [PATCH 572/908] netwatch-notify: do not switch type when resolving This requires RouterOS 7.15beta4, but let's bump the required version to next stable release instead. --- doc/netwatch-notify.md | 2 +- netwatch-notify.rsc | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/doc/netwatch-notify.md b/doc/netwatch-notify.md index f504ed7..948cbec 100644 --- a/doc/netwatch-notify.md +++ b/doc/netwatch-notify.md @@ -4,7 +4,7 @@ Notify on host up and down [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index b658eae..a49d0cd 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # monitor netwatch and send notifications # https://git.eworm.de/cgit/routeros-scripts/about/doc/netwatch-notify.md @@ -102,7 +102,8 @@ :if ([ :typeof ($HostInfo->"resolve") ] = "str") do={ :if ([ $IsDNSResolving ] = true) do={ :do { - :local Resolve [ :resolve ($HostInfo->"resolve") ]; + :local Resolve [ :resolve type=[ $IfThenElse ([ :typeof ($HostVal->"host") ] = "ip") \ + "ipv4" "ipv6" ] ($HostInfo->"resolve") ]; :if ($Resolve != $HostVal->"host") do={ :if ([ $ResolveExpected $ScriptName ($HostInfo->"resolve") ($HostVal->"host") ] = false) do={ $LogPrint info $ScriptName ("Name '" . $HostInfo->"resolve" . [ $IfThenElse \ From a017f2422442d71bac2ae7081e089e90a1636d83 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 May 2024 20:35:06 +0200 Subject: [PATCH 573/908] daily-psk: drop workaround for old RouterOS --- daily-psk.capsman.rsc | 3 +-- daily-psk.local.rsc | 3 +-- daily-psk.template.rsc | 5 ++--- daily-psk.wifi.rsc | 5 ++--- doc/daily-psk.md | 2 +- 5 files changed, 7 insertions(+), 11 deletions(-) diff --git a/daily-psk.capsman.rsc b/daily-psk.capsman.rsc index 6dafc08..0562e39 100644 --- a/daily-psk.capsman.rsc +++ b/daily-psk.capsman.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # update daily PSK (pre shared key) # https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md @@ -23,7 +23,6 @@ :global FormatLine; :global LogPrint; - :global RequiredRouterOS; :global ScriptLock; :global SendNotification2; :global SymbolForNotification; diff --git a/daily-psk.local.rsc b/daily-psk.local.rsc index 4709f3a..0bef0e9 100644 --- a/daily-psk.local.rsc +++ b/daily-psk.local.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # update daily PSK (pre shared key) # https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md @@ -23,7 +23,6 @@ :global FormatLine; :global LogPrint; - :global RequiredRouterOS; :global ScriptLock; :global SendNotification2; :global SymbolForNotification; diff --git a/daily-psk.template.rsc b/daily-psk.template.rsc index 6b7f5fd..9d71958 100644 --- a/daily-psk.template.rsc +++ b/daily-psk.template.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # update daily PSK (pre shared key) # https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md @@ -24,7 +24,6 @@ :global FormatLine; :global LogPrint; - :global RequiredRouterOS; :global ScriptLock; :global SendNotification2; :global SymbolForNotification; @@ -86,7 +85,7 @@ /interface/wireless/access-list/set $AccList private-pre-shared-key=$NewPsk; :if ([ :len [ /caps-man/actual-interface-configuration/find where configuration.ssid=$Ssid !disabled ] ] > 0) do={ - :if ([ $RequiredRouterOS $ScriptName "7.15beta8" false ] = false || [ :len [ /interface/wifi/find where configuration.ssid=$Ssid !disabled ] ] > 0) do={ + :if ([ :len [ /interface/wifi/find where configuration.ssid=$Ssid !disabled ] ] > 0) do={ :if ([ :len [ /interface/wireless/find where name=$IntName !disabled ] ] = 1) do={ :if ($Seen->$Ssid = 1) do={ $LogPrint debug $ScriptName ("Already sent a mail for SSID " . $Ssid . ", skipping."); diff --git a/daily-psk.wifi.rsc b/daily-psk.wifi.rsc index 90c6ac5..83a896c 100644 --- a/daily-psk.wifi.rsc +++ b/daily-psk.wifi.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # update daily PSK (pre shared key) # https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md @@ -23,7 +23,6 @@ :global FormatLine; :global LogPrint; - :global RequiredRouterOS; :global ScriptLock; :global SendNotification2; :global SymbolForNotification; @@ -72,7 +71,7 @@ $LogPrint info $ScriptName ("Updating daily PSK for '" . $Ssid . "' to '" . $NewPsk . "' (was '" . $OldPsk . "')"); /interface/wifi/access-list/set $AccList passphrase=$NewPsk; - :if ([ $RequiredRouterOS $ScriptName "7.15beta8" false ] = false || [ :len [ /interface/wifi/find where configuration.ssid=$Ssid !disabled ] ] > 0) do={ + :if ([ :len [ /interface/wifi/find where configuration.ssid=$Ssid !disabled ] ] > 0) do={ :if ($Seen->$Ssid = 1) do={ $LogPrint debug $ScriptName ("Already sent a mail for SSID " . $Ssid . ", skipping."); } else={ diff --git a/doc/daily-psk.md b/doc/daily-psk.md index 2a15af5..4a3de64 100644 --- a/doc/daily-psk.md +++ b/doc/daily-psk.md @@ -4,7 +4,7 @@ Use wireless network with daily psk [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) From 32474c751f9fb69e096dc7f3b9e8c1f2c1fe6f90 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 May 2024 20:37:42 +0200 Subject: [PATCH 574/908] telegram-chat: drop extra conversion The JSON parser was actually fixed in RouterOS 7.15beta4, but let's bump the required version to next stable release instead. --- doc/telegram-chat.md | 2 +- telegram-chat.rsc | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/telegram-chat.md b/doc/telegram-chat.md index 95f8cf9..1e6f70f 100644 --- a/doc/telegram-chat.md +++ b/doc/telegram-chat.md @@ -4,7 +4,7 @@ Chat with your router and send commands via Telegram bot [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/telegram-chat.rsc b/telegram-chat.rsc index 2bdc04d..f2750f5 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2023-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # use Telegram to chat with your Router and send commands # https://git.eworm.de/cgit/routeros-scripts/about/doc/telegram-chat.md @@ -97,7 +97,7 @@ :local Trusted false; :local Chat ($Message->"chat"); :local From ($Message->"from"); - :local Command [ :tostr ($Message->"text") ]; + :local Command ($Message->"text"); :foreach IdsTrusted in=($TelegramChatId, $TelegramChatIdsTrusted) do={ :if ($From->"id" = $IdsTrusted || $From->"username" = $IdsTrusted) do={ From c28574b8f4484463e326e895fcac110d805efa01 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 19 Aug 2024 10:35:18 +0200 Subject: [PATCH 575/908] README: make the QR code a link --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 53dcffb..ab6bd8c 100644 --- a/README.md +++ b/README.md @@ -364,7 +364,7 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the Upstream -------- -![upstream](README.d/upstream.png) +[![upstream](README.d/upstream.png)](https://rsc.eworm.de/) URL: [GitHub.com](https://github.com/eworm-de/routeros-scripts#routeros-scripts) From 342d459436414ea94b9081474122c60b50f61569 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 19 Aug 2024 14:54:17 +0200 Subject: [PATCH 576/908] README: match the certificate file name from Let's Encrypt website... ... so import from manually downloaded and transferred file works out of the box as well. --- README.d/01-download-certs.avif | Bin 4596 -> 4890 bytes README.md | 4 ++-- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.d/01-download-certs.avif b/README.d/01-download-certs.avif index 4a074eb59dce96fbf79c0b50dfdf028f7eff9d4f..d41ca0595fa2f6b2ca1eaf3a94e34244d46e017a 100644 GIT binary patch delta 3543 zcma)(XFSw_P95S*adu6XHvvPJBp>VQu);D`3<49Ik#@Q>`WOe6kvQ@Sa z&W?=V@6G?+@5TS~d7d}V+vkuc<4$4#!zuv4qyZ8D03iRx5&$S;lj4IR;mOw_x+FJn z$)*rFh){AOM27^ROrC*MLxk#LN%|pR(lLedAkXg))LYb`uXw4iHk2N68sp%*o}Bcz zYqwArLw@+ML!@1Y;CUZCg# z<3WT%p9Ov)m7_c}+5fCAcd}r7SGr0;j27YIY&W->zkS-tqarv9ijbv|a!n)Z5r;jRPyaV_X2+vqlS<#U?92R8&BNk9b@crVSKJ&8C zloCd-jGjMpt(p5g{ECL#$@LyiezTMDa7T_kHccDxQ*W!7`Tc6gf{kc-^=6&b6<}*E zLf;>4iLaccjhK6Mga935@vrN*R#7>U*jgiHwh^Xtl-$w~2oK%ZTCY>1C zT9!!Z{nmEd?nsu$iWGKaE1F3m+~-5_Jp7UTBJMCgk6~4qe~3sn613-d=XD1s-nZH_ z03`z|b#AifJO!1D#t5^77rj;QD(pj5sgsg!uD=ig_+PBhwR&KbTj&1fJQ`Q}p`zas zuV_}u_Z%aTcoQ<)#7oUV2WHt#yySBcYuqe084nG8(2v)b(f4f#d^Q$l9VRz*JP ze$A0lp@?TQQx7aH6LDpMt*$af!M%nbTfJxOaeMhe86Hvzf}hLX+`_}rPtEtwtJ-pw zQ5wt5=I-D-VZ1(r3WSrcgT619eHghBA#o(>o02Je&z=}s`G4JOT}w^Q0?;yr z-KfDHPtXpm6wZkoED0jylXW-Qo)9su{3lv#Pap zU~NvN>4CvW8=z~3C6BkQdKn?(I;DO-qTMnX!wPFsr!b0@h<@sYP>sE}6uI&+qh6iP3YNN;ob;}HuzgM@|9GLtp%Ki? z2c#gMN!CcSQXo)C(ua8_l3QQI47*K(JWR~*t6qG`up(Oh9%&obwU7@?;)1#XihcLd z3s->B)V=@S{vsR9@TD%|mDInoz5%CzGFIZ;uyG6LYq-i;H@``1ePgrF_=31uD7CRN zl^FYKbGFw{tnq`s_-!_YJB2jKr8;Qo4D0g1==nF2)BCjh6}Y{p(Ld1~44-L1VJD9i z_@}s#eUGm^JaDh6$tkDt(5p{x| z*bg}zcP)30M%{Sja?KviC#rkzLHlq7H;=C=sw5#z0Dl5x3wbKT0xu8FsRC|FOG{*NqOwLlhKWrH4nbMsDbLet-i>U!JZmuZL8vfF#;DiAkx*%hI z%`09Ty&DRvURT&%`UnVpYiDXm6eQIh!VV@F(fvF7cQEM5XasvK7W;V#KY0oN(%|5W z!Y{D15>R;KZwBZg&;ne==D(p7`2Q;li;!l%A#tkpJYF8^@CGs>w<-VCHp?kPhgej6 zGf|>9h07ka+QTjP+8IB|LY0cA2+Kc}KptKJp|6~S>Ay====_oBNAb=n4QQ@54uO&* z9L3{P)za!H?j>^3B47Om1}Oo+H8hU`kGqh9OZe|S5hx#ff8<#5;N+D?$ygxE-A^t{ zf_!bd&qwVfB)HL`kDyu5q=cs3sbZ#nQfzdr0%&RWjQ!# zYiL^i24hD`9#Bi9NusKp$$9mGdrZF3E0ZJ6&sR&7O4bZFy&-g9(?~D9?KpUSY3`Ypdu{43cmDarm(Nf6551g7pm+4Vrhu5mpMvAYz zo~+-wt0OQl$UHpw$F#AQ=>{#yHGB77|EAyX)_=g;@Pi6WoF**}Fht{0+1udE7J z@Pjt7Hv%L%vW|bYglv5+G-KPvrP{;5m&J0Jg(v9DKkDObVdO!|&y^)p=4*dlmkJb& z48TZqWcUAut41VT8EOyk{>2@sA%3}YH0^la?hB#bFyZf1WVkIkc~{Y^c8HWj=_Wec zf8rMWcv)FAbGrqT;M={!;LJ=}evRow^JX`Ct;Ew{< z^m+b+pFX=wwW$V@^wz0Gb z28x<^fm`vI-Ny07Bgf9jwY-D@X!qxkI)V0=mhVf9bY+NJc7w70_R@18#h><1e0SZ2 zQyq?gPM=R2&Gv;zS`-*#T%Gb%*MeiI4d(ao+KoTAC!?RV-_MQ4?}vC8jYfAw$gSo* zAht_qBc}N{ILbxebZRG_w)$#+jE~*gQB9EXO6HELg9@>PF;V6p38Vw+`48=!oRr9s zcQ`G1?=9*rYK`U27KRjn{T(S`cxL0{L74InrLJ4<#w4_Mq>j5XUl{XSdNiz=aqUCu z9t-TICAzh}om)8D*&XHp!5~pg`_&aNg7Pm_M46k%wHQ#>x*dOxa=yaaki`}XdIxJ} z=CZ)gr)B8qK?Tl2YXkHtuAXTYkRHP1Q;GUTa?TGF`~lFLq~LT>u(QyBB^f<2qWFnw zF4?Rh+cj=$^Yt*}crxp9gBKp(>HW{~y|e760}265%i_^gE*BDu`$714npgSv+Dm-} zTZo#z=0L-%GlUzXQKWy&3-H__}r<4b7nAU04ks zI#eBP_}8mLQ`~VQx(*CvT0~<{>9Hahf@zZec|$YVM&89RVMdPLQk@O zeYE%?`It3P3u`ev^^=y;9#D_O6q zrV^1HGoz<(fgDxb9-Rq(LWv=0zew9;>sI0El#!^x*6W4d(NQkdVp$A#V;QZiM;TdQ gC!Z-^{dHj2*I%HO#^IYkDI>klM#V+21XJ<<04VpYrvLx| delta 3247 zcmb7`_dgVl^-tePM3Y1vo}SOaQ05-T^x}&GBUHH>~&<8aarlIj#Htm zaI!8$#(nw|zTd~=_5AVm!}F)tt3c{NJUxmN3INb|13&-(0QfJC0084+Mj9Fzn#Bq< z1hJQ8*#k9z5?Sd$1jvRl>kF_6D1l1`jR7&iz7^aQ^+ff()9JaQEgc0H)hAVMVDKz~n1p^nv_utyLmD;C&3llFwPmNC#JpBfzb%COM zFHlU55~nLtWo9*YEgD5kX-} z7gvd!axGY#@BV0Kh>1@4mgXqE(=@sowr%JaT0MXWTFzC8Gx=t-L_w~+32>r#O&AvV z4Irr@63s1&bv ze3t6XL%+`6l&xYZr$lS7GJ|C$Hq7F{NJ}OK+op3{I%h?k?{FmdM8cI>>he=Qv)h{K=33`BXUV4WoN^p5 zIvXyI9*&kf6TC^nb6Z@Z65)8GjQ2!9Ff+XbFzaGZW7QTuz24ROxP4;x9>yJtgm8;I z8Uk;Rn|se^TXvN#OntXkDO!y-s z161p5=JZZP%&?7j$8fgfH`leIwT2S!404x~y%k(a7vP~nNo}BqE_L`*0Y>?4+KfmP zr|~Njf3!`IKmvf7UvZ}cBbf(1Trc?P-dTXkUk%<>+s#N?dnvK5{j92%x7O33=uneY z+h)>_Uqvbh7kyfxn)1Ah3s_jlGO|Dk+aENKsy>eJ`-y9vj~XCrY>bK^>C}O-<+Q*|o7NUpGtzCgtV0MPH<-FZ8Xd&|)*$0%hHZXR>UC z+ddV|-PwZbogR!N+SUEJ=$^d@zQN!Z77Pf*#-)=RN=H(*4J_U5m)-4@vacBO(tHGj z;Ui~W)rG@kQ=@NbU{dq%;h+iw%6-18pijJiS2oj(k^vhl#2!T}OZ5bqhoUNZJHqjO zeb9%WLr#cccM}u2=VQ9zVI`eUQH&{RgSbMsN4pMO77V8Dwc!z0#cmX+z9Xt}GYjdp z6c$2|5+I(ZP>y>q0RO@ADyp4#I=i3&n;x0O3OU92Fiec6AQ)XL|o%8p7m+4c$5 zEw&LRbp$a_o0ntgk0zIKdxt%WmRy{W2E!qwEOzc-*f~ZvS93j~Vdk#+B~_yizGp|Q zrD7q_Lt zx$1b7HvYcy;@Jwz**DorE!XW6!Dj3ZlYKg;zgv@h-MU)#J}2ARGNyL;RVIyW_tQom zG-~@?Y4e<^N3n|4il`JeJxE7XiDwuKwr#OD>jxtJO6A(6r?*DVHs_qie2SBB-lUxE zDvZ{D<)%VEL)3)T2%rARp+wZ!Vt5)|PmlJww>IzVO%0uAjL8W(xJ4GGhr_4<7^%?M zC(8dPpG(IxQjMl+#`j9l;z^2*exS)0%7xv@USQA`7Cx{+hDl4+(%LJ%`RZsgunJ0Z z5L|S^roL-(d>@ix6Btgu_&oFz|Et*#lV0VaxD;z^uvPebE#=(wLH{dq@CJ#$M;Y4G z9++h!0H_ND427KOw?}?1^&s;9LZkEi>l6xZ8fO>WSG;bmxYS1XdzbGX;Eg0nUOZIwH+7uA@_WsxL9Tu5~R84s`J>NlGUJlaKvS4OHgQV z+pr4AAG|-2w(^0$a)I;})%9C)ASI8~Zl;oQN|d(4yz^41P_6dyP~v`Q-I|pdlooMV zo=mtcyC6msE1Dv1)?GKo?v34h>(`*DIExgFop%gH{k7+VUxw3hS?c_M5vG2D0GJpx zBwMt6MMO)dR6(_@xI<=BAZC!i=+^b*SzVWU2-ya`9|Mo1S!JK|?*7wkXpL2A@QN9L zIchRef3Bmau`$NtrH4p;yq4WL)~m^OpPdx0c|T;_BEvO9>I>Z)pg&QfF_d8Q6wT1+ z!ttKuCDV;&0$fELPwtpSRKhflv^;~;jMReJ+^Wo9`n!MsdtD|Q^M#Y;LqqM%QlWDpHY*Bmm%Jq` zMPaq*DBxa%%0j}O_Yz*@Y$v!K~HMreG;5I6~W@KR%QXBbu&GP zbp4!_S{5A)Y^$$CTd}{)S!};B;=7Q>nXlugPeTUU{?eIMNvBZF0`Cf#x zs|}lu$yy{cKchSOYfi%PQZP~uF5~F!$6EG;g^KuMu65S|#NKP{HA9WizPj1ZmKq1X zvv@qLU6SA|)FU0e1+v^nyF=bF+12BE?UAy+2NjrP%7#_dY!!=$c_wy`^om)i0?ip| zBFQ%ncuG@3O)7q!tE`7GPNJVavCOto0I2pT#_M)xFAT^VLvic(6O~<$u>w=4VIrEW9LhH!y1~!@V)n6(HOMPM-K)lKSw_HxHO6D<#r3-z zHv-=v7*wKicgd)RVhci&#-Ced2q~vD+BN=O&fa-XL3%9eJaU2 z9~|!(tM=|kh&mCA^VsVBqlLL{i2NJ2@jOgU;NWjx+*FXc_DB|+Kg`WJ3wP3-YoITg znuQwx@UEf+i0A`s2W&zdWC7DRVMRx$lftQs?nQ3$jbNtNUD* ze={7ad}U+joJrh|WuhM-3wh7GSm|jPSyUZbAU5i@_!8seuHEO}pItd*Q)MOFM@`ZZ zVjCf4KCBKc>U7-cT*XdIA$i+mOh8^cwi(>b8?_97SvbagDI~Gw5nMz|kN4!-Jc=j0 zjB}J>LjHnEl{-75QpHFYAlRwah!*4yIuEx&J+U~X97arg`4mOwE;>u^xt-`fsWo#c zMP5PNetyd$uEYm!hkq107X#jHT$ZoaPnwl{q*A6K#af{D0@rni^(nUad%&$-MY}_?>FVu Date: Mon, 19 Aug 2024 14:55:04 +0200 Subject: [PATCH 577/908] INITIAL-COMMANDS: match the certificate file name from Let's Encrypt website... MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ... and our README. 😜 --- INITIAL-COMMANDS.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/INITIAL-COMMANDS.md b/INITIAL-COMMANDS.md index 3f5f75c..84a88fe 100644 --- a/INITIAL-COMMANDS.md +++ b/INITIAL-COMMANDS.md @@ -17,9 +17,9 @@ Initial commands Run the complete base installation: { - /tool/fetch "https://git.eworm.de/cgit/routeros-scripts/plain/certs/ISRG-Root-X2.pem" dst-path="ISRG-Root-X2.pem" as-value; + /tool/fetch "https://git.eworm.de/cgit/routeros-scripts/plain/certs/ISRG-Root-X2.pem" dst-path="isrg-root-x2.pem" as-value; :delay 1s; - /certificate/import file-name=ISRG-Root-X2.pem passphrase=""; + /certificate/import file-name=isrg-root-x2.pem passphrase=""; :if ([ :len [ /certificate/find where fingerprint="69729b8e15a86efc177a57afb7171dfc64add28c2fca8cf1507e34453ccb1470" ] ] != 1) do={ :error "Something is wrong with your certificates!"; }; From d360cc05becf4363aef07db652e39dd1315a2875 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Sat, 17 Aug 2024 21:53:10 +0200 Subject: [PATCH 578/908] netwatch-dns: disable DoH if time not sync... ... as it is possible that time is off, DNS via DoH fails (cert invalid), and finally syncing time fails due to failing DNS. --- netwatch-dns.rsc | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/netwatch-dns.rsc b/netwatch-dns.rsc index 9635be6..e205081 100644 --- a/netwatch-dns.rsc +++ b/netwatch-dns.rsc @@ -16,6 +16,8 @@ :global CertificateAvailable; :global EitherOr; + :global IsDNSResolving; + :global IsTimeSync; :global LogPrint; :global ParseKeyValueStore; :global ScriptLock; @@ -67,6 +69,12 @@ :local DohCurrent [ /ip/dns/get use-doh-server ]; :local DohServers ({}); + :if ([ :len $DohCurrent ] > 0 && [ $IsDNSResolving ] = false && [ $IsTimeSync ] = false) do={ + $LogPrint info $ScriptName ("Time is not sync, disabling DoH: " . $DohCurrent); + /ip/dns/set use-doh-server=""; + :set DohCurrent ""; + } + :foreach Host in=[ /tool/netwatch/find where comment~"\\bdoh\\b" status="up" ] do={ :local HostVal [ /tool/netwatch/get $Host ]; :local HostInfo [ $ParseKeyValueStore ($HostVal->"comment") ]; From f17502d3d0e54173f6c843685b4e26a3c7cac89b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Sun, 18 Aug 2024 22:10:37 +0200 Subject: [PATCH 579/908] check-routeros-update: support switching to stable channel... ... with a feature update in testing channel. --- check-routeros-update.rsc | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index d45432a..3584a94 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -125,6 +125,15 @@ } :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ + :if (($Update->"channel") = "testing" && ($NumInstalled & 0xffff0000) < ($NumLatest & 0xffff0000)) do={ + :put ("This is a feature update in testing channel. Switch to channel 'stable'? [y/N]"); + :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ + /system/package/update/set channel=stable; + $LogPrint info $ScriptName ("Switched to channel 'stable', please re-run!"); + :error true; + } + } + :put ("Do you want to install RouterOS version " . $Update->"latest-version" . "? [y/N]"); :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ $DoUpdate; From 3e9a7ea75a29111f4601cedf966471cbf4d9c894 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 27 Aug 2024 09:38:13 +0200 Subject: [PATCH 580/908] certs: add 'DigiCert Global Root G3'... ... for quad9.net which can be used for DoH: $CertificateAvailable "DigiCert Global Root G3"; /ip/dns/set use-doh-server=https://9.9.9.9/dns-query verify-doh-cert=yes; --- certs/DigiCert-Global-Root-G3.pem | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 certs/DigiCert-Global-Root-G3.pem diff --git a/certs/DigiCert-Global-Root-G3.pem b/certs/DigiCert-Global-Root-G3.pem new file mode 100644 index 0000000..12324dc --- /dev/null +++ b/certs/DigiCert-Global-Root-G3.pem @@ -0,0 +1,22 @@ +# Issuer: CN=DigiCert Global Root G3 O=DigiCert Inc OU=www.digicert.com +# Subject: CN=DigiCert Global Root G3 O=DigiCert Inc OU=www.digicert.com +# Label: "DigiCert Global Root G3" +# Serial: 7089244469030293291760083333884364146 +# MD5 Fingerprint: f5:5d:a4:50:a5:fb:28:7e:1e:0f:0d:cc:96:57:56:ca +# SHA1 Fingerprint: 7e:04:de:89:6a:3e:66:6d:00:e6:87:d3:3f:fa:d9:3b:e8:3d:34:9e +# SHA256 Fingerprint: 31:ad:66:48:f8:10:41:38:c7:38:f3:9e:a4:32:01:33:39:3e:3a:18:cc:02:29:6e:f9:7c:2a:c9:ef:67:31:d0 +-----BEGIN CERTIFICATE----- +MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQsw +CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu +ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe +Fw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAwMDBaMGExCzAJBgNVBAYTAlVTMRUw +EwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20x +IDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEczMHYwEAYHKoZIzj0CAQYF +K4EEACIDYgAE3afZu4q4C/sLfyHS8L6+c/MzXRq8NOrexpu80JX28MzQC7phW1FG +fp4tn+6OYwwX7Adw9c+ELkCDnOg/QW07rdOkFFk2eJ0DQ+4QE2xy3q6Ip6FrtUPO +Z9wj/wMco+I+o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAd +BgNVHQ4EFgQUs9tIpPmhxdiuNkHMEWNpYim8S8YwCgYIKoZIzj0EAwMDaAAwZQIx +AK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y3maTD/HMsQmP3Wyr+mt/ +oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34VOKa5Vt8 +sycX +-----END CERTIFICATE----- From 90632f223adce7139b831fc2e6a0668431e5f26c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 27 Aug 2024 10:59:51 +0200 Subject: [PATCH 581/908] doc/netwatch-dns: 'DigiCert Global Root G3' for Quad9 --- doc/netwatch-dns.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/netwatch-dns.md b/doc/netwatch-dns.md index ff6c29c..54dd6c6 100644 --- a/doc/netwatch-dns.md +++ b/doc/netwatch-dns.md @@ -63,7 +63,7 @@ Importing a certificate automatically is possible, at least if available in the repository (see `certs` sub directory). /tool/netwatch/add comment="doh, doh-cert=DigiCert Global Root G2" host=1.1.1.1; - /tool/netwatch/add comment="doh, doh-cert=DigiCert Global Root CA" host=9.9.9.9; + /tool/netwatch/add comment="doh, doh-cert=DigiCert Global Root G3" host=9.9.9.9; /tool/netwatch/add comment="doh, doh-cert=GTS Root R1" host=8.8.8.8; Sometimes using just one specific (possibly internal) DNS server may be From 48fd281c1d048bbce9dbe0f0e6940eb8f417a9f8 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 27 Aug 2024 16:43:35 +0200 Subject: [PATCH 582/908] certs: drop 'DigiCert Global Root CA' --- certs/DigiCert-Global-Root-CA.pem | 29 ----------------------------- 1 file changed, 29 deletions(-) delete mode 100644 certs/DigiCert-Global-Root-CA.pem diff --git a/certs/DigiCert-Global-Root-CA.pem b/certs/DigiCert-Global-Root-CA.pem deleted file mode 100644 index b0f0013..0000000 --- a/certs/DigiCert-Global-Root-CA.pem +++ /dev/null @@ -1,29 +0,0 @@ -# Issuer: CN=DigiCert Global Root CA O=DigiCert Inc OU=www.digicert.com -# Subject: CN=DigiCert Global Root CA O=DigiCert Inc OU=www.digicert.com -# Label: "DigiCert Global Root CA" -# Serial: 10944719598952040374951832963794454346 -# MD5 Fingerprint: 79:e4:a9:84:0d:7d:3a:96:d7:c0:4f:e2:43:4c:89:2e -# SHA1 Fingerprint: a8:98:5d:3a:65:e5:e5:c4:b2:d7:d6:6d:40:c6:dd:2f:b1:9c:54:36 -# SHA256 Fingerprint: 43:48:a0:e9:44:4c:78:cb:26:5e:05:8d:5e:89:44:b4:d8:4f:96:62:bd:26:db:25:7f:89:34:a4:43:c7:01:61 ------BEGIN CERTIFICATE----- -MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh -MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 -d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD -QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT -MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j -b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB -CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97 -nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt -43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P -T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4 -gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO -BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR -TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw -DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr -hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg -06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF -PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls -YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk -CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4= ------END CERTIFICATE----- From 917be4b42574cd66254a4559330e83bc5c2ed233 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 28 Aug 2024 17:54:13 +0200 Subject: [PATCH 583/908] fw-addr-lists: spamhaus.org requires 'GTS Root R4' now Fixes: https://github.com/eworm-de/routeros-scripts/issues/78 --- global-config.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global-config.rsc b/global-config.rsc index cdc1d5c..2d10a9e 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -106,9 +106,9 @@ { url="https://lists.blocklist.de/lists/strongips.txt"; cert="Certum Trusted Network CA" }; # { url="https://www.spamhaus.org/drop/drop.txt"; -# cert="Baltimore CyberTrust Root" }; +# cert="GTS Root R4" }; # { url="https://www.spamhaus.org/drop/edrop.txt"; -# cert="Baltimore CyberTrust Root" }; +# cert="GTS Root R4" }; }; # "mikrotik"={ # { url="https://git.eworm.de/cgit/routeros-scripts/plain/fw-addr-lists.d/mikrotik"; From f4c97559b337413fb91bec4927a3de2ac7e81d09 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 28 Aug 2024 17:56:48 +0200 Subject: [PATCH 584/908] fw-addr-lists: drop edrop.txt, which does no longer exist --- global-config.rsc | 2 -- 1 file changed, 2 deletions(-) diff --git a/global-config.rsc b/global-config.rsc index 2d10a9e..03e5bb4 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -106,8 +106,6 @@ { url="https://lists.blocklist.de/lists/strongips.txt"; cert="Certum Trusted Network CA" }; # { url="https://www.spamhaus.org/drop/drop.txt"; -# cert="GTS Root R4" }; -# { url="https://www.spamhaus.org/drop/edrop.txt"; # cert="GTS Root R4" }; }; # "mikrotik"={ From 21fa46fdf6720cf3ec57980e29b4da9cf2e0f46d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 28 Aug 2024 17:59:44 +0200 Subject: [PATCH 585/908] certs: drop 'Baltimore CyberTrust Root' --- certs/Baltimore-CyberTrust-Root.pem | 28 ---------------------------- 1 file changed, 28 deletions(-) delete mode 100644 certs/Baltimore-CyberTrust-Root.pem diff --git a/certs/Baltimore-CyberTrust-Root.pem b/certs/Baltimore-CyberTrust-Root.pem deleted file mode 100644 index de8121a..0000000 --- a/certs/Baltimore-CyberTrust-Root.pem +++ /dev/null @@ -1,28 +0,0 @@ -# Issuer: CN=Baltimore CyberTrust Root O=Baltimore OU=CyberTrust -# Subject: CN=Baltimore CyberTrust Root O=Baltimore OU=CyberTrust -# Label: "Baltimore CyberTrust Root" -# Serial: 33554617 -# MD5 Fingerprint: ac:b6:94:a5:9c:17:e0:d7:91:52:9b:b1:97:06:a6:e4 -# SHA1 Fingerprint: d4:de:20:d0:5e:66:fc:53:fe:1a:50:88:2c:78:db:28:52:ca:e4:74 -# SHA256 Fingerprint: 16:af:57:a9:f6:76:b0:ab:12:60:95:aa:5e:ba:de:f2:2a:b3:11:19:d6:44:ac:95:cd:4b:93:db:f3:f2:6a:eb ------BEGIN CERTIFICATE----- -MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJ -RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD -VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoX -DTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMCSUUxEjAQBgNVBAoTCUJhbHRpbW9y -ZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFsdGltb3JlIEN5YmVy -VHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKMEuyKr -mD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjr -IZ3AQSsBUnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeK -mpYcqWe4PwzV9/lSEy/CG9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSu -XmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9XbIGevOF6uvUA65ehD5f/xXtabz5OTZy -dc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjprl3RjM71oGDHweI12v/ye -jl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoIVDaGezq1 -BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3 -DQEBBQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT92 -9hkTI7gQCvlYpNRhcL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3Wgx -jkzSswF07r51XgdIGn9w/xZchMB5hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0 -Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsaY71k5h+3zvDyny67G7fyUIhz -ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS -R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp ------END CERTIFICATE----- From 9737bfa46ad5b08f39ba0442061d08e974cb14c5 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 2 Sep 2024 22:54:41 +0200 Subject: [PATCH 586/908] =?UTF-8?q?certs:=20add=20poor=20man's=20check=20?= =?UTF-8?q?=F0=9F=98=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- certs/Makefile | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 certs/Makefile diff --git a/certs/Makefile b/certs/Makefile new file mode 100644 index 0000000..2e6ac9d --- /dev/null +++ b/certs/Makefile @@ -0,0 +1,31 @@ +# Makefile to check certificates + +DOMAINS = \ + 1.1.1.1/DigiCert-Global-Root-G2 \ + 8.8.8.8/GTS-Root-R1 \ + 9.9.9.9/DigiCert-Global-Root-G3 \ + api.macvendors.com/GTS-Root-R4 \ + api.mullvad.net/ISRG-Root-X1 \ + api.telegram.org/Go-Daddy-Root-Certificate-Authority-G2 \ + cloudflare-dns.com/DigiCert-Global-Root-G2 \ + dns.google/GTS-Root-R1 \ + dns.quad9.net/DigiCert-Global-Root-G3 \ + feodotracker.abuse.ch/GlobalSign \ + git.eworm.de/ISRG-Root-X2 \ + ipv4.showipv6.de/ISRG-Root-X1 \ + ipv4.tunnelbroker.net/Starfield-Root-Certificate-Authority-G2 \ + ipv6.showipv6.de/ISRG-Root-X1 \ + lists.blocklist.de/Certum-Trusted-Network-CA \ + mkcert.org/ISRG-Root-X1 \ + ntfy.sh/ISRG-Root-X1 \ + sslbl.abuse.ch/GlobalSign \ + upgrade.mikrotik.com/ISRG-Root-X1 \ + www.dshield.org/ISRG-Root-X1 \ + www.spamhaus.org/GTS-Root-R4 + +.PHONY: $(DOMAINS) + +all: $(DOMAINS) + +$(DOMAINS): + curl --output /dev/null --silent --connect-timeout 5 --cacert $(notdir $@).pem https://$(dir $@) From 09dcd51feb0d17e7c0715aa10786df169936760a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 4 Sep 2024 12:02:20 +0200 Subject: [PATCH 587/908] netwatch-dns: give warning on CRL use --- netwatch-dns.rsc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/netwatch-dns.rsc b/netwatch-dns.rsc index e205081..09d471d 100644 --- a/netwatch-dns.rsc +++ b/netwatch-dns.rsc @@ -19,6 +19,7 @@ :global IsDNSResolving; :global IsTimeSync; :global LogPrint; + :global LogPrintOnce; :global ParseKeyValueStore; :global ScriptLock; @@ -126,6 +127,9 @@ :if ($Data != false) do={ :if ([ :typeof [ :find $Data "doh-check-OK" ] ] = "num") do={ /ip/dns/set use-doh-server=($DohServer->"doh-url") verify-doh-cert=yes; + :if ([ /certificate/settings/get crl-use ] = true) do={ + $LogPrintOnce warning $ScriptName ("Configured to use CRL, that can cause severe issue!"); + } /ip/dns/cache/flush; $LogPrint info $ScriptName ("Setting DoH server: " . ($DohServer->"doh-url")); :error true; From d23d05f2ea3b3d0e5c11d0780ef87566641296c7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 5 Sep 2024 22:10:11 +0200 Subject: [PATCH 588/908] fw-addr-lists: handle JSON format from spamhaus.org Closes: https://github.com/eworm-de/routeros-scripts/issues/79 --- fw-addr-lists.rsc | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 4930e86..4675e3a 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -88,7 +88,12 @@ :while ([ :len $Data ] != 0) do={ :local Line [ :pick $Data 0 [ :find $Data "\n" ] ]; - :local Address ([ :pick $Line 0 [ $FindDelim $Line ] ] . ($List->"cidr")); + :local Address; + :if ([ :pick $Line 0 1 ] = "{") do={ + :set Address [ :tostr ([ :deserialize from=json $Line ]->"cidr") ]; + } else={ + :set Address ([ :pick $Line 0 [ $FindDelim $Line ] ] . ($List->"cidr")); + } :do { :if ($Address ~ "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}(/[0-9]{1,2})?\$") do={ :set ($IPv4Addresses->$Address) $TimeOut; From fe52bd4a0a496f896439887c0943e38e8f39ce2c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 5 Sep 2024 22:58:19 +0200 Subject: [PATCH 589/908] fw-addr-lists: use lists in JSON format for spamhaus.org --- global-config.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/global-config.rsc b/global-config.rsc index 03e5bb4..2ed67f3 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -105,7 +105,9 @@ cert="ISRG Root X1" }; { url="https://lists.blocklist.de/lists/strongips.txt"; cert="Certum Trusted Network CA" }; -# { url="https://www.spamhaus.org/drop/drop.txt"; +# { url="https://www.spamhaus.org/drop/drop_v4.json"; +# cert="GTS Root R4" }; +# { url="https://www.spamhaus.org/drop/drop_v6.json"; # cert="GTS Root R4" }; }; # "mikrotik"={ From 41b19b045ad98c528ce9d8d84ab086fe7c54f265 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 13 Sep 2024 10:16:17 +0200 Subject: [PATCH 590/908] global-functions: $VersionToNum: support "zero"... ... to have a clean way to generate bitmasks. [admin@mikrotik] > :put [ $VersionToNum 0.255zero0 ] 16711680 [admin@mikrotik] > :put 0x00ff0000 16711680 Once implemented everywhere the internal calculation could be changed easily. --- global-functions.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 41120fd..9ee5312 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1485,7 +1485,7 @@ :global CharacterReplace; :set Input [ $CharacterReplace $Input "." "," ]; - :foreach I in={ "alpha"; "beta"; "rc" } do={ + :foreach I in={ "zero"; "alpha"; "beta"; "rc" } do={ :set Input [ $CharacterReplace $Input $I ("," . $I . ",") ]; } @@ -1496,6 +1496,7 @@ :set Return ($Return + 0xff00); :set Multi ($Multi / 0x100); } else={ + :if ($Value = "zero") do={ } :if ($Value = "alpha") do={ :set Return ($Return + 0x3f00); } :if ($Value = "beta") do={ :set Return ($Return + 0x5f00); } :if ($Value = "rc") do={ :set Return ($Return + 0x7f00); } From 734a80ba82cfb76c34484415a5e810a1d29bdbfe Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 13 Sep 2024 10:29:06 +0200 Subject: [PATCH 591/908] backup-partition: use $VersionToNum to calculate bitmask --- backup-partition.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/backup-partition.rsc b/backup-partition.rsc index 23dd7ef..51df454 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -81,8 +81,9 @@ :local Update [ /system/package/update/get ]; :local NumInstalled [ $VersionToNum ($Update->"installed-version") ]; :local NumLatest [ $VersionToNum ($Update->"latest-version") ]; + :local BitMask [ $VersionToNum "255.255zero0" ]; :if ($BackupPartitionCopyBeforeFeatureUpdate = true && $NumLatest > 0 && \ - ($NumInstalled & 0xffff0000) != ($NumLatest & 0xffff0000)) do={ + ($NumInstalled & $BitMask) != ($NumLatest & $BitMask)) do={ :if ([ $CopyTo $ScriptName $FallbackTo $FallbackToName ] = false) do={ :set PackagesUpdateBackupFailure true; :error false; From c708832b69ece50eca184b0946eebd5b3c579475 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 13 Sep 2024 10:32:40 +0200 Subject: [PATCH 592/908] check-routeros-update: use $VersionToNum to calculate bitmask --- check-routeros-update.rsc | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index 3584a94..84849ea 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -62,6 +62,9 @@ :local NumInstalled [ $VersionToNum ($Update->"installed-version") ]; :local NumLatest [ $VersionToNum ($Update->"latest-version") ]; + :local BitMask [ $VersionToNum "255.255zero0" ]; + :local NumInstalledFeature ($NumInstalled & $BitMask); + :local NumLatestFeature ($NumLatest & $BitMask); :local Link ("https://mikrotik.com/download/changelogs/" . $Update->"channel" . "-release-tree"); :if ($NumLatest < 117505792) do={ @@ -80,7 +83,7 @@ $DoUpdate; } - :if ($SafeUpdatePatch = true && ($NumInstalled & 0xffff0000) = ($NumLatest & 0xffff0000)) do={ + :if ($SafeUpdatePatch = true && $NumInstalledFeature = $NumLatestFeature) do={ $LogPrint info $ScriptName ("Version " . $Update->"latest-version" . " is a patch release, updating..."); $SendNotification2 ({ origin=$ScriptName; \ subject=([ $SymbolForNotification "sparkles" ] . "RouterOS update: " . $Update->"latest-version"); \ @@ -125,7 +128,7 @@ } :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ - :if (($Update->"channel") = "testing" && ($NumInstalled & 0xffff0000) < ($NumLatest & 0xffff0000)) do={ + :if (($Update->"channel") = "testing" && $NumInstalledFeature < $NumLatestFeature) do={ :put ("This is a feature update in testing channel. Switch to channel 'stable'? [y/N]"); :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ /system/package/update/set channel=stable; From 60aa553219b289e9d3e4ef7f0bb7db471f45af69 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 25 Sep 2024 11:01:40 +0200 Subject: [PATCH 593/908] hotspot-to-wpa-cleanup: only match access-list with mac-address --- hotspot-to-wpa-cleanup.capsman.rsc | 2 +- hotspot-to-wpa-cleanup.template.rsc | 2 +- hotspot-to-wpa-cleanup.wifi.rsc | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/hotspot-to-wpa-cleanup.capsman.rsc b/hotspot-to-wpa-cleanup.capsman.rsc index 29bd48d..45ea72b 100644 --- a/hotspot-to-wpa-cleanup.capsman.rsc +++ b/hotspot-to-wpa-cleanup.capsman.rsc @@ -50,7 +50,7 @@ } :foreach Client in=[ /caps-man/access-list/find where comment~"^hotspot-to-wpa:" \ - !(comment~[ /system/clock/get date ]) ] do={ + !(comment~[ /system/clock/get date ]) mac-address ] do={ :local ClientVal [ /caps-man/access-list/get $Client ]; :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \ mac-address=($ClientVal->"mac-address") ] ] = 0) do={ diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc index 06dd9f0..081f3d0 100644 --- a/hotspot-to-wpa-cleanup.template.rsc +++ b/hotspot-to-wpa-cleanup.template.rsc @@ -54,7 +54,7 @@ :foreach Client in=[ /caps-man/access-list/find where comment~"^hotspot-to-wpa:" \ :foreach Client in=[ /interface/wifi/access-list/find where comment~"^hotspot-to-wpa:" \ - !(comment~[ /system/clock/get date ]) ] do={ + !(comment~[ /system/clock/get date ]) mac-address ] do={ :local ClientVal [ /caps-man/access-list/get $Client ]; :local ClientVal [ /interface/wifi/access-list/get $Client ]; :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \ diff --git a/hotspot-to-wpa-cleanup.wifi.rsc b/hotspot-to-wpa-cleanup.wifi.rsc index 7c74d10..23f773f 100644 --- a/hotspot-to-wpa-cleanup.wifi.rsc +++ b/hotspot-to-wpa-cleanup.wifi.rsc @@ -50,7 +50,7 @@ } :foreach Client in=[ /interface/wifi/access-list/find where comment~"^hotspot-to-wpa:" \ - !(comment~[ /system/clock/get date ]) ] do={ + !(comment~[ /system/clock/get date ]) mac-address ] do={ :local ClientVal [ /interface/wifi/access-list/get $Client ]; :if ([ :len [ /ip/dhcp-server/lease/find where !dynamic comment~"^hotspot-to-wpa:" \ mac-address=($ClientVal->"mac-address") ] ] = 0) do={ From c2c72818de2cf35ea5b50eed3a505f86ed6be294 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 26 Sep 2024 15:24:05 +0200 Subject: [PATCH 594/908] global-functions: $CertificateDownload: add another check... ... that the certificate is really available. Turns out that mkcert.org ships certificates where OU or whatever matches - that's not what we want. --- global-functions.rsc | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 9ee5312..e5471dd 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -176,6 +176,12 @@ :delay 1s; /file/remove [ find where name=$FileName ]; + :if ([ :len [ /certificate/find where common-name=$CommonName ] ] = 0) do={ + /certificate/remove [ find where name~("^" . $FileName . "_[0-9]+\$") ]; + $LogPrint warning $0 ("Certificate with CommonName '" . $CommonName . "' still unavailable!"); + :return false; + } + :foreach Cert in=[ /certificate/find where name~("^" . $FileName . "_[0-9]+\$") ] do={ $CertificateNameByCN [ /certificate/get $Cert common-name ]; } From 1776b8f50b173b49ca7ce3ab917de4493ae36ff6 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 27 Sep 2024 17:13:32 +0200 Subject: [PATCH 595/908] backup-partition: give warning on lock in device-mode RouterOS 7.17beta2 introduced some extra security measures, including some to prevent downgrade attacks for the installation. Thus switching partitions (which can hold quite old installations) is denied by device-mode now by default. Warn about that... https://help.mikrotik.com/docs/display/ROS/Device-mode --- backup-partition.rsc | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/backup-partition.rsc b/backup-partition.rsc index 51df454..56738ba 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -19,6 +19,7 @@ :global PackagesUpdateBackupFailure; :global LogPrint; + :global RequiredRouterOS; :global ScriptFromTerminal; :global ScriptLock; :global VersionToNum; @@ -59,6 +60,12 @@ :error false; } + :if ([ $RequiredRouterOS $ScriptName "7.17beta2" false ] = true && \ + ([ /system/device-mode/get ]->"partitions") != true) do={ + $LogPrint warning $ScriptName \ + ("The device mode has locked switching partitions! You will need physical access!"); + } + :local FallbackToName [ /partitions/get $ActiveRunning fallback-to ]; :local FallbackTo [ /partition/find where name=$FallbackToName !active ]; From f2576cf55892618c65fca6a1bff03b35a94acee8 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 30 Sep 2024 16:10:55 +0200 Subject: [PATCH 596/908] packages-update: give warning on lock in device-mode RouterOS 7.17beta2 introduced some extra security measures, including some to prevent downgrade attacks for the installation. Detect early and exit with message and error. https://help.mikrotik.com/docs/display/ROS/Device-mode --- packages-update.rsc | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/packages-update.rsc b/packages-update.rsc index b08a48d..b4fab46 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -18,6 +18,7 @@ :global Grep; :global LogPrint; :global ParseKeyValueStore; + :global RequiredRouterOS; :global ScriptFromTerminal; :global ScriptLock; :global VersionToNum; @@ -99,6 +100,13 @@ :local DoDowngrade false; :if ($NumInstalled > $NumLatest) do={ + :if ([ $RequiredRouterOS $ScriptName "7.17beta2" false ] = true && \ + ([ /system/device-mode/get ]->"downgrade") != true) do={ + $LogPrint error $ScriptName \ + ("The device mode has locked downgrades! You will need physical access!"); + :error false; + } + :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ :put "Latest version is older than installed one. Want to downgrade? [y/N]"; :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ From f75e701be3ceb89615bd29a2bce1404f1bf4117c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 30 Sep 2024 21:51:31 +0200 Subject: [PATCH 597/908] log-forward: get last message from log... ... not only from matched massages. --- log-forward.rsc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/log-forward.rsc b/log-forward.rsc index 5133e73..e0d8f35 100644 --- a/log-forward.rsc +++ b/log-forward.rsc @@ -94,9 +94,10 @@ [ $IfThenElse ($Duplicates = true) (" Multi-repeated messages have been skipped.") ] . \ [ $IfThenElse ($LogForwardRateLimit > 30) ("\nRate limit in action, delaying forwarding.") ] . \ "\n" . $Messages) }); - - :set LogForwardLast ($MessageVal->".id"); } else={ :set LogForwardRateLimit [ $MAX 0 ($LogForwardRateLimit - 1) ]; } + + :local LogAll [ /log/find ]; + :set LogForwardLast ($LogAll->([ :len $LogAll ] - 1) ); } on-error={ } From 5135e836b82d36e49dd34ebde7ad2aedda6f8af2 Mon Sep 17 00:00:00 2001 From: Ignacio Serrano Date: Tue, 1 Oct 2024 20:32:37 +0200 Subject: [PATCH 598/908] mod/notification-ntfy: fix ntfy overrides --- mod/notification-ntfy.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mod/notification-ntfy.rsc b/mod/notification-ntfy.rsc index 661f69f..b2bb280 100644 --- a/mod/notification-ntfy.rsc +++ b/mod/notification-ntfy.rsc @@ -87,7 +87,7 @@ :return false; } - :local Url ("https://" . $NtfyServer . "/" . [ $UrlEncode $NtfyTopic ]); + :local Url ("https://" . $Server . "/" . [ $UrlEncode $Topic ]); :local Headers ({ [ $FetchUserAgentStr ($Notification->"origin") ]; \ ("Priority: " . [ $IfThenElse ($Notification->"silent") "low" "default" ]); \ ("Title: " . "[" . $IdentityExtra . $Identity . "] " . ($Notification->"subject")) }); @@ -97,7 +97,7 @@ } :do { - :if ($NtfyServer = "ntfy.sh") do={ + :if ($Server = "ntfy.sh") do={ :if ([ $CertificateAvailable "ISRG Root X1" ] = false) do={ $LogPrint warning $0 ("Downloading required certificate failed."); :error false; From 98e62e3eaca9d5d09b70e7ddad44c7fbe21dfbf2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 1 Oct 2024 21:42:20 +0200 Subject: [PATCH 599/908] update list of contributors --- CONTRIBUTIONS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CONTRIBUTIONS.md b/CONTRIBUTIONS.md index 0b192fc..dd21fa5 100644 --- a/CONTRIBUTIONS.md +++ b/CONTRIBUTIONS.md @@ -20,6 +20,7 @@ for details! * [Anatoly Bubenkov](mailto:bubenkoff@gmail.com) (@bubenkoff) * [Ben Harris](mailto:mail@bharr.is) (@bharrisau) * [Daniel Ziegenberg](mailto:daniel@ziegenberg.at) (@ziegenberg) +* [Ignacio Serrano](mailto:ignic@ignic.com) (@ignic) * [Michael Gisbers](mailto:michael@gisbers.de) (@mgisbers) * @netravnen * [netztrip](mailto:dave-tvg@netztrip.de) (@netztrip) From c955c94098190847856c62e4e9b437200b19884c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 2 Oct 2024 14:02:29 +0200 Subject: [PATCH 600/908] update list of contributors --- CONTRIBUTIONS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CONTRIBUTIONS.md b/CONTRIBUTIONS.md index dd21fa5..ed1d6fa 100644 --- a/CONTRIBUTIONS.md +++ b/CONTRIBUTIONS.md @@ -38,6 +38,7 @@ Add yourself to the list, * Daniel Ziegenberg (@ziegenberg) * Devin Dean (@dd2594gh) * Evaldo Gardenal +* Florian Estraviz * Giorgio Bikos * Harold Schoemaker * Hugo BV From 85a7a16c1526acfc86ec313e8527fb616f142a57 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 9 Oct 2024 14:30:29 +0200 Subject: [PATCH 601/908] backup-partition: log the warning just once --- backup-partition.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/backup-partition.rsc b/backup-partition.rsc index 56738ba..8b4be9b 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -19,6 +19,7 @@ :global PackagesUpdateBackupFailure; :global LogPrint; + :global LogPrintOnce; :global RequiredRouterOS; :global ScriptFromTerminal; :global ScriptLock; @@ -62,7 +63,7 @@ :if ([ $RequiredRouterOS $ScriptName "7.17beta2" false ] = true && \ ([ /system/device-mode/get ]->"partitions") != true) do={ - $LogPrint warning $ScriptName \ + $LogPrintOnce warning $ScriptName \ ("The device mode has locked switching partitions! You will need physical access!"); } From 82e3e7a9fce024be5b93aa6adc41d6d799c05271 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 10 Oct 2024 22:20:31 +0200 Subject: [PATCH 602/908] doc/netwatch-notify: always give a host... ... as that is a required property. Any ip address is fine, it is changed anyway. --- doc/netwatch-notify.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/netwatch-notify.md b/doc/netwatch-notify.md index 948cbec..411a4d9 100644 --- a/doc/netwatch-notify.md +++ b/doc/netwatch-notify.md @@ -88,7 +88,7 @@ threshould by one. The host address can be updated dynamically. Give extra parameter `resolve` with a resolvable name: - /tool/netwatch/add comment="notify, name=example.com, resolve=example.com"; + /tool/netwatch/add comment="notify, name=example.com, resolve=example.com" host=0.0; This supports multiple A or AAAA records for a name just fine, even a CNAME to those. An update happens only if no more record with the configured host @@ -125,7 +125,7 @@ included verbatim into the notification. It is possible to add a link in notification, that is added below the formatted notification text. - /tool/netwatch/add comment="notify, name=example.com, resolve=example.com, link=https://example.com/"; + /tool/netwatch/add comment="notify, name=example.com, resolve=example.com, link=https://example.com/" host=0.0; Tips & Tricks ------------- From f7f50a9d45980e94041c9f48f017778b8a1d279c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 10 Oct 2024 22:24:56 +0200 Subject: [PATCH 603/908] doc/netwatch-notify: give an extra example for resolving AAAA records --- doc/netwatch-notify.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/doc/netwatch-notify.md b/doc/netwatch-notify.md index 411a4d9..9fa0e26 100644 --- a/doc/netwatch-notify.md +++ b/doc/netwatch-notify.md @@ -90,10 +90,15 @@ with a resolvable name: /tool/netwatch/add comment="notify, name=example.com, resolve=example.com" host=0.0; -This supports multiple A or AAAA records for a name just fine, even a CNAME +This supports multiple A records for a name just fine, even a CNAME to those. An update happens only if no more record with the configured host address is found. +The address family is preserved, so if you want AAAA records (for IPv6) +use this: + + /tool/netwatch/add comment="notify, name=example.com, resolve=example.com" host=::; + ### No notification on host down Also suppressing the notification on host down is possible with parameter From 71c58c6afb27fc66356f9d5d3d41c5af7ab2f9d7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 10 Oct 2024 22:32:46 +0200 Subject: [PATCH 604/908] doc/netwatch-notify: fix typo(s) --- doc/netwatch-notify.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/netwatch-notify.md b/doc/netwatch-notify.md index 9fa0e26..81adfe9 100644 --- a/doc/netwatch-notify.md +++ b/doc/netwatch-notify.md @@ -66,9 +66,9 @@ notification is sent. Getting the escaping right may be troublesome. Please consider adding a script in `/system/script`, then running that from hook. -### Count threshould +### Count threshold -The count threshould (default is 5 checks) is configurable as well: +The count threshold (default is 5 checks) is configurable as well: /tool/netwatch/add comment="notify, name=example.com, count=10" host=104.18.144.11; @@ -81,7 +81,7 @@ suppress notification if the parent host is down: /tool/netwatch/add comment="notify, name=example.com, parent=gateway" host=93.184.216.34; Note that every configured parent in a chain increases the check count -threshould by one. +threshold by one. ### Update from DNS From 435f70999c0fc28aaf804c00552d0d54dcf10806 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 22 Oct 2024 19:32:19 +0200 Subject: [PATCH 605/908] backup-partition: drop warning on lock in device-mode ... as switching partitions is possible again in RouterOS 7.17beta4. --- backup-partition.rsc | 8 -------- 1 file changed, 8 deletions(-) diff --git a/backup-partition.rsc b/backup-partition.rsc index 8b4be9b..51df454 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -19,8 +19,6 @@ :global PackagesUpdateBackupFailure; :global LogPrint; - :global LogPrintOnce; - :global RequiredRouterOS; :global ScriptFromTerminal; :global ScriptLock; :global VersionToNum; @@ -61,12 +59,6 @@ :error false; } - :if ([ $RequiredRouterOS $ScriptName "7.17beta2" false ] = true && \ - ([ /system/device-mode/get ]->"partitions") != true) do={ - $LogPrintOnce warning $ScriptName \ - ("The device mode has locked switching partitions! You will need physical access!"); - } - :local FallbackToName [ /partitions/get $ActiveRunning fallback-to ]; :local FallbackTo [ /partition/find where name=$FallbackToName !active ]; From 07c95763775cb5fdef056ef6ba7ff3ac1399dbaf Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 22 Oct 2024 19:38:20 +0200 Subject: [PATCH 606/908] packages-update: check for explicit state... ... as all device-mode properties are given since RouterOS 7.14beta4. Let's assume we do not have to care about RouterOS 7.14beta2 any more... As older versions will not match the check we can now merge right away. --- packages-update.rsc | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/packages-update.rsc b/packages-update.rsc index b4fab46..c2f0ba6 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -18,7 +18,6 @@ :global Grep; :global LogPrint; :global ParseKeyValueStore; - :global RequiredRouterOS; :global ScriptFromTerminal; :global ScriptLock; :global VersionToNum; @@ -100,8 +99,7 @@ :local DoDowngrade false; :if ($NumInstalled > $NumLatest) do={ - :if ([ $RequiredRouterOS $ScriptName "7.17beta2" false ] = true && \ - ([ /system/device-mode/get ]->"downgrade") != true) do={ + :if (([ /system/device-mode/get ]->"downgrade") = false) do={ $LogPrint error $ScriptName \ ("The device mode has locked downgrades! You will need physical access!"); :error false; From 7229c756af86df3a670ca79138e6e35342951461 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 22 Oct 2024 23:19:16 +0200 Subject: [PATCH 607/908] fw-addr-lists: spamhaus.org requires 'ISRG Root X1' now --- certs/Makefile | 2 +- global-config.rsc | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/certs/Makefile b/certs/Makefile index 2e6ac9d..09e7a20 100644 --- a/certs/Makefile +++ b/certs/Makefile @@ -21,7 +21,7 @@ DOMAINS = \ sslbl.abuse.ch/GlobalSign \ upgrade.mikrotik.com/ISRG-Root-X1 \ www.dshield.org/ISRG-Root-X1 \ - www.spamhaus.org/GTS-Root-R4 + www.spamhaus.org/ISRG-Root-X1 .PHONY: $(DOMAINS) diff --git a/global-config.rsc b/global-config.rsc index 2ed67f3..c4e04b5 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -106,9 +106,9 @@ { url="https://lists.blocklist.de/lists/strongips.txt"; cert="Certum Trusted Network CA" }; # { url="https://www.spamhaus.org/drop/drop_v4.json"; -# cert="GTS Root R4" }; +# cert="ISRG Root X1" }; # { url="https://www.spamhaus.org/drop/drop_v6.json"; -# cert="GTS Root R4" }; +# cert="ISRG Root X1" }; }; # "mikrotik"={ # { url="https://git.eworm.de/cgit/routeros-scripts/plain/fw-addr-lists.d/mikrotik"; From d022c876514107bd345a17a0c01896947a83b45f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 22 Oct 2024 21:38:38 +0200 Subject: [PATCH 608/908] ipv6-update: ignore if address was acquired https://github.com/eworm-de/routeros-scripts/issues/85 --- ipv6-update.rsc | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/ipv6-update.rsc b/ipv6-update.rsc index 0577bdc..47bf3de 100644 --- a/ipv6-update.rsc +++ b/ipv6-update.rsc @@ -18,12 +18,18 @@ :global ParseKeyValueStore; :global ScriptLock; + :local NaAddress $"na-address"; :local PdPrefix $"pd-prefix"; :if ([ $ScriptLock $ScriptName ] = false) do={ :error false; } + :if ([ :typeof $NaAddress ] = "str") do={ + $LogPrint info $ScriptName ("An address (" . $NaAddress . ") was acquired, not a prefix. Ignoring."); + :error false; + } + :if ([ :typeof $PdPrefix ] = "nothing") do={ $LogPrint error $ScriptName ("This script is supposed to run from ipv6 dhcp-client."); :error false; From e803f8b3c0956e8b9f3992433d0a3caf9cb4c899 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 22 Oct 2024 22:35:14 +0200 Subject: [PATCH 609/908] ipv6-update: create a dynamic address-list entry only This should make sure that the script runs once after reboot, even if the prefix does not change. An existing static entry needs to be removed to make this work! https://github.com/eworm-de/routeros-scripts/issues/85 --- doc/ipv6-update.md | 12 ++++++++---- ipv6-update.rsc | 4 ++-- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/doc/ipv6-update.md b/doc/ipv6-update.md index 88600c5..42f0fe4 100644 --- a/doc/ipv6-update.md +++ b/doc/ipv6-update.md @@ -45,13 +45,17 @@ Installing [ppp-on-up](ppp-on-up.md) may solve this. Configuration ------------- -An address list entry is updated with current prefix and can be used in -firewall rules, comment has to be "`ipv6-pool-`" and actual pool name: +As an address-list entry is mandatory a dynamic one is created automatically. +It is updated with current prefix and can be used in firewall rules. + +Alternatively a static address-list entry can be used, where comment has to +be "`ipv6-pool-`" and actual pool name. Use what ever list is desired, and +create it with: /ipv6/firewall/address-list/add address=2003:cf:2f0f:de00::/56 comment=ipv6-pool-isp list=extern; -As this entry is mandatory it is created automatically if it does not exist, -with the comment also set for list. +If the dynamic entry exists already you need to remove it before creating +the static one.. Address list entries for specific interfaces can be updated as well. The interface needs to get its address from pool `isp` and the address list entry diff --git a/ipv6-update.rsc b/ipv6-update.rsc index 47bf3de..ccc0eb9 100644 --- a/ipv6-update.rsc +++ b/ipv6-update.rsc @@ -37,8 +37,8 @@ :local Pool [ /ipv6/pool/get [ find where prefix=$PdPrefix ] name ]; :if ([ :len [ /ipv6/firewall/address-list/find where comment=("ipv6-pool-" . $Pool) ] ] = 0) do={ - /ipv6/firewall/address-list/add list=("ipv6-pool-" . $Pool) address=:: comment=("ipv6-pool-" . $Pool); - $LogPrint warning $ScriptName ("Added ipv6 address list entry for ipv6-pool-" . $Pool); + /ipv6/firewall/address-list/add list=("ipv6-pool-" . $Pool) address=:: comment=("ipv6-pool-" . $Pool) dynamic=yes; + $LogPrint warning $ScriptName ("Added dynamic ipv6 address list entry for ipv6-pool-" . $Pool); } :local AddrList [ /ipv6/firewall/address-list/find where comment=("ipv6-pool-" . $Pool) ]; :local OldPrefix [ /ipv6/firewall/address-list/get ($AddrList->0) address ]; From 3169270dbda239b860ee7b2989d2bfdf7b5b78c7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 28 Oct 2024 22:31:58 +0100 Subject: [PATCH 610/908] doc/mod/notification-matrix: better document certificate import --- doc/mod/notification-matrix.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/mod/notification-matrix.md b/doc/mod/notification-matrix.md index c96a719..dd46404 100644 --- a/doc/mod/notification-matrix.md +++ b/doc/mod/notification-matrix.md @@ -46,6 +46,13 @@ The Matrix server is connected via encrypted https, and certificate verification is applied. So make sure you have the certificate chain for your server in device's certificate store. +The example below is for `matrix.org`, which uses a trust chain from *Google +Trust Services*. Run this to import the required certificate: + + $CertificateAvailable "GTS Root R4"; + +Replace the CA certificate name with what ever is needed for your server. + ### From other device If you have setup your Matrix *notification account* before just reuse that. From a6584170c31dc9773840adbc1c7b9721544c764e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 28 Oct 2024 22:33:46 +0100 Subject: [PATCH 611/908] certs: check cert for matrix.org --- certs/Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/certs/Makefile b/certs/Makefile index 09e7a20..9ce8dd4 100644 --- a/certs/Makefile +++ b/certs/Makefile @@ -16,6 +16,7 @@ DOMAINS = \ ipv4.tunnelbroker.net/Starfield-Root-Certificate-Authority-G2 \ ipv6.showipv6.de/ISRG-Root-X1 \ lists.blocklist.de/Certum-Trusted-Network-CA \ + matrix.org/GTS-Root-R4 \ mkcert.org/ISRG-Root-X1 \ ntfy.sh/ISRG-Root-X1 \ sslbl.abuse.ch/GlobalSign \ From 3506f710710332186caecfcd64d9a6d8f57f3180 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 30 Oct 2024 21:52:50 +0100 Subject: [PATCH 612/908] global-functions: $CertificateAvailable: fail without CommonName --- global-functions.rsc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index e5471dd..47a69c4 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -107,6 +107,11 @@ "is configured to download certificate CRLs to system!"); } + :if ([ :len $CommonName ] = 0) do={ + $LogPrint warning $0 ("No CommonName given!"); + :return false; + } + :if ([ :len [ /certificate/find where common-name=$CommonName ] ] = 0) do={ $LogPrint info $0 ("Certificate with CommonName '" . $CommonName . "' not available."); :if ([ $CertificateDownload $CommonName ] = false) do={ From 3c0852d6b829d8babc3a57002991e35f7bd31d0a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 30 Oct 2024 17:46:03 +0100 Subject: [PATCH 613/908] introduce CERTIFICATES, guide to find root certificate --- CERTIFICATES.d/01-dialog-A.avif | Bin 0 -> 29972 bytes CERTIFICATES.d/02-dialog-B.avif | Bin 0 -> 28821 bytes CERTIFICATES.d/03-window.avif | Bin 0 -> 48111 bytes CERTIFICATES.d/04-certificate.avif | Bin 0 -> 22386 bytes CERTIFICATES.md | 74 +++++++++++++++++++++++++++++ 5 files changed, 74 insertions(+) create mode 100644 CERTIFICATES.d/01-dialog-A.avif create mode 100644 CERTIFICATES.d/02-dialog-B.avif create mode 100644 CERTIFICATES.d/03-window.avif create mode 100644 CERTIFICATES.d/04-certificate.avif create mode 100644 CERTIFICATES.md diff --git a/CERTIFICATES.d/01-dialog-A.avif b/CERTIFICATES.d/01-dialog-A.avif new file mode 100644 index 0000000000000000000000000000000000000000..2fc3c9bdd9e2e846b90814f7d1cb6fc130c498f4 GIT binary patch literal 29972 zcmeFYbx>r>(l6T3xVt;d;O-3WGPt`lxVsECxWnM?4uiY9yEC}EyIf|U@0`8wi!b7S z??$};UUgJeR%KSM{AI4SD!ZZ^000n~IJ(*DJDZsRKFXio%FKk(%1qxxT7Xdi008N> zGIrGe!}}-{rbd?b{~`eZTQft)f75?@OEZIit3j|ebF})42lCN!nOWKx{uv1a06@T> znUDG@6#$TR1AzW(M0)TsS@XgDiwAN901&@@(3)mu)_>Xc7YFBKVEkvnpY{6A42(iH zmNtKx^Ec;%{f8r9X=|$gM-ux#Yd&;~xSE;#sec$0X7bZKMLs1hb6Zk1d^?ptJ$9!AQTkTM+c|x z%qZkb_GbowYG`9=Z*6Gl`k@;h0O9j7_2Hd=iG%zt42JhdnB&6`p+AI^y)~DWt?{?N z8bK~YGecW02R8>tV=D))4;eE{GktqEF8zO_BrvnJ`U~#I(hnG5AfWzW08lUx@IXia zz=6riNdK=$Nk~uu{#^3IgpUdhcmsg_h4>H7k5zxse;SbgqRT&~K|z3jIp61l27b_g zWFh|4f6(avMgJ8((0}O({Ez|tFWQ0lWAIU+{`$NxzHb1KBt<1eKQ8nqmLJXg3P1<| z1pxsG0S*NT2?-4i1p|i$4+jeihmC@Yh=z|tNPv%nhet$4M@~dSLyCt-!A?oTz{tYF zLP*ZZ!@e1IhZfFgqckwM;j z0fZlRf`j~3{srY@3qC;*p)vW!WJ8e(R&}8(OkI#M8`%3n!(d=yVdH%IOin>b#lp(Q&cVqgBrGB-CN3eV zsHCi-s-~`CXk={i&D6}?!O_Xt#nsK-|3^SzP;f|SY~0WIgv6xel$_kW{DQ)w;*#o` z+PeCN#-`@(p5DIxfx)5S>6zKN`Gv)$<;|__o!!0tgTtfCtLvNFyZeX7r$4y<;QV*_ z7qb5cF60kfpkQD?Fvvf+KtNso07nJ`CuW2|5s-(}w?idi@`XYZjLEL*f+l5FxIj0s zpMt?4W7+(4`3Krx$o^-*{Qj?y{Ri0JxRwEMK#-5%0g(ZGfa}F=S=#R+2VWHH$?q|* zN*NFD3s~O)LX8J}yK&wDU!J+{-#pLw&S$&>0O~atr+v4X%el{7#p83%Aejxo4sI{= zcYtqg3$1G3lT-X@^N0;up*sOkA8R|xmI~JFmfBQ5+{}2C&n|_MiPxYf8?X^Ks}kiq za>z?RQ(38(LG8NxWwm?2T0YQ~AWsgmy1~yAufb%|)p;ph89O*C08SkLRcV^tpBt$< zX+`uGLK&K0kpJOram9y`aI3!u96nuMldgn|zMOJmKYE}lNNn-Jj!MLCV#UQJ=~hP}_vY;zu#`73} zUoy6Q2)T2K$akE82wO!_t5;~l{3LU@1J(Vbz% z`Z++~!lMQyRvCtEQdR*RAitQosyiGJ^4j-Ovi?uo_-ZP>_s6&2UfCbyz>t?&s-#E+ zu}J_;09)ujMgtYSY!I>yIF)cl^Ms2rIF*{-CRZf?^1HS2c|Cjd)wO5WD zy1!0pa|jc=km4aq0-lnz#f)?FN0+X)10*_!4ybyW$u7?Y?Pj7yM9hWMI$>hrB%w%` z3*gWIXg(YtQL{R09j^-d}RapI6KR-SGxP*df>C}mxPlf_5Xg9c>PpKyWE&;jh zL%s4_igtEV%F^I!3Xd>YYsiFpHq*_P>Q@0NC?J(ewkt+bUi%s7;ubH-u`PGD@}{M0fe zV}(O{`@oASFk`Y+qR5=RYJep&>(?;T#zwgRq!(}2f@pINv*CR%05xN2;z1R?)U5i! zK`nHPx`|;BlyRI1dK)a}MR{3Gm=&LGZMQY>+7Qk*8GC>vUxIB*FvZ^PC}^Nqght0e zyw82V5NqP9prRmrQ^0OWK^BXY^G&oY70wSaenK~H1ud*FfGmohW+j9=!^?dRLymyB z=95_Z=RH8tvc16hO)=@b)lQ6@1QCrmSTQilz2P+j3W&4;=UsX#^Nf5O_V$nk_w3~i zn>3Q0=+^`8MQFyiaQHCiTU4AR%sn=6vx9i7SneYT6Z|tWDGKWyz{xTP`JN4yRr!8Sw77cV+0Z6~q`U-hz-aS^Lp{wM0}M&_~nK)x8pe1Q9I&=kvfjp!`V0e0f=8$>y20G0JU3&*_f~ zM^3qV6tBMjHiVyu-4bs-@VC^T48LJXe?o^udp!-aYm6m}1_e@Z@ZQSI$YU!0xC*5X zGF`F#;ul>Wv$%8f4!Bhwdk35}?8=E)fiY3%Sz{~Z?8MdL83APRA$PyVSf5Rgv$~-N zlM_;mFPE zWv5&FpSQ{00oDv=cgS4dK=KU7oHOWZpI!X=+OJBsczWIKv=W2LYFF@?UMe!d7NUs6 zNBW|tDwq@AP+Od3XUZwRP*)W-eIeOPz67ezqK-a)O8UAHZ{SuQaG6%MF@eVK(p7=k zr%{*Q5mH`Wn}kAXL#)dJ^^$kZBx?8Q{>D1?kiR#xjI}@K*BUAj-mgk1S-j23`rEa8ZOdYerO(l7>PO5D z!2UVcmO+5fo)f~|M~3p?j+v`D;vKLs@UW1sBT=I5>b{51cE$0{G$(TH6t78QYctwE z#z%m2Wn9)1dD7KcjJ;R9x(b;QkzDsS(j5W9A^aO3J&yxFKKfW5rd_Q=Kfaot9}`re zre>d+b+n)_sX%}n1E3^G`3D~U5)ZHZ#Ie+CF=p;NV4d{E6!aBc=vjeY>>bc9_Au>j zE^_b=xF386-~bBk49n9c3hLV;^j1F4#gPSmalY%H^0Ql5%jC(ZA@Rk(u}cW22`}~2 z#Ea<~V72&Ch(1AlC5 z-l!y>u6PIheR;k*k{j>m9q$N$O6-D$g;L*%!KM*yG(#B!2e+5EOda|O&Pm`r7P%ZW zElai%$TcWr<<}d?j5?41){OL70%9YQ>9cueAIPNCs;etmytG%YDcXi$9P+F4(|K7& z=Uot7zA$d5k30Eu#XsEew;h7Njv*D)rAMjFVwxG4#P7C4=Sm2dW8C>(ulV|-PQ}{@ z-yR9K`7sav+u5T}?|`U=cR+>3%W}y-fmXNv=6iL}-J1nrMU&?T|5H_F`F3zWo=Pp< zN1PhvI>bka-`)$DZ=yb&nK-LM7909x!jQdssLQQ2{FmBS+6A$bV#M()sBu1ARTIZL z`P-?g%@5y?vAdKaI^tbJJK;>TgA<9Hw?8(z0oJ~-N*Id-O}}0$rrGuRjllC>^NZ2Q zyZPg$c%Pn~%+5W)ei<<^1lOC- zb(k8AW>Vh(D=n^`2)K~De7YJNYDH(sg$qS%(k%s%_nVQK@Nugw9Mojy0{DGSyq`xt z$#GVmfDn{CtElJo2s9aKp#{ni3%QHMOhl(9_08Ui?_4da-q9?THfIW=Yk|mYJ!{~ zF)M7S>@+y+cV>4}ssR~v#-dq0v-XeX10`fNQ4jQcDUJh&)>74ADw z2V1V*)*~1`szf=64QWSYc$I~qcj!WB;zwL0-OM1wNt^gsGcooc_hdX0sC$adPsQKA z;V{AZ`{w3_x)5hKB!l9|kH_qK25hiE*r?H|&kcsCOtlg5F}WOq-}Q$Gv$NomX7eNi z!q5RI9y6sf($2$Vt0&t(!K`+yIlw|=wN=(ovGg9IeGt}|T)Z#IGxGsP@*3x*8hO-| zhJj=tkrMb~3mHG*H5NN-jPEd)?mafrz9(hDg;JZ<;To$Lk`I?u$YybL@urJugdbxV zkWxBBLE+YC9PO44k()6}WCnX!f_mO9vf#@B;8l-txV8(yxMZ;^%U; z9`*3-*XC-JGoW@`?T=$gb@u0qfV}fhN3JeId%{co^YV{3#cxx5FSmTrAL)9--52l2 z{il=?oY8Ruqy_{ph2p4>V-<-K*J~mk&+5;+YDRSkwNz5B1?w`tR8+DYzIq{>RRJ zjtTwaCzXuscL32!<-zKqhsaKYIsQ+>U%0uw-WVAicSxtdjCNi?^At)8V(E z#+ph3f`Wo*TaXD+XkkYYN&YF)u1~OMTG!aC`_A@6VVavh{~$KmGAG7}sMsVr&Hr?| z-ZZB!TuC{nEL4IPNy+A|ov%NyX#LgEJAyG*S*kckbcu}kipd^avm}u%g4;LVXB%%4 z!jo$+(T*_`6(}jY3dfED;SgEqpY}YLS-XPx=p;L+{KXqiV|i##0EhH^J$=-zOXu~M zEu?^|cTL{g(t@`2Hgjp(+spKAJns3JANnrL znr})m+|YL=UkYqenxvmd-uLQ)qbM?MN3R;mTuPenq@s}u-NA#}x{o`o|WMU$Q&A)(AEF z)!cQU_?894Af+k?gDMMylYDl@v;Q5C!SvnYjm7OFt>89#S$Hu8c_8ph1WsprMA3j= za`|Vt-b_^1sc^NG#A0nkW>sH4O@f~wN>&zm53(JFwV^6IG|KF__G$J+2{Ac=NH_ox!YA+wEg zE9!22!j4H-;&s#uSd>?Bs~$Hmr6!?(fiM|U6A2UyFyxl_9iuc4xM**fHd1Ml?LjB& zQ9L8%5(?0uM3q82)l7zLTFXWv$ZJU{jb`q3y>>uB1pdg4u=__6Jv zVA-ITP;qIk95{I70SDPQ|HQDi+ebG0XCbkIGH<)V+%N@@Tf`ZWp7XeWCr_=Sf3@}0 z*FQnV>sT}tP|$6k2bL^>hfH$$Rs3wOy5AXl9G0T=Mh=`D6Yd9*2O=xNd#bA%N63JPg4S6pH+c-{0^AU z&YqPjg*KLJ8un|nsq`MMqsW3=r+WuHPdrvW%xq~Eg&1PH@JKOyEERJ92$tEyaQ8!DFcKo91qm(eOa>S7aQ&|mISD2&Q(npvK>NQImAtEd^C^< zivnB;pompNv<#N>0KQj%POFI((?K&Dui}L`PlRU4a?p#vb;ohoJAjlQvF0PCq2N1C zc?VF9UYgX<2encbA6@ju4t)bk7VU#nEpFAGyaTp}5uf%thEu)uEs7V%j6Gl`te8$> z*$;XqCn3?lT|(@cN*1IgD%RE{iJSNu1tMh_Zu(MnwoeuoiYQYipf?s<4ezSgiu@9fQ0FGMM}uNkG>c^s zeDaV;i?F4pP_|`YIuMe+;6jpjaz(aL|ZY&Z`-AZJ2T%}szXO)TaXKv)pdl; z!hRa9b~r?{B@nW0YH%%toZWaM3t2gUIX`J-DCF)A=7390-8hadqqLn(bi-2wOn(Rb zSbNgc=Gs~jKq)A;)vtoMpmbV1!+z6^J9FHx{2rfbb_ro2h5h^Hu!6MVS$JmT(;`hw z{z$JaDEuO9G#}i3MgMw_25a6SPkSbuf*55o%nrCc)F3`2+}}BvhZhWEBTWI@qHUQjyWJ^d_8_EL1VuR0$0Wr zJBn~DB^U!3l09cxSSF0AYLxvwjwPLSrsv~08OO2&_CBfq@mf7HIHLK)5sLVT1a|1K)#^~RE2Y}|Km>(32^ez1$pqGvmGShIn z-g}d1)|Vj+o*i)(j6*-8!@W^!j&fPLg`h=eEwKr#@^F1}*XBjLxZi5{xJJ`0Rtj6; za->@il0&{0W3cO{1m$5uLtHzq5AMt-wp{}*%@*?NT>E!M150yyTX}zaA=U7v%wSX3 zL`R)7q5j7^AybX-e6gZL*-)7sb+la2QA6R#R^B!6HAmqo41%YD;w??VoR?&lboyrh zZQ9jyrC5FkSHQMNvO=85Xye;j8{|p-JK(yT{&_=gev%2y)Q|!}Fdl2ne)A%pQd&~c zMwaiIb5?`fa(=!NL;p|FfE3^IE%3WW5|`UAzNA zZ>c9x%v1)HV_ggFKZS&{U&KYC*=4*Q&wTGO`#AUf<-J}dE2ZhW$RvRB>p&U6Iwe!4 z4~dCelTnU6ZZ4@Jx$OBWiyYP8JUd@C=qWk%RR|k7SBvs@05Iwupo&j9(2vv20l!s1 zxd;BqKxn|3V14suq7D~V(B4Y#6C~;&$hOKylv$c zwt?%SCD~^zz5R$b*W2^ywyM*tXo^^FMpEZHfPwGSq zcql82a%8z^W%m;TkRGzu_T}FTDV{$yygc{413Y1P8xVJNgB~GgOS~rr9^L`T!w>YT zZL<~UInAx?lsLo+{8;3ihuQ&59Jyh> z<$vc_CZ*n3Upy|;4v;gTYsoKOnD|D^si z@lY|Z|Hn6=N#Nf(MnTcvZ|;ID1oEx+e1`&0z77u$eWr2n)-qiJ4Ze|<^;ig=<59;5 zUFF(K@<5ThV3IJg8SZ-m`?x!MXtRlI*zvViRsG6`u->Q4NLE?sL+57C%Mwyi>s)Zd zN8~Uzdqi?zG`&{ z42RV@Nt|YS-j88rA5za$aY7eAkIa^ZG}UU=0KTAsz!#g`LmhlaFB4bpxu!;|OU+%} zFA$s??6i#=3%^{y^VrjJ7j*EH-Rlpk)+=OH8hAb3fEM7*-#4)La?yD=$*h@_qsc4j z{hxNlfAarFJEYQFj9H1nILOXBV1)IJ-X>rAwe%hE)%)`Ntq!24=Bn|uu%(l~#qQzo z%>fXB#&`_^;~x|54SlZmMt9K>+A6|2mMf4o@s0Eykh?m93w^pUN%#)Xv1oXkdj}No zJ>0(oG@?#*pA0|pNblPsU_i@*Q;Au%X-a~>7g|b2G9aLREU13nS>*Lv)1}oDmR1z!NVb!$aZH4(} z4Z%0yB~g6%s>B&rU%$qHtF76L+g1)nmifUy1Klei9S(sb*hNdSJI9_+zlqiqUPOx- zO#|F_QQCpedSOv$TLr>dl0(sj>9LiRhEtO}uduP|{F8NQeYpHu0$anxkT^)>`NF~A zU9cgF#U5@2$w7|76s$XezvpXKGmPtU05-;z4;W=X0n}L=^GEP!-;%?cg){n2{3uo)P(A&|sw8Nh#m^^4PRb`NWd0g=o%UUzAVP}|m zJQyMc)j?*GRBT@|OLld=<hI`AjAD4ol0KE) zVBuYGmO)1jM?7dIQk=Vn@ONjP%Al-YcVpGu<0fjV#s{w_RRsx0#OGgVst=lZC~2k) z&PRXHJJl*eB3IvI*=Tca@sp?SI4h9%qW-M*t?l#a3)5Jd=0vZC5mWq?T-T;z&to0) zt=ag9wc@?6lrb+@u(wSd(xKu`*Wb_ET0d=UByLS5Y%dM5T}>&3g`g`LgC$1E!hTEN z#;H!iM`CC<<~744i;41DG0dgWsVnVPieS0pH!>E9@7niX`l_}gHI&UcnC17C3O;ik z+D#y^C!Bs*AKcKcg8y1SNowr#cR9hAIu(qhV*qLPu)p(qTP0h8Gpc2b zw&lsKpW6ia#nVq>+K!h52JEIyps(o*OH*e_G4hjN*67ZXoFqx*EQ{`i3t$wH?KK(G zk(GeC%|3PLj2dgUQAnO65-_$3kyEg8>qeASDDYvj7^A3H?aP(gt@Sc;7_F_K(=%#> z?ZR_Q8@0f_u$YZn-E8LI2S^6tdfb9k4yC2-nS&qYkRd_!qa4{ZSai>eW3Dja$xmxP zdTt9zc%o<+O2UILAFh0?o^>)xKOY+Idh>>lQqYo9Vg_3j0CIpUEK+F=$RAFhCEVl_$U(WFq&h= z8r?DD_=2X7!}0|ALVDCi9{t#xjRHopyND-dVaIWu!}R+nAwOl+rxeQKA^~W;!@HSWnv-8K z`&fBQi*MwozYp%y2ENbmdEF`^P*BzVh`icEW^?NCFl(9&@y9Vk4nmOHy8MaO@awC} z^(>J<;ki5XDBWjSunqi+l;|J}2K)q(+TC3;NDTJLu=B2q#b(3TFNZ(XdgCPKHPj+I z#V`qsVy=5#a&5%5fdRtd&~VH#V!yC1k8~B%TC+k7XGVA}T(qPrQV{h3l8wAKXM=mV z=KP>wM0xo-8d8^ly(b*zsowF3ixEbR(r<9(}^qUmnthkqcfK zt1jcM`n{=QAIWj}q(6o?9_z-3V-kOD2 zWcG}7bzN}K&RQw=>#xkZ{+6%mpLJ-dg=RRf)m?qb9+MDz!j}rjnhIjOe`^lC+p8Il zYq;e|VaD4UXs73SB`8kL$%M!H!VtcvjHO%@I!7rrvC(6es4gr+wApV}U5gg%JAc~w zbiY1sw<9JjIq$FLe-=J-Owfo|=uM+WfGI)dg`wPP`7Y)UH?+_5Om|UrUv4Y%h`pkF zk;=`M?zRuNn`NNZM2dncX(*+dTBA{;(5`QnAN-bdrXhWQtEknE;`g~&UM!<6nmrCx zahD4#W?jglt+-A!pzJ%+nC62$?mY+}G$yNzshz)l{~cKx2VFvs)=KL!um5(bSKmb|?RN+I@F_yPEc`%;c)ECJ&^F&5#=4j80_tkU2HwUb9)omtKb zE+jI?6;M^uU64BGWVew~_)!BOSLE2QBPse(+4DzcrpEm;90DFIkU23k6sIUnd38ZR zAUbBMihL}*Y7^c3D}t`S6LI4Vz%r<5qewh*AUiHwFG=sT!+fMirgG|-H#|#+sLBys zWXt;ia$i3DYy^9tdy&1Lhwmz)P{*K<`012_ZB~LnxnUo`(40;zBm(2ayq9gaKX9wt z%rF|0S5$B!m}a2(wfkiMY7+{!)<2mqw1uNsRBIa&Hf<`(DWiOO6n2q0I9n~gKB2|= zK}B|fqQA}$l_wPJB>K~2b43HqE@$d@gxuW*ml&tXb&Yf}SY+h!Db$5+5Wo@|Bc*-S zw$B$yh`ddVUVN9&8o=Z(L))Q8iP;|$<9SNEGlUJR249Yy?ORQ!S6z*44@IhL z6{&!CKizVgcPTIOkc+XDUn@=_t;gxLXf_M&KN8}xmL42KR*bP_y2JtYS$E&&ecM{% z0{OcpLVYvD8ZlY`$mM;9(qKm6n1KCHTIG;+US`ORd*8V@Fh7r9Pxh*>G+zBd)pW)z{c#K4tt$8=tl%3)-lEi`bGX(9cl z$E8OrEvT6snd6&t$Y_!Avlia(AY62cCS=}EsgmVp7}>mv#Tb!2JF+CkC*BaAgvO7j zMFO|BGaUGp87U7{+B-S5m`O%70$T~+XB>#c>0PJ=+lmh2_jHENDeBw)UBJTuPvW@& zhc|HMH*1;Ie$mykqWKi8`l8tpf?r7%Y;Umhp`gX`sND)vK!Czvd9`qX&5 zf!ng|a(LRsc%l0V5DN}BRiAjfbvnLh$mu|h=<+CSwrv=?V7w&khEDW9#B9-CTzj1R=OU8niFnANXh1Q4A6B-OS{p82{^D`dB) z3(s(OJEN3I7#?6=O6HqquXN#12^MKxo3+iJDTxg0nrdbC+>kq_&u|2e1=7U4L|Nu*1r0eMr@9CxRA z+KK^+-4hJR_#gPJ!V! zlM{M;s+(<+kD)`Cj1Ui3$m1EEwOSKwU5zLXTr&@7TKjgwlJ`-T)Xu~SNH+YhZ%{Y5so~3Z1IoFlTH-uXdvK zC&f`q+NvZ#VHkSB%#~cq-8za1NJsAKuMlD15blBjX`{Da%rzdco8{Db@Hv|91}+! z=OcOU=Y#FXPB^Sh&N1IO2GzEcvF-A67;iB*>QBlRk6%3#&8Gs4Erm9we*qJtLWEmG ztrjEr@;!`dE9)tRj3${C-V}hVkH3W!dv~Hs%aw-7*)g;g&597ITNFa)A88a$`O?!v zTjLja62Z|%Wi8wt8qcO62Gm294!_<)hP!r8B}5}WE{45DJ1(_L{EVlbozb%D3TSsWKtP4mKjtXgKIFHuS)S=MaH<_%w-0p()I%LZM!O$O! zf?Z1yx``DEXDP=G-+y`Nwb1N7t?2|D7PuRJ-hBpUn!|(r4nH?zMB4Knp61xZkRt;L zS|PiOT^bHaIVd)6x$0Y;f+#U|#xx0~hT6N^5bbc7!iRf*!`KKgW$xyyZQK)clB+O` zTgGd5Kc*n;?4*5caT-!>(oKHq$0dm`Za)pF|WglGw~>fxM7iy6GA27=xuf* z7wL*VQg3xcnS51ig;Ujz2K}1J-B=$@)e`kZ#>8s}LM~knQ!KuJh?G-ZQ-pE&Xhxa0 z5u)2JxZjQGX&q5jymwxgql>k6n5(PMX^7kPT)1m-O$7O{(2rvxz{Ccb?zbF}a^WYO zrrTtG!Nb{JSkt5h)&?cLPO=YdWx+Qq>!hKaXTq6|#4{W?kBuv=GWksNR&+~zHeH+H zQYF>u2P=AkxKkf~lVHt49;(PdL}f-oN6?{OIIVtYXA;>m9% zUK(en)yW>SwnooL^CJh!&xq)*15c8+Gq=%1*$GF5aUj34%KUN}g`A;T@}!f;12gxoz=0OeZB51Q zVFE^kop19w-5qUP0hDBS(g_3DSgU%VuJz+E{oh@``b-xI~7jA|@VZhDJBO*0}6e@gwrDy)vhA$uAARzl$O z9oB?@Y5dv(-oLG63I!+a0^g0xMQ4OQ?FVfdBG+isz$5s}eC-@G#zx9Ht2F+uX%3Uo zDo~+dt##Je*E>Qe8O9Of8Q3h$!x@kAv;MduG;HQwfMf_{m5k?8dq4qC z0*ITR9EPj==)Bi?n^IBOgs2Hf%AM#mk`tdDB+-vsLAqq@2o8aVs0^^rD~*uMB5t1SL%1j9-4K+P2x=U{Bxlrt%_y_E#Z#n8o!m zQ?f`Q3*}_+f=jy;8~#luJ@WNt@>cE-^yjQxVRdMV^I3nd7qs z;s*78 z0&9Y?$D zh^#NABR106m8ZGQ>L97OTAnt%0-gkBL*8xR`H`On5mB(`8RM=LkCt9IX`4MwFv#m~6vs&VKooHoi41u*75 z9eo**HtN5fSl>E)NIjfGG1)=PT0z)DBmb!zW12r+kp6w)oQ$V~(F8XMwh(Jsu55XTxar1f!*DR4zk)pVy5oF&<|{ zlmd7LNb1gw9EgL-qywDG&KzYVUP`~5G|=62u~~P5x|Co!{INDdYR=Dx;YLlR3`l2r00D_uK zjx_DyEE3C7zpRdI3F>_L>ss#b90YYl7G8(vbL(YJPthN6cMzLf8eBD}jKqjnsnDoO zD~b47vJurW9}O`kZe@qX6kOp#4ea(rcSTVt280MN+z6`&egHirhG&qEvTDo8e>z3Fxp)VcDNx}ykg`c5D%pUL!#DV? zzcLx2sjSlJ)SAJnPL)$P2^vI~gN632d-wS$=u8*hd0v^uSbXOd&Ni>+>!WPjM0r)u z1sk=@FIMOg9Dg+^g!4%PP6g@Koa|HC>PxjOmMm)Apr8|NS6$A*MD7YN7iiWbP5xEz!L+qMr$X~V~V^LJ%Lk(mu&uDdi zD)x1oUE$7ooewNIRG8!K^*+)|*~NB11XZ5keI;)hpr%ESl*8(m8zneENRKbM+_MSvJ@w54Wh&m)X<<6?8>==b0O~fI1JZM1*b3La9Sl%^n?l2kdTBah2+y$kHhn zy}_yl&G7`{{T{DIE`xp6JQ+=3oksWwpok=^>vqU}%=HhI;hu~97~3SUCvdJQi!_)%h4X^`P^YlV+8u26DKoGnMcz=p&xI;HvbbsMR`|aj_}lpA z&CcZnoxJ%R`l>o%-{7QD8=PP&hx;z=z|GyAnN{*z-3;wxY1WdtppnU{Fkw=fPxY%Ta_fvJY`Tic|7#71nnN)_5AREi+UM@uh`Q}QAE(a#LEJ`Hw~tr{h2T|xTj5< zy1VDJ*TA{6iutl{KRL{|%GxYJZ*SEL1|RYUP}vFJ3ZuhgS`^(!-#!4DV?kAiJ$jnX^ot{zF=U7& zMXM1cxtkA=d~b>SxrzHE-!lJa%7nX1IdLS#sbT}cFHm|!x z9%P~Q?o!oSM%H#xc41X7_u%`2nu2p8`OA^O=akShpUb4$bwKOYWcqTg!hJ?&MJ>bJ zPGRYzRv~9#oIV}d7sLuNF0#&?v}(TW^QL;uZcn3bF~Qe&Q-c!IiimD^;_E5tf^CUZ zQy?eq4~Y!oCcfiZ?F(Q@yOR7clUKZ;?P4-x(;I=GJ|*(Vg06#jn>|5x6YD#CW{#M;D`I-6#vWbGG`yHOWX^3MshAdL->^QP?moV?{C z-Y{mrM0G={6X&%t8mQ0Tzb3EBZ}?J{jsKQYc9QNT6A1@pXxyWo)7N-NGTrgqF_8Y$ z9s!2wB`o_jkIEdOBGrpz>CMi+%mN~dxeutHh3`1J)}&f$Db@ueb_dU6BtgMTcxkHN zri&{BV}{cyj%jX1bIg9SM0^sFJoI;G0YmNXROmVf6iqZOI*2y}U1eQvLzi%<|! ztv=I4lnKWanaIfXuguwJqQ;3}cl0h4zBUX}0WvcZC6C4LqK>wIM!<=l3+y-K8y9|T zz~agMN$j6pSyox@@Zd#d$ci)o83kZ8OVKUVjTImv%EJQf=sv8jhQNXB&%RLC?e|<# zg#PO5!!R;XIcN(Nb5^0kD6bucaKAso|Fc*4D&Fh+HDHK7DyKghnc?QX=7=pp#kK2g z{Q+Rdx823u1uOvl(#J8!BwyBfh58w)DKB)dmCRWt5aJUN*Zc^UWf+hC!(=A2sM+3} z<3dry)?3mu5+g{zhLlzKf`)D#0wFPz-PSw2KlS@Nyz@#q0$?*5$D!JsB%su>!6nNTv;{p7E_Vo5$H;6a9Xo+82fToz?e z#K=O76LrfAtKU4bN`TXggB#MMMGMyusI)lZJ+}obv1F*Z1M>H5^IwML8#4l$fL+JP z(>HR3%tq>h9>g)Klr=n9b0!7 z$Dr`-nn;B6le?lofb>UeGTiDdn+V?(r!;3$gi?t*ra3*3R3r$nJ(3oH+R+bavD%3V z+|-~y5Q{AkQ9vEk@EQ>leB{L02xjCP2^v#$ej3digKSsPY5O*V{LXkcubtwxA1l$* z2e}DU((`&)b*sIz2Rdn{zBl~pJXxSpa!2tly>U-Jw6cIvBi_y1RO;7u)W+ecK|Kyy zaVuypC_lVW1lVqlN_{7LEozLwo0P1agbH{Ltz%zCp-Y8Lusn_Wc9=%HsB1yQb!SX% z-=!tNDjy%Xcr+qvrxBSm*;F5^m123s4lTqg|8<8VG1nn?MI_y2b>&&+G4Q^PC}uo` zy!Gdz;Vru;HID5)R99jq3VF6FSUMRzdXL4xGe069koBoBIL+z@7QZuRL#hMIRAB9f_vRUinjwq?oOr0k&uhe+cVMKksDcMuS{|2?T85V zTM#|%{R4EfH)~`so z?_-u*cb&iX&wQKp&yM)s5IcoInM>}&k50?=|@%S}+)+z z8*uAk=?bp(6<$fB%Pv~7al#xA!`3uj!U@LyF)Bg-`=e!tM0fs=fP?oL5`*&EoXT<+ zy5pEOvm}x4Papp_kvt^%itMC}Dn3)of?>OiMM7nI_%(sSJU7O~lizYG8dq87?SBPj zFPhLr#c&G#W=|b{Erqlw@Jgi!v1~Y@z?*-nrH-AZBy3S=F*RG-AdyF^98I1D;i9j- z4k2i<83bWf`8m(@-JdQ-0A&raoi!jR~bp^IICl3gP@U*C?EmOo)ufrzX{<#*-}AV{pw7Rqn)N?flr2%5P8=r4kj?>X3p!Fa&?>?D1Maj^_0i zpveuTl2jr)oIct-vzt}-*C6s*$C&4qB!nQYdqs(jCcJ&y)~6plXYTMsg!bg!Z?H-J zlZSZHN_`zk#8Konnfz6wtm3@xqHDq@^8f!K>6vS~g6joXmbk(QQ5eM$@D|4Exs|^_2^x*vZ_E>ORic*2M0I5WX6P*zG$V_Wk&ZmI;8S(>R&QziUMB3BS=EAca&j z(z1VSfF5&Lw+RAmpJo&r!pTX`VQ46NDXJq~h|o-S@2b>YD~rQk0^OD@Xt_J< zZCN5PH(J00D*=ynHENEr+pM*gei88AtF_J8lyk{S$`FVjO)by)V#>$KQ1v;XEbC-f z*mcVBO`W*|*;e5?YWP0Ma*Ka*1PPygP+{qvzkp^{?a5vk{U2z1TgRjLpwy8JO ztEtYUMmcmQ&GX^0z}I=8XeGgN70qZEJ_1T%G+Q~%|4N2=c1vSCTKc-q(~`nsVuYQp zR;-t#+A!;Q2o2yyC}Ouj9D!$JIzn|;VW?$fp_hb<>jR~S7yu{*?>u0hG<*}8eK_NL z>9H<``c$dQvU^1P$LYAb<3I(lhADvoFT$1NTrhu+d6zR+|Ags!U*mdwforW)fAUV$ zrOA^s!c3mot(;MiAEc7q4ODyhJh|y8(dy{DY-}Q=ucMspT&2g%pM6Q%BG_aCaC~*S z70Xs1MXumEseY#^B{wMak zAhM?IK1k(RTFg@lVA*%Raz%?vb{I@YjhaQTaHn3$pLddDY7f3BZF8VDu52ca-LiN@ z?b!|;+@tX%yr70R_SN}0d(PS3cJ%V_l>(*rHYuTrYX2eAED6s0E%TsM`oWsCssiv! z@(-=XK=pM{`fij8zGtZ`4s8)M>bc^dVdRC4)krhHNj@gOHXpE+aK&iAM;=yeZ0eCN zYSySB)Svl3@1M)ypi)O4z-+jq!uU8$MK%Cb2+ReOH%*+pC@rayyYZZ%e82- zTqzqQdm1~g$P#1218sxgJ4||i-7v+;BtM{fY zm+Ey|1n-?{ILj5B(&1Db41gBYJL%20Q0Q7S@w`E+si7;K0Hhz+kxshRPZY3223PH4^d)+7zc$$@9yx)Y zW}DylBBBuWUFcnc(ofuHWl4ra;%c7J{;s!xOO(*Nh!gmf`ylB17r?8*PAVqpa6L*& zS)_;RSB?TU5zJ4wOD%)k_VJJXR_H7ToE5roDwGUiK3WkPFfnG1ZUEw;6CIO-KtoL> z^Uy(2K7C@EzTxgpmBpT|JR+ELnINF2J`uKQ2EftOz8$O#bjog668o3Lk;e$hlWp?Q z0$H~ir+=8h*HUiZC|uK5>a&q6pRSgLcDbGewsck%c_42N!W6ZMlQD}1u!f-j>rNQo zmV-`Wv=F4TB!on!knKYBO?*mp1#1fm+5@0Jo+l186K;d@Sx|>~0qU8+dV`7m*Yh4c z`%IX!nzUp6A*m79O2M_N*a1P3s9vH!k&HG(X;XYjN*?`d`mD~=x(3pCYM(FxM~v4l zJy-M-1W+!&Px}=98(6I9?7;(qNJp2FSE<+_lsCXNek^JbMaL+sU~lWJT^W*wVdmQ_ zDOrgjNvGyC_1jO2>E*HjXj`To5lTb?ExRcEcjWY~Iz0%5oWBcbZcp9|LDE)#Nr+|m zBvKuk<}lN80|@`LOS6W80ljSf_sSrAoNridC5%LpqZ0m zv4g1z@|tj9pil%6nJvP__JQb*2OIo5JQ`NGsWW z^v^b5VX{7h?&k_CfJdN^tr6gn%Vr8Cua&L1+rZT))7MQtn=^tz_6Cy4zduoH?#ZR3 ztW#k#4~=)Yqo$Wge>yxxZKvDw=oKqXlilI_r;G&C5YlmWe4{Cz@JB~h?u z4SxSQ*A}W&T~Pb0)zTM&qJ*PE9XZ;H7L_yk*b-sRQc$8#36Ay2<4DmlvqF!9V3*d~FP$zVpx1*2 z%8Cn^$fz081H-T@xL<-R+l2iMV9kzZ+*PS`G$=~Bfx^nccIhFGeepDqyLhR264_@~ zuhX$fcX{h1z0WfmJTx%jg^i=vE1q5e>#p{$68-QZeP#o3%AE0;lx#>yw<;7#c)xQe z!o?B(=5FO)u|%}I!F_3o(+u( zs55^k5-7@iIaW-b&j>fI&++ZVYj^B)yvTj%P@xtQXa5KIb0x{AOl}(0T%&Zus&`SE z>8_cwiH@&2EnjNL1M_E^va%s3?lBnHjJ9i8ZEtx^Ftnk31piUT1r1`Ma-;ZL3UmUx zA9l@Qz3&>ixO`vj`WBAZb4sH(vAtvhYaQHPY`Ab~0u%!#_L7liXyY#5(@=q6h|0eo zstSkAmy1)`i=Uzne{C%APsfDYiXV{q`$0EuHX`LnepC29a5pGLU$13o=GPSNXC1q5 z8}V@I+!5Xn^X)&C^q0|EFf$eVEDje~b*&lmW=jjiSs6>uz;s?K1sdoYB2T=fSmnRoi_Zjm4So;Ea;4=6m>;JM)@9u|!@Z zf0$i8@-AZy*6#Y~{chbd5WKj2>J_YmC5$B-d`Zt$%m4a4Ua_B1r&xUo#CaZEziGkn z_Bful{cac}#dEos^RGZC59*5m?qhkZSK42;uvT{MntjjUhL~s?nw}|p_Xz}Ie`ecz zYXsTxMM|MzF^0NKgiSS8n)2BoA<@#{p6q9&~*ueo=&%LW}BGhjz! z1-`ck1aJ((O40RaMk7DvO%JW%DB1sVoEPO_VU5JjldLD0^gYdPckY6jxs zq=YgOD|e30{!(7Ip?X7L!HnApY8Yr?^sef|);7b-LzS3h#f#iJ%q__0n<{5H<8Q#M zxK{!NumO=(o*gQ9^U~dQRl7{7sPwr2wGwoXADJBgzpaIdvS}U-e?&2(aMPtIlq5>9 zv~V`TPFm$(R}Fm$+d$(~+DMMgSboY4u6Y~V&j4Yeo&|cDiA=&yuzvaf=WSn)Yl(i5 zB}>Gx12XcQ@cywU5m+ood`gZO#>L$M)fu#TbvG#)vUpQH&zGU8L_#M0^loTv4c#Cyf zVatDHYN{&vplGHa%6c1>Un)mX=?AmK_z3zbd(L>Fp=R{J# zuwXaZ$l)Y()9n)uiuaI-9{%*#v-iN5x&bv=!JVqK-infSntAHhcVU7$T)iYN;CoP$ z&mnBdwnp=1F z_1FKdHa=4|jAvadj%087mc!4B%!!Yv4bU_DSGLD%HUueoMKrPe6xO$!W$wyx8?s|z9u>gE!_sNH??zS=n4w8O0i=AhLA|sS+`0)AIBFQbK!vUS zn7#c-yUq!c@jO~)M$vuo&oshr^`oEfL(`_~I?(4U7+OzElqOY?;TS}do+~|W^Q^$< zyya_;svnJ9z^t!fI3Br>=?lf+4}8#lB}OqNtH*P*{J(+t^|X(j7|+W6m`idbb|p4Y zzNXlTt6|&9_MRF?n3Z=+>HP%4+u98&AkOX!UV?$DDJLsFzzR}`%s_&mY6Hc)TDRSZ zPQKJR)&%#w#5%}AB6Zv;u}Yh3xHefF1nj5j7tq#)+d;|@ep1xOH`&RE>dnY`u?eOw zED4y?-4sGZA^d$$fE7ocCw?;@c&{3;(x&jyf{ERY_&hjJO-zqfkID%qNM^t$OX|K! z!_CS0_a;!)T}HwSbtezQ#OSy0B89(!ZDCAKr6M4n?|h{pWt7Rk^?UnRIbGchCQVx$ z8PP(7U&Ue#km4#sR*=49s4vuq)o}18#fa8)v1U@AAS{HhSP+Dl#v#yjW+eGA+_1=$ z1O~u?kJr;))=cYP25?`rZMq4z<>tH?PW1Jn?MsQ1g3s-QJbw5@vYDRQp&09I3{n=O zRsWSLWt1{=mq?83$G1qZSL9hMcZN1<>&z-bBVCyyHmBa0=c9ZCV2VU%zD;%_%&+?( zbM*pyhRb+s{DeTt%zscluIC7%BjIy6rXfXkq-mh2d0W9ZVzaB z3S^rdmt9c(b@nC$*U@VTjSwGn-_4LZ*TA=Gmcw5o#@PPG4As8YQWvJ z`x{uru!hO8yQjK2pD3I(wupcjLxbyoV3j|W=wt2DKZW+iqZh08<@(>@;RKcjq{BOK zLwwO*jwR^>3C(f}73mZ9;`e%EIL&?Ro^cH&xZX?hh-PUOT{M~#hAK@yesN5>PTfT9 zjl13F`?9uQzVezk$x2SxB7`x@=if*tNJVOq$mUVtscw^3%@&ug!Mzw=q`wG|Sxtqf z&C)%v442B12@-Tg9^AG<4Tbp!)+nmtMLQ zJxh)J>S0=~k}V9RekAEOQ$auWk}9MQlH{b-`2b~`9#py$xqh@Em@jnH=i)m7TK`79 zr=v`vpJ(vXTIf!y^Z!Ld_*KFp|FCvSb7t$VNOg1x;rhKxREH@Ojslom#MgcO+8QSa3%u0CiBZNbpR^KVP3bNB(=PZ zHlvEnJxUL=0sC9#nVy3WCckyMlB9EN%w+~hJ$7fx=&o^^x;SWWK31Z%L#}=Cv6@tR z@^g;ot{&E{Uv{UouYU1r^`y3WS?96rZ5=1zM#zw^aVNntt8xdfPBDm~L2K}&*-(z8 zc^0h~J^b@YBxzqv^gbyu7?c6#qNf$RFihWK>nw~8> zL%I}RoZlIm)`&5}G0W!%j`1*($lH9K8CXGQy=mW8ZCW7F>wD^V-Ar!!MtZK?XDYQ8zi z+b(_tME1#o79+;x8lQ@Co_T{~xG@UFy_jV5D1^)l56qFiWOu{if-U5q|TB73hfZdLx*sz`P68fPp?X3v!JWfSuVB8L_O=$ou}Y@jzqBWai=pMFySrr)IjlQky%wb|{?ktK4M zo~HFmIpCBae((;;G}jKJg$b%#@v@g-q* zDkmdl)4B9UgY{sQ#|M{tl|7H@$w5$c)5i}d@yyIMGVgJwGoNlr!vU1qGX?$@59v3x zsgWA~@HQO**}5axR3d8zg3Q?8S@J%phq+`rk$qC4oduMHB4V_0XlV{l8fE&j!yUQ; z&0GdTI3?^C*Xjaq_)q4S*&H|)(f|m01##^_;2{#2TAYRW9W^#*-&{|dIWrv@VZylt zjx2A!%T170cpE4?IQ6G#=E6l>{zObwQKD%xB|$5mHw-VowG3OU#-He=9ufbtM;YA{ zDgf_x+>^2kw5g8!xPt91DJAs=EWH`2eg=jdI|P!rd>M02_n$svpH@nPCzu%qrRNQ0 z2;Ai_lyAT`^Q#OydXqsL7m2nCzNW~JalgmIZKSH|B%-xY!}5u9b`=k6e_HP-alQ!Il6R1tE5CyN8EkF9Uq9^hnPT1@ihNDND8S&$MJ* zAm=%^gt(ez<_6_)D;PBD?sHRerZ4L>Tv5)3x1{?^bs!doKPQ!=la+tsFP1+EGEhud zKcY^G9q2m69hUvh4h<{Sf@-p;pqe!;%eehi=mdMrcgoez8PpWTkZNHWi#o4rJ*6_s zA@aVAmIv0g^%bIL{$?U3+geLK4`; zuaJdE(447*&^02Nd(Sw1a2EKl`_~$zUncw`UkceT7UsN03jE#w89uqwrz3JUuFwU> z@YoJ^-e^E6AwnQIGAiiE91H8YZYY;S;|$wb2L87*sj!HQC=~n+nRprI6D35G#o(F~ z+pssw#Yk3)d5^nHfj(!FiCVkd1j3of*3eU+=41XIa_+HF6rf5k=lVG_DGVn-OaiKy zB^f9)mcT_QO}CuZ+S`FygV|U2k<;hs~O{!MaGi@VLOT;XO@ z?W8&Mr~A&vwsO+S?Q}WZ%(n|uzdcWbPmm{R-mXTqD95i6RBYh0N4s zG6ud4`?AQq#1emeQ|Bx;Cv%{^Q{LsC^lE8B)T;`nK&e!VdaUeXc23_clw}!EYS9wtKxQoA2 z!z?+{0Xdd?ToM1Y7{1+&1G{g>CjmMi`JC;}#QcLa=Pu1E$f z(1U8U&@B47CSGDpVSK|j28ND{e;y6B>{V;64mLw<{cF4`vqo@5XebVS-?(Y^e`3ex zNO;J@LKu%w%$W!kMc2nr+qMZ7cB}f%RadiTOuYn|XyDs7sFK>VRcW$^!njH8reRq2 z?u|+!=oKofv~OUXX{f8A*dM+0Q%MrWL-f1IQAEu1EeDOlq*XWRiDKjL4g+-xxv6xwQGG2FEPp9jwlLz#d(8*6$#A+K+ZKb!RLpZOv{aY8->lOA zSW`ycRf>kYhCqlS!PT*|;$2CjYb^tmG@6wx zjF)XiJDyvS%79aQ@rk53j$aB}`l~p#9Z$MyI!3ppZb^{kCz1)bUvL?jCA74|MNiTD zh0Smki#LuO`$xD6VM)poyC`s)g6~oJ)rb=7Q(g!7el0pk=}yW4in@M5ij}{b!!1KZ zaY)E(UR8&|rl`IF_GWgIXMUO=o>y&D@{Mg&*v*LQ*4UT9P$VME**n+cb_uY*AX%QU zC!I^xlxd*X=%63L$7S7DZFlq>ymDz0F86K+<5N+Lp=Y6)MG1(9yrQCbTK-=XneZPe z1>FC!h!->q^8lE&J%Mkim-l%ZBQgd5ig`JH#iA@S3zr|EFOdv{tQ6n}VU`(7KSKx0UwV|Dk8OV(PpYV87 z-oIhIB&LB2t6guV@*0#dPnPQ`N4$vfHDK;(k*1hRCi%$`(p>wvokiwk%|fv_22mi zm24R#S?&=n;57KedY!Jn3=+(C-TO-zxBq0Ea%$wY;@6Z|H~H41^u3n~Bku&8Z;pM& z0!4xD{Jm&nbVmE_PxAXs_X~jMKb|vV`DPXt4+D3y>p)v-8j?r5u*H@zKu0SEheB# zI`Nez=pD%?p<4wdBSy{CG9)R%@^B=*9%_4SxyzB0)ujPgKHooE}h1f$c}ArEF@<3x4A`i(8& z#E-T5#&a9?)3|Ql=B)x*KWXnH_Ol5mDxwpDNG{D1lSkM0Cjv?~(yl3Q14j|PHTTcF zbeQsP$^>@+L%*bBL>hLNwI5`@c8tTyS|nE)D@-fRBYWqDi&MkK8mw+WIj1qcqMS_| zDaH~BmOWP@Vgtbd*`2udwSCnkDm(xyQs)z_cK(p%bH9OIt%p(GBSP|YNowr!!|t=0 zMNUcQc8fx@3jrnOwK`s@WsIQzi^w6_6Y9>e0^us_m1~%lz}qkr25@!GWHfx2A_3Kk zG{dlOU-P-l6i&A|7W)_GBnhWrkg(#Z`_)@NrGFmbC*|66I*_;UEM03jIPMM#$Zbxo zbA6qVN3M3laG@tx@YWwTL9&{YgCuVqP0o4+x`moZS6589;n5IpaSH9tPnmk1F6+n1>S0215W;LLNVcDywQb zlzO)?MoTqj&{V&YWS!mz-cP;i>t}+xu+m2oU1bg3obw~!>o^&HZ+q5+gG5#A;@TZT zHnAYj+H9ke17Z(qfuFP^;M7FJ(Pn!y-bDC`jju7z$d9h)|1S$w+USgo7 zw0e%LtT=LCic#*VQjYlA$@2Y8%?#FL!&*e0{tkUh?RLQH?W9yw;ioH$z?#-1=1hf% zoRh|}`v0cv^B_>}Zb13rn>U{>u%bWK8xTli5xK_NnAKp=8q^Iwc>J81|Ni29tk4R( z^hAdgls#@S)4_2UA1|rog_rF)u2XOx=EJ%3#np3bo|liZTZ~$FFEw)y_WXT>JYe1V zZmfd#6Pk>WA`?t*GpSj8ov5cBj`nk90sY}$CawG7?87x2*-eA@BN~o6%)naZPqe(p za_%m9MRdprzcdimQvB6(`T z2HfmnX)niKGBW~DJ4#r?$FE2@DpC#0JWM;Cz)IlPq>VmYda(ys`!&!dw|m7z`3&-g zjSy>84cE>06KS=UQt=u!!5PfU!W$*0@s3A)d9N*4^Yd%AL{d{JH4h_3SD@iF{nq_@9t|1ee#S1IvTrWL6G$lHmW zW!ndB#)H8gG^J(T5KN#GQfl7tNjS*bG&L4zvUTwkZsN(sT>WP67Q8kXqvPg8-trKH z{Qrz$o?AKssvnfqX|Wcim`5aL@&H>X`m(p1cohqFxt#&yy3++AeFcIq3j{EtrC$w& z-k{n(maydP6J1JHQ%3!q$QJ_Tf9)A+qPxY?Vl22uiLRzA>ZcOqSv0B9!TNwe5{Mei4KsTrRLEl^8@^~H`x`gT$7Gp?ZWiYI-y%B?{)A&CjhDU0c35DHK|DK7%k!GlS53XB7oH8nlau8HV_py;>?@T zyEs);h@hMzQ91os&J;mkmW14XNUL>=&9wZ~bMSSL4sPU2~ryb688m!L^q zISx#bjwHA&bi8N0+`4P>xC741#@L)pA0pf7e8j{fBTg{SbC8f{VI0;{>g|w1Xz)MQ za>9i`U6f#*{%HgJJ;1)5JqL}?iHtzS>EXCRZiQxa2(zg8j1M9!n;V{JSpC^6$>*a- zhXDa(%4M7TqbqMfij4T(RSsqxKMFL~BrEt;vun@UskODHO!spg(EQZAD>falO8O?U+Wjjs(IhOJB6O5` zngjP9DA^K=Q?y7C4&-yasb=%2rPHCxl&c)I}_6_;4?8hzTrRPTeLw$A@YgA zwoy@Rb>A`!g_QCTBiZO}f&O1mMXXFBZmNwFuC$U-0H;*e;n#}b6V1|RMym9Fa}MN0 zglV+E<#b&}yB~0b1Z=*BDHwn4BzfWDLSK5ctUywo9S$zUahB1c%A40TDgJqrh!RlN zktUn`Qaj}1?Rm_w@*%{}I752I2n=UBwcDVg4E0u@Y-+RZv(mC#GQZ^A*+Kr6u_qiY zJ~@eUJ&$2V*+?QrD5gmS(V$sq1pxY8?c|CUglRl1;V^0ykH6( zLf8+-^1r6@xBJRdQXM)C)yZyLMSXDAt+g4P_wzeKud~PZT2OK<-Ke{V7hTXD5(d9o z6FwE?N}-z77Rq;~BrUvPibdV-2ZNx)L*=t0J7U3ED-uL*|J3%2J- z3N9>eews^pccSu1&UWqFY3$v!M$@G=J?|SeoMw z1{KM7xVck%j36fs50+q4$#Bi4Yp$(%z?f}vFs2?@!6P9kf(C}24}~{*iJ$H}CfsG! zAqX&9^%$DN1-xmu$W=&Gl7lh1c8Hy_d`mf8Onu;{B;OL1Eg!xZK(CvA_4+|t-|0Ev zxp|qe;X1ucSnv-tX&bme!llRDqS7F9$o=^YmM^zgT~uo(UVzHKapB&5C*H5-%yKDM z!s9I4TI|gxbQ6%&&~|c{!Uj7UTAuiWk2wyln2B-+VA`^TaXZ`1}4bX5OjB5@+zjDs!zC0J2BDjDtX5Or`V`@;(5}y z+r5vGt8lSNsQFDRNu#my{|ZS0VDEqZ2+@l|$Lp7#YBF8*R|R6@4DD2Q-Oxqcg-|QS>LA5?*(atH8Q_)vDPz(&?-%+$>wtgU%mVqx3Z{WSOubPJcaB| z;sR9%z@+Jj?($SaT7|T|7O538#zDKMM0d*YkS5?uR5kN7{w}uQxxMJeKCup8AKU3? X(5VeJS+20d`+(Mw9f)=(A|Jb;MOUpz literal 0 HcmV?d00001 diff --git a/CERTIFICATES.d/02-dialog-B.avif b/CERTIFICATES.d/02-dialog-B.avif new file mode 100644 index 0000000000000000000000000000000000000000..5e408abedc1a94d8d0988382312d3f34715aef9e GIT binary patch literal 28821 zcmeFWbx>u?(l5AicXzkO-5YlrXdD`M*T&sx+@W!IcXy|;#@*fBVRoPM-Ft4#M7+2& zG4H=uJ8D&~%B)=Z%Ur7}t2O`tAU65#W~c9LZUO+7KdrU73A44izR4FMW+4Coq}ST` zyZ#>@uuz*BSvmYo0swaAhTs21|7oqv4gRGD(a!w4^pL?si`ZJ( z{$Zc@!r=ISgt>r*i2Na(9Bg>3?Tk(Tx(M?a znj6~jIJ!B0H@0@<0m_(Lnd>{a@#y~xC84>U^icn5(0h4>Fn;HbaoKNpbyp(}vhpdes>Io}sZg8}J3vXFo3 zf6y5JL;n>%(7*Kr17$$}ho&R}-T({qU%!vVk4*rww78Tw@IilK3A}u)07L-LkdRQ2 z5YSLiP%tpiu<+;z@NjVOIH+hy=mfY#gao+w_{8K4RK%ooWcc{hoHTSy%xr9IL{!}T zTr7MHtZXcQlz_m%z`(=7V8L+AKd^HXg~!B5G*MG6a@qf1>~b2Km@cC z0_3mqHx%GKC>S^dBos6ZEF4gv0r`)oz(B#lARxfOfm|;j9{`R5fl9(G1c~-lABxl- zoy9LU2bxT{rUyfD`jVX0z`-8|7845_2bY49ikjvV8#@Ol7dMZHsF=8fq?ELhvWlvj zx`w8qk+F%XnYo4IcPD2TS2y>7z@Xre&>vxO@d=4Z$tgcmbMx{G3X6(MN^9%t8ycIM zTUvYj`UeJwhDSz!&&mB9C5C~+G%O}L z+ZM&uA83Ce`|p7H|9?XEZ(#r6S_Z&_fdGRCh5`@(+$`?M(|d~@@+vh_Jz!mzF&{k? zvVQ{Dr2J{$Dq05;=iRipjJjy^Na zR8{F^(z@>PuJ#Vud<}Lb%vXS_ZSwcTZ!%eQbzaI)!3m8Hf|n$CQ~u2vz=vF$vLarM zSdQ)=5^!`^QVBE?esyigk>cuxY$Zbc^^6~d0`XHHAT0N9sat{2D`}w-)uGWUG1IuTg=a5v~!$W-T3J^$-qMmRKKc-JV ztHO%+N*YdinOAJdgA_x(koNEWw5y48$fFYgAbJN^W+A&O*BG*CFpvwh__Xs7W|$F@ zTvmU{b-mwhEr;l2_Oo%t@01!v9ko7WY0 ziJUom$DR&RfJA5M0|28N;u7*=aIOKXmJ-DTUU_au`ZOY^&| ze*j>QrXgh$TR*>tDYhDvjDth=tjvq{68@wbF=deqgDPYDeVbzWXJizl)O!Qcz0<|( z)2h!#;RgT~P*Nk%+?9y;M_8rn^kn1druhTV_2nJi$5iJ7Fqtv*_H28Z4V(5y;Ok$q z-`*!WJ^)#~(J!|fTN3}fl}XRr)I3Gn2dmxfrwr1! z^r%CPQ-S4}l2?QPd|k|1)g6ue@iy>Uy78a33Di~j98B!Izi~b)fTJw4)yR+vRK}GJGUyz;lYWgmGTMuchmqAgS(=!%zLJy~6<1{&=YLN;EumsrId$U{kfXu~+Yj#)(C7(4NI@<8(ypw@ z(9cfESQ%VT;|rve6FHxE?;6_LLGhVFRwy$KAhae16ZocQlr1z!b-g9M7K0X?^>wQm zB$<#Xn}Siz-ebg!HkNY15Y(5is=JIeSq_!f4w+B+IifT2^esZF>mgW z8I!5oYFF%GOq^O>q)&mv73bMJrDGW66Y~4?=3CZQOHtDa(^#2S;S{}vq`#j~rJn*{ z`NDLorI;L}PkrFl$JC$|8MjTmePrTlZ{-JZ0y+8NU(HQn_J&bLpr0lrPh#hMaO(*C z!YOcs_~l^U8}Qwg?Iv!-Yv`&nCeY&JGktIYQ##5-7E#;Z8yb_gwL-Ur&-^k0BL#5O z02?{}60p5gDy?**O(SHVk!)CZof^!-nNQ-=^>V{P7Xbmvo>JSPuUvXa<`g{%%uhxt z-C$YmKF{m5WjjH}SHaGv(|8RA=){t4|E%;S-@8g9Ol%B2pVU z3ik5ri%obxNTmS8ECB%*%4h5-PF(WTxy{azO<>J5uuB9{^70=56|If;F>e)c)hQ9u zR`IPwX$C1?p+Q0Lt0`~g5zO;5x*fGxb$|Qoh#5wFsr*&030z1rf%CcG75dKOO$`g0XQ>9E}@I5 z35~%pihCw&y!Ju_{W)d(jI5gY8nzUnAQWROCm1-&16hn|G5B_7v>|I*@y45{Po&%2 zZfe0oNTvRaEm^R081>ot^jJbB0}eDdHaJ>F`|d*z0aA$e^6L*w)z3=E*G?Y*^|uf( z?m^b9IMEdF@leT-y^}lUBZkE2_OHN?B7S;3I$jlAUamHE``0m0=#$m^i-d#ejlOy?WKFAlm zRTYf{JE2ebo<&6q0=iZNS!qD%c?fS?PYRIq1C^ckoL|MfU?+)5aqOUy7l`_9U&|Cn z7~(dt;_~B-UWc2p&;HXTJYhC}T=(~Quu_T-Ky=dwpwjYnIqQ!_CE*_cBHIsu*1}T* zKt>E*0pw3rX+U~{T=QAL0#1l?)*|mhO}cjjAAs0wMAN}07R^U&DHM<^Z1DRkx+y+2 z&t&ubdX!;f=lX3S5#h30q1obfhCc^!|2 zMSVsO2#ByFxG@s;+VVeYN6gX`a$;D|ad<@-5QOOUGiB&dqka#vCiZNCokYBS zkzPnH`$Szotk*(DPBR9!vg9LR0f_qYX|K-yRcuUMJxvw;J4##+}<6Z+%rNlJhC z{lcf|Vy&dD5TymaO_xa>w|tonk<;uEEAVXbZ?N_^L@9>xF`paoEHoqR^Exy9>iM!b z*YMP1?}oqL*;)YXe>325&sMTX^05K{lSCd}MDLX}95~x4M|OE+Pag8#$WX@9 zMMNvR0{GtTP*rbKT z^tz)zG*K4(Y*1%&cP0*(6if?OB50Q@SXLhp6TKCu`|G;g;Vl3Niey z=&*C0B+NLL+LOBVC_&~@LW|C-0)z>QIOS`cX!3V7+*)0MtM<0&*q>Tvrfs=|?EN%W zYyXh|;E?7)DrR2*ZYzcoi0;OH5(S?t@*P-M8~4bG67GsKsO7h%;&!lFxgj3E=91gu zu5Fxow|p0Pp{MhKY3BtTPfM6&5;2pV^!}v!Oug->sS8Dpq%w zIjw5enIH($lnA=*KvkkoP^1gQp!l07FMqkD@BnD8~KW~CrP-nV-Xf;Z)@c;9P&G@ zsn22~4r)p%Br14PhQq+MZ|$1vJ{z&><*UH*|Ks8LGY8+InbwDux%ATgqUC^lqR;K~ zK>*+$`rigdpNW0|EZ-kL04MV*=pbcp#aU-Q8$@sJ0{=EfLsfZ((zR$|vcU?rk zcNnWW?N<;aP6bOY`6&z}Tyyic-R3WA)^NnN@!0;OcKY8chr-kkei;7p!lwivUDxVojg>?nR^I?jCby`;T8!Kbrn7UG1d!j z_CC87T6opIZoc2yRO*)-|8wNJBP>K&)kuD)dWh+urvd= zh8Hn?xZq1BV7djeEDnL$?anCD^M2Q8VKySPE2db;m?~{IpmI6_|M~mhR4 zSt;JHLgQ`iqkL{Zx%_kk`bQ1uN!$i8fXWS{z(Lr1){eygAKmIY#M2B7j_9Sh+y>w@ zirkZi@iTtf{OGA)G{U|rs+v%SVCI?T^;ok>>M#dHWq7yG`^7!r3%9%q3|34FtEz&R zmw(+T@tNf6y2yGTjeJgiy$OGR`T(4k-k}fv2Pg1Fvn4hcepl}rFqFMt^;HnVbEWI) zf#_ihh>GtY5(rQ+LF-qJCOk-dACfS?*9oOA;>slJ7Ycv2C>PAN5pJl3S+GYn2{C}7 z=27r(!Rc?-yJ*1#HAA}kYE?LCvaJk3NC~f~NQSD%jX56x;+3jr;AcHN1@=#b>-aRv z$F?qDE!^9g$!j&bf0uH1TRC%8@CrO$2fVjbT^DXFY92eYYUuRVt;n{KM?N#%vVja} zyb86XqLvg<%%0KhqvB+1kOWetJnBhTGuG1_ODJ#`74_>jiGGuv5$!YzqF**2g@l~d zqGei^JjTL*eo>RM--<*%m86=Owv*v?g3W5jSaVYXF`_a+F`w$uN^(duDKr8Aax`85GuD6&92={={fZ z#z?b(VXGN&*k{-klI;5Cf_9Zg?01ztpEU>?;MDEDEM6&iKCp#}dt}B~$r!buP4rix(!BnLE>y<69!aR;M z>%?yB3Zpi5y$95RDx5p%2tH3irCI3E&yg{^;oc@~j?+mv4pHt2GQEOCWHLXQ6tB7t zeGB(V-VUIgGXO+#4+%Y9sm%;Mm;VmU`F-mg6T{E-a*BuchzFBU z2)8<@2Dlt`mr$m*e)?+ftPd6L6!Oj4OT)jJcR~TVh=J*%5wGH?S z)`NaJBtJjQYsvR2++($-NlW_R=w=duHor&W7@>p3+ls75Np@mc(!MW!cOZz^rd8{e zSnSfy@is%13rz**LbT5=x7^=809Y3GX%4NY^Xo=&gUam=mnk3<=++RmOkSS?J6Y%B zu#B!mc(ci?k^-pkL0;PyTudv*8H#Kz?TgGuYnzp78SES{&a^`otv&z;^GGlEw55sa zb6@&zXcaOr6I#>Jbx69*5;}8xqOC^-iqKP|LmQxPJGegp^_fH*$I5PyQ(B);%i^GM zxNsh-gkI>oUN6JnAJN(C;r(#2N5NtW#96hPJt?G>6cbivCSNC27J;~P!=O65@q8sg)0}sPJl&J=JMuR8A(jt6CB|SEYv`{7qvt(c7|7{@k3qscG zbI%9Bd%z{ZHE}4CeUVfxx<8T?b6J7Z2q`U-^-zH4kWXN{L;9vaRi$RmD3fOOhk-%l zEBQ_kzG;{H?MC&o&ty5#!>Q8m`E?HX7}0Vb3_*nNN@dtW1B0grW#W#hafxw_SprJ^ zhF6sh?BxzbsP#(7gQ8{&urB(7z>H>YNZS4?xH<~VwIs~VPf9)JYAvMc(Tnv=d~hl~ zO&vzy_Lrhp@Z`If9`M}Opk*Rp`1S(p__u|E#9QM7_2}Nr?vvzD?n`Xu;{>xd^%ca? z$orIDiphf!_te(k%2Lls~&Anr*!|!oh zW#wT;4omLO3CqMu%vJc0jUCXRHNO_#SynkF4!lV49zGK?0*|_Fn#neRjnqmrH7WT4 z7w`jod>AqgAJm*`55nrV=AsV)Wd|6c#SU=|U00d@6Bz26dMMI)kPm>>02ezBWpBP# z?si6{TSO-1?DXgdz=o;!;GE{oUXt%i$)3hi|{LP@3$Z68X%>~xmCG`tM z)9VXxKkW&7`aCNTfBgX<3prL{e3bwucR%-r`j?ySBaOrK;$E--&q_1>t!W&1TE-y0 zR0b|pa{r9|JYo$@6R&(WK%*=Ap0Kvwh3-CO-CVs3>^pSA&0RRrwjEYhA&iQLD#t*= zOt`D*%SKUePbTA1x}Pbq%2#UEDJ8S0@>0)y-^^X>4Wlj}7cR3Px<+UPo(?d+MrxEU zhr9;Zbe#YX2*?DH>VW44)B-1|AAnEMUuP=VEn%!|bI`s?1HO|-Z0^Wb;1R@jnQp)4Dk0(2xf5;V3aJiLP^aMx zvGcgwK-R!fQM8DLL7==NtyeRBdy44VQ1T=dk&YQyW8)=MFg;Ex0;|4$z{?ZTjRnvs zXy*W+6NsKLJ^+uU1DCpCPV^rAI>fc@OivtWZuVBP__p?we3uO?styHma@S!#Waml9Lwh5`PY z`sqKDkh#=~|42$-{xx@(l;ZuHEC&1WSXH8Rl!bJ$zP>11=VwccHIx*6eg3fP7wvvS zK&Ccl%_p@L>y-w1&6*-7P&2u`e)~##D}amWQ&zWL7@+QQWk8en zaX~2x&to`${=l4sB~cH0gYq}j+Ggg#`P~7=Y2udr*40)Q-r=)ah&GW%CK9`i4W6g! zllVkWlqs+bnXPFqf z3iiKu#s8~C@?X6FX0c>9(zHma^K}!r9`^}fIa2Zg?o?)oUV;DER0v{Y5@L2XJSLa8 zMy{_et#*@%!FzTKXYU#k^?J+;gts$pSD}1yG@CMGT^jxX96qoN_IfzoLVW-hQqMjB z4L(QF@BANt`Mejk_Y~lUVdKpLux0a3V3BH-N?DM-Ax2qLC`e-4U}_Ywe-xGF8sTo3 zdgl4Lb^B=O9TlqHvUbbWKoP7jO92=%0Ps{-`%v%T^YNYz8(>s_=`xzD zR_uEZ_S;mRrrvD8cB7ukRilKJd%wH%G-{E-|1%)xp(h;rZet?no59NOl}}PD+TpeI zk{v|_=1rlu5T(%q1ZpIi*Rry)5bEo;6LwX@QRV&!FJSJKP>x4nV>rc2^1COV&uhf% zim&1&%w|FEd#IgYFM8q8=-Y*&+0r91MHz8bG=|etyKiuD8iG>|=>vFzT0+~SBv81> zR0X1;5It}|luA6@3V()t7o}$34PKkCTg^0X$OYIMe{rM!UNB{b#QVNW=nL`aG8I)F zyOZe8Suag>A?ymrLex$t=toi}w*1Q<^Cx$`N&w6kC2huEESSx!s_^Z$`9V5Ut! z&f6p#zs33+sU>pCoQLmO?!MMq{FL5#6j9CKhp}7tynnU(1qEFxuYMYoMiE!$5N9+srI-QD3P~e z;=su?_joi!4rzeOBCXuHVwLXcc`sn7JcGVgnyeWkimDpWp8|#qmitf0prOs!d|4Wk zKxBTDmM7TfqQ~_m|-HTIqkDsionHavAQWGW`lbnC0t37Px zr=goRxcC*w=v1!+g;M)~ZL7__El8EN>#RuCkCssDS3lr85U#oOn;WARRzj)zXG4do z1HVnIX{+%ud*#PK8FPN9aDRs+lw;++Zh*g!jeh$0Sp2$b_Zn_Du*)AS zl>)%*e+vw(FM@GYAHvYSQt(DUMP{7RTS54>K@~IQ1VENE8el_-0Cs|FKsCcEC(6Qj z!w({u#=&tUYO7deYNEfKJB6V2SV~-?(LWJb);ssA91ls@tJIQP_hnzD1#ZY0jiuSC z?MX2R2OPGMKei3TVwaBAUzd0u33pU0nffJi+m;LA!@c$EM@N$LkFYTJWppK#?b7Yw z8MSg|yNaLflpVr?k{PG59VbgdL-xN-U~U+T%F<@ZFbjUZt}~pcI7yQ!SQS5r7Q!l_ zIDBKyKv4$EYxQlwVAfo>i$?YwlY+HVjGBg1*f650K}86c$NYtM-ML()-QFmtfZ5&- z`g=y5s8e)qX|o<|KRkA`UN?s|^bv|lv=Of`jZ1lHXXY@l0_sOd<1elpI&6lQ#c@~I zh@a2vfqi#Hr2NrzOr;T_SC7}e)-O7lWt2yTdp@5deo@m?(c+ae(F_lEAm@l;qG($o zape+|#7%~H5zq(hu$#nj+KyNjra))2YomdElf{@L_$t@Wv5;qF*0iZoZq67~YT?g5 z<4eunFcY698oC3OMZk+cUFlpsNQ@6h=y0SK&hCO1E{Y7N?ycd3HuAy^Z%Y-WH+mce zeiXwsV}tQM^W>6lfXnI>k1V&x&qi{I&d6>6MMJgEhyr0ec!XdNb z0Xn2=p5NJ*%7%YiINJ}?=}0Zpa@@asUF)S<0^uC3!xzr5f){AUZ!S#$OmHqO+=1gU z>cPS9-X>6f?HjA@fTnU8D58k>C8|IwB=kn7^s)>@c zd=2rn3yEr4v2-i152lR|LGfoT(*p|vw}u(yuZQ2JG;P`U%z=*9pQlO$UGcUJXpsK7!`lm}z^$9I|p*Ge@ zr(YA3Ix*bRjA9h`y2d&F2IHEa{HGa4bCsp0;=;gRFw~sUiSpz7-bfH@OKlWg4-~w(W8W0Gz6;$)e1}HYB!pp%`Negbqj&Uye;ArB;!jX~ zmK|TZ)@YI>tXjX4t#TcIW@p_|Tdl>IaSRB2>a>39(Uar>|sV z?`ab2{=Bbo?rF#r`zrj9b>kMQCqlthBI}3ECD8^Dr#2CHM%UmzUi)g1IZ&YolFo2(!UEvLLmD2mU#vyoA=T##WmklwO=uxStiIE$AXzjwZTA zf77A)WD{kGv$oNh;%D#rQ)*#pL}bOEEz!dR3BNd zt{_J7ad+I$F>ldlw-*7h%}s#xBU?l^i&1=X^ew!vJZNo2kXND$hqr+Lyvu>Mt^{v+ zIw6Wpb-T7#xg~_d5RNZM$iudK3LP|v==${4zJWTc#qu_$)fV}tk%6;(ACJ2zPGbFw z=+>Zo91KLgzsIIPfA($_X?>v4bF!x^6i;Fw4fvI4U|ikAbW}rqLXns(`-AHY2l(#H zI7^I|uAq8#WXwTkG6oSK#!xRGmRZ`%6|z_roYy^AHC^YF6~d{Ul+x_#?5CZq6M9jX z@xDIG6p5M?M$Ulq$D`R|D`C!P;oe46G3>h>$=%wawcKTh4n0+h2SR9u3q?)dD>u{G z)8o*@jA=_>Q2b3e-tan-w)&h(KE`hA{C6bbgJ0@`?=IaaT{`1o*Dn|zv<^JyBQD7#h#l5vd$bcnFQP3d#FtC1 ziz+f$2UVxFiz-0}U_zs>Sft3}5592#npiN?&tokO3!EH!cYwu-`n zPwRRcC8nn}g}S)n%3+=&bnM#B{~T7UckTxzVoI!aPuJDZ`D}Hd_RfxrGr-cND&lYZ zFl{%J7O@cCixAj@ZRmJ=z7`s_g6L1r-VVL{+U?&`K|vuWt+5BCfv$b{q|2nEak`Wt zr`yOL|AXS4yR&g7Q#d{a!mtZz$ph?FOMQh%BsDuI|AS)>C1O^tBoAL^Xco&VJIQvs0 zMq!f`-V{3_2|w7p*P7`?1!x`p!5<|q{MTX$amiqvLbg{?PVho50w%6y7aQ^`%7vXJ zHp8j{-lZ;B*0r%E-YT)X#|VaVr1gFUa~`)0JMv#2cv~$YpeM9Hy$LHy-@kEN_80_O z9%&a*(#;K^fDJA^_&JW`;s&XW%VK7g>4@MYBk_(xJb{a+qJ%s#ImUIHz$l5>y*aJ= zuj1tVF!e@llLnA3#eNhT45rVmEn(%?TvyD1HVeY-Y7d1pka%HyO+Fan!EF*K;0T}+ zviHz24pfg;)C-t%H(GX;bvxUwNkS z6Gx6&fvRcEgoJT-j$qOz*pmT4bSZIDA8BEZq6afyW@5F7{y?YSAS(o#Fu!|Lr89HC zK7PGrv<3YaPq?lXC5OVXj9%AC5p(LR1-~jzCdMB9)6U^Z{XF{UK5^QF$3zF1z~%I+ zt_e&j6BQRXW*aO?M$+!ZU(X3F8^ny95}~bS*5gFfcSU?VHrA&k!Z~y$_+@zoq_%)d zR+aSk$btbG#!8ExM6Dj1@wp@kNuiW)aIiW<)=3-eY|5t)y}^X@Ps?HvN(McuNa`av9fR4-3$x`ho`GDmI%}sY5-K@nwW}# z8K_|$pmWqci{m%ZGoPgncVu}qRm_mZm_6Q?k^ zbYSlz*W5HI%}h|39O+MEq18H%tAQ@L9!i+%>SGhFA}Uc^MyU~k3A*3vV~7dE>nZUC zR#Zh~iXkOyV~X6br#(q4yZ&@kIu5K&nqpw|@=w>=n|nxn2&QzSNM3x2e>-@Ke-(NV zVHfV$!v)``$}Y_o-Ubz9W{VIpuYzQ4At4;pHXa~^6kSg0x)jO% z&doNcsFA!cf)zG?GIC(-xtv32sJIT5FI;t|>`i}3uKIdIF+9CA1^6|NjHVG^PZN;$ zU7O&iUq?`Gqf>Z9rv}($g{;fdK#zPBG?%m$xxB||Oz#T|SGqNtm$JneO?&X6nqC#` zFGBw1xcdAmcI*h~EdO&#?4IXDSz}2gL5>?Hg^~+1nIq*+eGelzuigvjpX*==jR;J6 z4fXC?A*GM-tzm&Vm2b;D>)?m`L2Cr+WTogPacjDQYdN|_O?(WcCDiMns97i_RST2=-r30A#20~j(2Mb zQ#qL=2>iVI8Gp)LwQo)d61h%wd?p_sPE}4mqQQ-|G;8pm)ZI%DZn~$!RIU=DtgTq` zv(~^U9vJtQL@@`hea!USNA_feb`Wc6qB?8K0_2>d=%i>{jHQzmJqkou-j%W+Tv2e^v^gD{eiIi@VV<&@=W zUK70Ep8^T%T(|ogiZFfq5R)r*uYP~uDVHwtQR#u1W-qMj0eg5xfZn0lBJT;L^1VZ# z#YPyaWFBTpC{6hs4hn5_{T!#WQ@QvfLSPAHF&CIbYA;f zgN5hsT&6kgLRj3!hqe+c>uQi-;ytH=?qS$;h}kZ}n%$H)vPfOAY&As@cT%{%F=2a( z@@S9IJMnt70DC#q;uN1P+YT*R3X3$O{c#%!ay^a_mgerv|6dt}c%SgN~evV4L(Y-fBG6t?ih zRyU>CoXPo2>`X=`eKF0>F&iPl)y%_*Dx^%U=W!!h|f zVoxU|JW1294>ApIjwZOqt7yTbm*U^i2erv09m|liJ#qZTtO6Qx$5+>V9ejS+0Ud!_ zKV-)HDl46ztZA55m@_CvY}$EdRYa3^#L8_b@OCxBwk{Tn)FX3&DTr<*k|Nn4vaxWikhY?#;qWmVQjxvbJVvsx(yE_% zhiG2ks<*i_#*`nD<0H`-@c1^tGOcVfkxJJU<>h2dOJh$&jgUK9G6S~&-t$%29n2zO zZ)u(t65Y_h2j|d?J*nJK)fK(Ujw`Cc=EgyN&xTK zA)*dd?1YWj1Y#~NC5jTt^5AIa+1HS8yhhY)aAx;A!rJyiPRDyLNK?;kP1BV;#I~eL zb6+AF>wUjr)c(VJ&~<3fS6h;$B2FAFBmD)M$jw!TmP5%!huUwNy@NYi2tQ;dS&CA4 z^~N;#sXZNkn!k;z<+!ft+t;5@p72`2B+Ii>RuwX-(cK1R-^OP}jvN~;f z7F8K&>4!QOTNMG$Le|zgJrySg_V1f?*!@2exi6uE;7XJn?me2(r~Gy&bkkEl`}YZb zx0)-{RzM#RsWbVa5P!%jjAoS@C9s_3<9K0Wa&BHWC`e-nH3$MW0FeL{O5hsFE^{!= zC||zt?rS;v`&=eoN)V6v!FMv@-5rZLCB6STx&8~{wd;7sMJU1@B|ySRvQv>)ow zx@FQ62% z^Md9i^1v9}X89?JCEvk2m`hQk(6ea$V198=cjdEQN(08et9yiA*y-y0V`trH#tu|^ za5EgE#5WHYpN01aEzQwqt427@4UdkH2NPkgC3~~loheT3U)c(vHDm^DiTjRI!7@*l zCzHGx28dDgYlzy!)+hK@6Ujf~IGMDT!9}AptC?S_RZ5*{>iYA-H=r(}8>X2;)A%aG z+xYdM;v}S?7jp;|mxjv8$kHc#*ydl*y?3(Q*N(fzd9|@Af`-G-eP1BkHO^U9BSZQ? zChT>lL%Ge{s=h)@YCz_TqvwV4Ey0$6!VzCpvsc}AZWgb3Mtyo=G#wK<2(YpKu66>Q zvK_Rs+`SP)s`xB;a!Jt$vWFTenLpmc!%Ep|+9lCoEGxV$;$~j`bCHlF86z(quZCoa zlbP9uZu=bnUSPPj|CA%i+W7g@kQF!mGSywr#4x7rEU0BA(WFr9Z6}+@n4uA|N$BUO zFJh4;^^ISgMX-WAg2)$vQg+&|{=A6PvNsWp7UZ^0@DzK$y_fXd^`6Iervzl_V?dx{ zghRR?qWyRE>~{#OpkENrwN)YHd&easesAPCowo^PEt6a+KXAcT!|T~_j9k>GcTwMD z5P3xeP*R|exVD!QKhG%L%xMn}&6OEJI}Z#CqU+n=vbwa@lyv5^hV%mP_2^1EGM<*8 z<_;fZmO5T`kaRR2?R2GMn6EaRX}37TRjtxldl`trDzb}ClRH`QneeQK+j+V%$8kR* zw{Ox@j7=HJf8V6xBlf`_FyHRGJ~Hk4VHwZ);9D{Ct*lfGO6X#<*5U_IjYFDQa!@U2 zTMy0iwOJIy{WSZ8u9F?Zqc8w98~j!^|o~0K^+@1UmT-%df-P^VIO!_Dv3MIhR_DM`SF-CbL+b-VTg3C5tH?L+U#P znJZspMf_A+P~p@giPs0;drw%ZW&)to*hEKDkX#m5!?$O3bEZzMI%Wqc3b>>y^x4G* zQsbboRm3@2^X3Ehrtl&^_rlw9ab%NCM3zF7h-2CeRBAf_@_b1I&CPI__pD}4u)a_s z3!Zoq@$V={xoAv$9&ws7dP#F_378uV0xPMnQFhihT}S5>*S1IuQe1YC%`*w($a3#g zx5GmWi#8+9w0tgrK(GUh-D@*7y0IMw&tNwajn)B7J$RMP z#sZ5yxo*U~k$Qj$UtIvfT>xuS4|OGFPu66B%abN!f6?l-hAu%@sSzY*;u9h#vcSIG z4u^ME>c;P6P1^p}EuD1n*S@V^lT)Kr1Pv9d2z&?&wL;ngq0)~5>L`-uPBnE>!oRfAAsr7{7nDkK?`)SB(=aI3=GWHrNoeXqk;L3Z7n?8HS?{#c zKJRs|V}-#&+L+W-^KYL^6EJz^--N2me%WF1ZdmW?+ZsCMrZnKHeiYWt591oZsIX^k zo>0H7o%KJ`VwG9oVohtL?_QkOwrLFOU0-hO5KQXC_7xJ6)M=z?z#lDYiN^RUXOTz%ahitg z7d@ji+LLR=jg*sfSeqKfBsHx9(8a4%j$`6wjtXD1;S-PA&?oxXRrKxRRRACzh+R?5 zc>?&$yrT;TGFS?nZ$jas{q}M{F?@jd^ax3)`|3p zms#2ZD}N%ELt~x2mBZ>II#W5L_?_k2r^Y$>xEk^&(`?nfW&IYiUSVPp`i=4E0HHY{ zG7<|cGF+#(xRzn!6;?RT{1Q56a5jkE*vnJ4rhK5Q62Syk;wUKwmMCBPsS7<>jV_S?85i}Ycza9^A&IRz=_)Rxh_7 zeb`**R`nv3ms1;cy~S!Gj~#@sA+Yt;xtzj*jKRMIuBS<`csuuMHcGYC27&QpD5bw} zTWq?}t`fDzrgf;OeW(Tgkj~VanCeb^pz`txbiy>VDRO`2-n(j zluzJTa|Qn5I)MrJ%?3(?s$Tn;ej|OO5DjvTog%lXdA-?h(RksubG?TO zrSxVFrMuU!9r2+RZs(OTTg`t2^&CEi$C-%hOLGPJ^Ol!*?-GoI@B^C(#bZ=%AySj7 zrzsQF-5yQlrWZ|yxmIVSl#Yz0WuJyT31%42jw%^rm~iAkb0`DKrz(#ZlGiiu5JDu) zQjy1O*usl=Pz{|^mR5!RbvETRR>C8E5sBivQM{q&Ch}DAPyzCp&;l#=PdW6b zO?$`%6qMkfq0io}Wv@wY5o@f~Npri5!A*XrejuvUKmR=1m(>Lif%OK<;kBw$K3;cZ zy{uaK9kIf6s~jvco5lXw&5mZ6R??7$IQHkKE@YlPZBOS)SG-fi+P2PniCz~i=V;@HF?iJ zjR`c#$xh~I(R868x=wZ!so^O{yLU_pmwwJG8K&3}74wrx^QZs?#Hsv}PhR1J-b$wsyVPxmVCq=dzZCh)|r zQ$k5*EwLk(`A!l`ERLfISf&q0?CaF6@}7V3mt!s_XyHj2jaX|T>QoBm!PI3((4+sR zdMzP^6`b{^o>7O;k2{KVi@>54sn?SOkq6hqg~sWZ8x4h>;LM_JSv@-W(I9HC{TcN> zmFtqNdimqlPx~PDvJmgh{(e{p)0csdkx9Ab`(vX-n$7|emAR^$MW#SnTejz-?J3`6 z?(youzANFVU6?@7TxuAONei0Wex~UyX|*_+f!t;#HZf$$xb0CM3LakLBzP>y5gU$i z)vjUH8h>d{0?4d6#Z5E^dE~`DT#e8TU-x;$XJ!(p><>8VD2P>zcSm=_odUGB3?{vZ zm)$l<5qv2U^}$t&H1#-~>ao3HG>roYZ%zcgq~M4fB8JJ--K}rWI@dX*eMD;@;-Wix zq8vRB%rDYWr#VTDm|O3YFNeqr?>r~<?b|2F0=+g~6d=M;Rjp^EM7V*I+Rq8iiVP!EJ zDRPC)yJyV3V_q`Y+@29ccYVcf4x6F37fU3#OE-t!n_e!cK+dslk%tY=|E~aSDwEZx z2!6Fz_|cV30=h#d%Pm3&nN2qUff1ZM?gz(cLs5TAOAfI!fqxt`9$QIK(+HFVK!Z@h zy|9aDQN{UW;L7U^2d}p<=JzDo7uVBpvNAOz#K+3N*{~0c?QO^EYOOfbvgyxQw#5Iq zFA9VIJEd8$Abmz7hFpF)1}B=JWUXAB=i-H0xR_4O2LRHRy+4l0ZK1GzGA-YVc53@- z7QsUg#@;E7lED%108IQ%Le4v-@nyYxRKr1Ktp<|tu#)QZmK9?vTc%-1pW&GrC@Rir zk#G{em%KF;F_~9b>_%n20eQz5u5kg$47S>J8|k^!s@J(MlJ(~=Rfmg8nJ3kTvA^4X zt@snvp@$WiV5G(09=0a)@)BjJid87RL z=bp|&mUdQ?b9fhZev)Lswfa156CUK^p9sjzV@n=_iA!!qGG-X$0Dw`+Y%7DsRaAbH z`un_J2IEjFipcdwWk+(I|G1ToQZsFoW{d&=6f}dql&1?;IuNV3R&Z>cjIdCwwaZui zmqMjOWv|c>NXHGWcnyzQk_=OVIgd_5B@a=I#dsZ1Yk8M>XAvC;Mz4|}E%<3c!Xi3q zo|XXdZO3I(obmYDz4)0$ix8)xZhDKiR&9XJtmz#8^*B^Sxp#j5`l-d#=~dFR9j`@9 zA{3@@z;uS|sGFqnhax;qHq4mU`cs}XF$z_I1ydq$D$-|RsyY5&h$&Co` zzwjIhDsWvq{}GuCM=f=i6^cJa4C0p@)y;I51rGy($qT5=b&jVBHUvZIlrS481AC>S zp(J-~-z`t}fWACsN`Bv0)vWFSTAn8WjhK!jU3Jy8m*Fv{Ip0yppbFft3K5VYf-TuV zYcXOcXV2t;+4&Y7H;Z@@Sft){ddgn_NaoYLab^wt=)+r|PrOn?J^@ZoCEvqG^JcO( z4P}N8tM6ZkMw{tt)IrFEsN!=?eMnk^E=L4J?gDlBG@s1gPTE>8Hc|ZbqPw8d#%2}b z9*$H#|CW)1QQJ8qtb0Mmsm^&$zXCn6p*?SmLGiBnUui@tV2zY$?Z8v@xcON0r$f4C z!D0e!?!}j3cX?g;-m%zsh{-|ob6!&_lYJFe+F*#V-Msw(pGBbVJ#RJP4RLDWk0)Hw zBTZw3&=%a3E2apmq-BJlO36wL`2$T}C1q?H zN4}#gQKc)5oci!Z zn7rxDSN&yi8FE&2OE_&ZVEbq%VkJiJ(nN)b!A zHK6|{qhXLKtbljdHv;G5dswI^&AqOAo1EE9J!S{ZS50b}CyrXzfg6-9Y zBE`ZewTVEVRb0kw&OCWs<l4b3Ac~tpwLBB94$RZ3*Sv(I@Hm2m#qJDBUB@E=VD8fkt8#nxJ zQ%~4h2-2C#X82~=6=;={4{`s}Ynoo$!C>kzmDQWYX(0j_(Daq5yR zRvT5DdbMzaiz`|unrn-0bP^qE3#_)Ox$UrkcWSiS2zIIu5?%K0#qnV`3Ese~@xjf5 zT+&#cA~3Jz$EbG?M_wSKsam7na~TH>=V4YvSJ%2_@(!RmO?6>i$^=+2>GX`q&KA+> z_9A@O=ughw7Q*sl2xYI*Rj`8x4xLF+(;G4dQrtpvU9)UFaRt~L^0>Myuaob#Sd1`# zFC*(PEBjQQ!0~pVMCD!&GD2!MqN&s|Oz4-YJBb(Fq|CaW>=gV3po#hql<(>nTFpzv z0I|&S^;_S@D$cenKBLiyb4WvbnAxh9xhE*W$}D$qQP7!cW=g9rl^+mhq;AXRvfixe zMhd68$5Vb(2!!J_5O(;3WYs#oF8Y}98)n6;yU@pPssJUpW0EIw zCT5FA8JYfi7kWjX9?BQ;fi0W$~eF^2a!5MgA4g^zeRCv(5ByBzQ1$o@CuC_)SIuOJ`>bIqIWw35`VhCq;1)g~x3%33YvixDT+u z!tQ<8!F#rJ7e<((QQrD?q1X>xTZG#hB?Fj253h;ZV4>0QUnE?&TogP42*~#o8|E7#6mozRhmLbY< z@mhq{u3v9FC}np6^19`F0q7p_l!b_#4BznRCe6nc>c_~(1=C6ICtfP$kgBOZ1k=644xj%nx)#ZMUUxWx0xKtLD&?@Tvs=-fqzaH|+b zjSB&lp=ZF`e_A6qgt)4PrA?pB8tHrKUjF6?%Vf0CYjgsc6ghhbz=De8@J0lhA-<&b z=syh72B;G%vFql+O=FcpF?JzKs*fp#R!`={+fd{xdX@*LfCV2J?1K0Gi9wFWa9xTL zL;H8ljwx&G;Kz`IenegbFKQNx*g10!*<6$|FoX4JwmJYIOj0iNLxASs$>JqZy+rf1 zFU&c&BJj7pykYsf2odGDAi95&Ry_vfg<>NEU^$!RZIjBsDV&q?x(-EVbhL@A+hhog zHa8@$agE(X8_0D+RB-X8u?XtQvi|`!j|@YDd&@uQ2Z(u4(G-aLR5et+61C~tr{HPv z9ISu{Jm3U-fZm&GUEX?uJmUwnZs4gDI@tC&ZS}0M5Fz$HQx6`-p~bDq|Ab&%@-A37 z2~#yrF9I*^ufmUf6Bw&dFH~NbF!PHp7B&*v$$XK#$@$}6C(f4%SR?b<6XXkj*iBS) zLjj__>sy(vnkLB1zExDe>n{sVDcNYX!}12kCb&LXq8C+rauCA$>ZXq@)a7*M3k2x_ zg?1WtUaU-BU?*C6*$ZJHmH#NPpudJ)2h+gRX`^%=95+Kq<)Dm1@yYF3Wn>*-FO|AG z>ckrsZB@#=>yoCe7Hfzd7pr(sNSIxt%-lC?8Rz25)bH! zk`c-#(47bI8+ZXSH>2IJ(`;fu7-k7sEam#@>)u$kg4PKJnAw=*EEw{qord>5K$%8z zV3$g%8;PW#g3Yj}7`1!?#ebx~!!k9w;?fMgDa*1m*YDENb2qx04ei~`^Gm7wpE@KL zn48`yqAN2LF`C@KFx!)JY*S&#X~$(^iXv*wxze$b{O$-pnH2mIMtZ#yE?GHxu$ZNW z+=2GK;kJod^;WMw@H79aCk~7%>r}*&?g|HVt!oQ7IPh%FNR$Rt(zna0YCw6SB9hh9j)EDrc<_mM~*uA>8FRD{DBv`@baS8dsl>z!$@u(9>Z`(Y zxGfr>KZQ>^1sRhXv=>afpAjG`MN;A zwKkib(GeF44L;C7`93akSHh##USeBt@Bew!Skv6-H=5~eiL1PMqvD@cIh^l+W;gmB@8(ttl3%E2xsd6v{d0RQP&@U zjKW;>W=)_|{K|dG@X$Pa%?a&wD87MERQq-P!ES&Nkah4hln}0IrKgcah)cWV8(bRy zQ&CggV8OJhWEl%sf?2+uHQd^bJ`%RUuO^R19U!;MdVr=RQ` zl8Gkp47iA>1cLcl3x;o?)GwZYrF`^cEh_{CN0Y+?jEuOd@!@rw*sL_10>wo^(V`4A z1@spgiPlq!5+yC2M%l7KHyA}MZ;sm<3;`9Y7QsH}GV=uql+1p2*^!Jt`-qUbttmR& z-!(T5t`5sayhqQXW3%mlf0Vlxk@V2J4fy;+~2 zl|8L>$5&pH(sxMH0&e~?i5R={08P5DAk&+X2{&GMj1VEkkA78xU8KfJHVx9=_+g4< zcsBK-^fh{CxOANB20WN!s7}15LR>9|4hj?m=|p6-IA}eEAUUD#K(tCSaET%RXU+IP zYqu8i-%eR*rjeFRe%*Hxb;j%>RE)QZ15eMt^LO4dlIFJ}N8AZ(pOnBXsSGF&fo$G> z)Q~`yWMnlM6NXG$7wRifd}T=j0VT=+S!v>!cDBcJEL>ziO7KK3jeh>2JeJD$mVbfc zzNE6-4^mAIv#~JpG>(;BY$D|YBb4&zl&+Gj5~me`veHPi4jLMxQtH|{*WBUh5w5lJ zjBLb}0##|qTk1JbV#KVb^SE+2YPn0RTRX{^P}Q#!hk%hQV<)hV>HSn&u}$!qunqYB zCc|tpJdZPWXy+<`*n!tWBpTYFTAxlLDElQb914a3_k5L97A!mF05)S5+oRdD zuB1~REOGzXFtPERJIlgb@9fCEgsmNGI&fhc1;tOix53WQP|GVTE)dE66s4LN)Yf$e zX#D)0GGCM)#O{JuoHO1SMO&O41#DuP%QUo)3_O^FnzSh~r0S&=DTocafN`kZ$FRX? zHE<>1WDllEePJ;$*hPKyqzfM^^9#I-m|qoNC~pThWQ5juaPu*xD1vFMS~@*{4<}SN zg&}5eZ`6zl{0Mo&x~Kw0jW?7H_i#q4Y>HzGTw(*T05SA+4MQv%xrgr3sqeE@BbZ2B z%Z~+qMIYIhqeq|XR*|0tBnY>#} zav5CsLs$ISy()uV@72w-DD8?rl^SG2=1XKi*mCh}Y#|O$$>+!MUZ+?*w^|37^R)2f ztY7U5P;VxBt9b=jl%}KpNQuSf?lIa(;KqYvDqt=;ag2Z2yJ4lJjdSlqc^V(qCnE_6 zVYWjF-2l6K`vqT!_8*}w_T>)2Zqe^A=60jJYdR-a5^;uJtJl|U{NZofQ9QA`XA94m zqyv*jtQj=FUVDAyGT#e_xZ!n)s+obZ3Y#XPxM=I0%m+Yz2xg5B*(*Zn_^ebF9Gl*D zL`9N?dX{<3ivrzY?t06Nb?R0GS`#y0}+Psyw(fZz=7)*~)gIs-g<#T?J zU*bffOBF13ZP!6-Or<-xbBH|IFVx!-yGOKAfHb=mN zp!063KRN$&beUA4ia~0))i+$JqavvexkjPW>uRJ!_)A4`CPExTk$jET#of`tu+ zU*uXQOGb!0)7+92R7Lx&gHIkICz$&AhUzhes39h&W?L@%BS2#{^T?83TKrbOcPS-B z?xOz?8M+CFBRp-*eg&Ne=QyUI+Mg^$>OPA@E0hCP*bR7K~!c*saUz%MdjAIvB!UGUL_EoMW7|Gwu@Nl{-* z=)+^L_XdhyU|$P}biG>q6Ss?Cm)GDvOstIuA=RO`T&!-_6Zxwxt<7hg72`;woBaz( zA##vCHf%?}<21-8jTzoEEa}eA%E;+XCDCX&iy5?HgRkBTVgCkQ)HYBp?(Z?+{h(G4 z`tGF~Uz~$tMU=78{y%Gp6xx9`b#HeChlR|m5LeCd)7Md_tjEj zy3S!V%x3-dd7J9OzSC8zwuVtF0I?t<3l}vRKRNY=+j*tR86pu6JVz5q9 z(o;`dN<%8dmJ1&ShUa4j3Ii?nJ)P;v(lWogI!5X)kR69Gq3DfjQqKB*9BHgSnsXq9 zXMY0;he^2Tb*Uz$rc*$)IK#JT&KU|jDCiO4&$!h%?Fvkf{m(ge$h!R;3)bNk+C1&g zKy%$M6FP4m={-3x-K4{m8newqG>ify12v)?&C6kZrakkLdOFz40c#Rq_`0u{kiP1K zz|Ed1TFGKEy0(ks7D5M3uIprMnbLaMZzhAKXO3#`jZ^xo)=cQ5Fiqhk6)g>V+-luf zmfcz}e*yGdU9$`Tzf;UR$~p35X9*AMkRYq$O@d-W?o6O35t?i%1 z-~?DdjNE1FLNZCl{6s8xyC3B_A&phEW?<8yfVny#s%aS^Qat5|suVZ=4Y=?V5q7m? z0mrIwzoj5!fJ)p?LyqSZ-y1x|v;1XJBKjYQCum7!mnuLfh*=Hvq4=*{kL2?mEGf~B zqs?6o$qFL;relOtJ5GcH1#qUCwcTh7EssRkw~1wC+J4zLgzi&_Y3Z8D30Q0t*KCfT zcVnx}AZdxZEe&oKhfYLrHC2;uMbWyL62pnY)tiHm&{N`H@&JWWo*BL^ zyM;BsY4U}6@QwBTD^3U@lR5RabJy6G*fm|swoJ%!ex7r9J9fImBIq>=3;&=b54hyU zGuUbWETkwS1BI{sl0SWz?A1XiH5TMsE7uynZw*rBc2xdQUFyX&>k{op z+YY9GuhqaZ$Fn2aY?pH1I=&sy)d|C%P>kJsKf{`OL?bq*xPc&d3DJ$zS^`4XNdSSU zVSeDC^%1#gksa=eVAxs>6LOlkr3Zp=hUukD-BOW8;EGACev=)uqw~Jvtkpc@2u}5t1 zWf{!m%n`UqWP_6sig3bagelPP*v#+FZ;WE5o()JMcRYGSv)C7=6rB9n60QaavXWCy$mc~E7&Ae$SyUQ>bMA^%QYSgX< z@7ysGi=Yv@e>t-Y1KZ3brp$I*2%9KoV&VKaJt8$L71eLqFcL!jqL)k)6cL8b-0WVh z=_VAEh{40F(Mp-d<}e7l2Y1v@K`GBKW~rvV3ohlo3#LUjeQD^xhK z3ZY;9Twj}jfG>@)wS*OWu?_GPLeVqr!qDI!Zg|MhA|MEa&$3;+%o6%M{d0~#86oPo z&7E{3ls}E1&Obbbk1|RY;HQyv3$7eESL=JXP+`cyS6_*1*DtkrdHPa*U^%M{7W zywJljZ_v7zG~^6@f{=%K)%0aIef^^laYPhRLX+Mod4K8B{i&8hrYT!B~e+u|#Qtajn zf{nj{-DmU`7EI&sAVR%s7Tp+dJhcWbT@%T-c8kMi+Y?f8g{xtzMQl#}2Ygx@qf>~1 z!~?54HeZ-3#;T%vOnKW;@jx((j#r-K4h#<7BNq`1L54~5uwh>$cXzrdWl-l0%XD+e6) z?a@kK?iXau*|z#QRl1`%SfeeMCnlR|PSXw8=1N0b9$#w7xW)U?X;+#;jyuwKx|(^SH#;h@V3&T!GSL~a*k+f} zIZO~ST=KuJcx1Ng1g2{@TfNsNsYHD*-fhB2ia{SaSYoLJ#Au*gfZ8_4O zSaxt=zs10Ai_f~2W+A>0T8Nh%MX)2{O$(sP>Bhu_PgxhGkNkpXI{M+2 zv2aUFt!0vmej20IXEI%1PLC^gE9Lvh`@6Zr7%px-F{ZwS$RAjxN`WR!E5u^y1Ll@Kjs3a%6i4YL7U^wQf6&vp6 z(UuPu{+P9(0NDuiP6i5?do?L)(f^N3`n`CrR3KnLckiZgo{1{q2cGt&Icb=~(Ow^H zreNnIa!A<|*oEr3QtgbGGiLjQ2sx?4hVRgwQDSrzZAK4Mc3nDZ_b5lN+#v{t6V&YP zq(#&I7LF3fd!V8tU;b(8;HL6kFTecv$5lp%Qp7bcZbiOxLdy1@6RA0ASZBGj!7#6I zdDZc=qp*Xi?KRQvtyil8VGW;@oj48A5Luj~OejOJE98{iRVBRCmxisameY`RWi~2c zLDJu>x0qYnxXA6f$F^iG>Bfq)JAb&sH3{1PI@c`Zm7uZMZx`gvx3yiej+ddYu9h+z ztCT*+tCqDx?%Y;Q*QCqPYmx+O<$d&^B7IHi(ydv$zeA9ht;L7#e6wGHPGETf7gVUZyM4|ZX2y;ybnYIg}h*mwGeP6oZ5}}Wu z{k;yO2%zC!H-8XYt(9UH{%zv2`iV{bfe3J>fI<7SXJabQ(=Z3rU%!L@w+GkOm1RJY ze9(BXKt@hGX|wcxuRaVNr)(ddu`|zYSW~Z9o%%xq69vB|%fFmhb{ELUgRH zAqzaqWkbg1HqTSh@xbezE}4oz#GLZTq`RfN0+xT5SgzBDh_!vSBmL*ajATIGVE`UO#0Ps?)o$SU0|Gpi9*d^A+4MBO@jIU&DPgxVXN z8l{4n;iS6q7gw`DCBpX>1jgZM#`?YQYs4Uvm?GuvQlVg1s9a5kO#1&16 za>pNNi{B6n9^VEpBt*y2bR!(Uim0gXbz*O$RKL~%iw=)$u)WKIQbrKo2O8Z%_%>|p zMoMUnRj4B^bzk&}#dg?xUuJ|xSb@v3LvF7+ZxZh5(?8}p)y8mY;&Lm|Zn$g>eb2=< ze?ZKU>=&-ho$8}uhT^qy$8oL2FM|X6B}DAA+>l%Tn+hp^=i!>hW3dX%A2-SnNHR*6 z`7z?C>nF8aQfAoC#75kCd+!LYy&3be1I1|#rg#E7ABz~ZQ<*ND%@^W!twG1C!Zp3) z;Wu@|6;CNk7Nklw?}_VSyUTk`8$f#6UneSe@fH@LUQjCuQ{##^7vwR}RwMtFZ`HI7nG&~vm zS4mCDN>lJd*1Cwg&fSirvx}KjtV2-Wx$eEBZ3==Dcxe2DWg0t`UJoGt(iL8M$l*=O zUj&E+3X@qZeG)xq-C9wfamv`wL>8$^s25VY%3teJwE8b?nq;uL8ZIuW*MnhG4v9R z+@<)sT*pIGDF{zWmyl3gAwE0vRQx;^oJo_2ZiY_JJbXhUnA>mOpQ%GF{J_=e>&b%G z_~Ow=r>C~B25gccS;TQJ+EiPp;|>JrA@_c9{I&e#P0?5WYbh=%KG6IIezfhA`bO!P z8ey7BZY&96&stXPFk9+ZECW^iw*!Tke2-K9VgpH-)211I;ezSfv5cm5=4onoLs&im z4Y8Kw+PjLA20beSe0~gp%yN^uquT9#{r2{MLn+lnO#Fzif$OWexF2ky&x*@CPK>R| z{FcJK@Lx!`!L7UsF}gpQVyz($bsBG6d!db#A*6lla=s7CfC|9~a%JL&s~LKC6|QD_ ztcc)1fqAkbBO4`L_&dPSPD}rk(Dq8CGQ00h6DIJ|_|J29F7IL<*_WYh@XbiIK!)iJ z3{~Dv_2I7%&WmCC%9Qdt+ICFsJhnY*Ep6-$B?=ulH4$c~aiw#*SI~LxxzUUZ2`EKu z1WN1$n|L?DK_Gw;BQPern!Se{Sa?E+brQ*b&L=T@pLVhBS1Mg~>i^kWvr6a?G=&+G zno;cV%P;hG`R&AIe{XQc7f|V~FEnub<7?cG`K4 zc_1)5I@W2wy`ux2M;KvwOqRcr=4V?VewTlf#8lTneRl9ulSDUs*O5h8npo z4ilQmFdRf3 zM;nH)T(cmQjp31b{V52KdBVZy%SESig{YA^D7lp u3(|evVxp0F1o;?$@RIruJ$gTh-+Rxns=8!=*^TAyGv3Izwt0#nH<^coEgVY# literal 0 HcmV?d00001 diff --git a/CERTIFICATES.d/03-window.avif b/CERTIFICATES.d/03-window.avif new file mode 100644 index 0000000000000000000000000000000000000000..96039a3bbab865a20c017636205ab56dc3c0f099 GIT binary patch literal 48111 zcmd?PWmsO#&M>;*#@*eaxVyW%ySux)w#BW`7AR2Mi#x^Li@Q4%cRTdi`~A-DzK;Jr z!!=B1O(v6MWhFD28vp004~5!NT3-&)8d` zwl=qS{TB!T&NgQ5{{#PN?QKl|hYXUljl07?V_22(t%>MMm0RSBM^W?2EyaGV% z*<1gg9+=)6THYHhVq@d@4=4YO;JtM${-FGsVdBZmBIac8^bZ5L|7+xJSi;-J@=yJP zh-c$!@h<`ZfMjOwX7!CRi?{ZzfMdO_aQOzHINNyJ z{CNU`fq{8z5KKH-#6n2_JOR+noa|j4&FsD3m_Y=fg5Mrt+c-Oz{26;IU;r2d72 z05oSfn4A2g8W|Z{;18KMR^BQs@B%>mk>sEHhW_vNt^aTM^lc0r3&)@6(>pFlUD=8!Sw$ML}0>JAMAO^rd zK|w=7!azeq!@|PAAz&aPz{4ZpqM;*W5aJON5#kXLkWesEk&w}o6A(~y(atiU;%IA00b%|8Yzni6uOED zG?@zqYe?dE7;@37PE6IwGYU3S*HBnEENmQHymypT)HJm09GqO-JiKD!5|UEVGO}vw z8k$<#I=W`&7M51lHnwi=9-dy_KE7e$5$`{IjEqW3{*;pX`ODX|oZP(pg2JNWlIoh; zy84F3rsl5hp5DIxfx)3)Q`0lEbMp&}8=G6(JG*=P2Z!eumsi&}w|Dmsf8_cj=l_&{ zN%miIp}xrl4gmpzfc_&F7`WFT!BHU~Nm-!KL{y+nT+qo_LtrpO6Teq=!jiM8o?)80 zPQqbPuy4FO|0CKzlKnpuEcE}AWdBRB|6Q&{009K{_VPfefDo`g%~q)~XzC1{DrMr9 z7g$?L%3y4yG)FaIg_XNP)n#O_i++b1x?o?MkL1QH+F@ko!LNhLvqDnoA~lhxQ?#iMB(yql>=DVAWh zvWwOl80b9Nw{wzfKaWet>v1oa^hSlFaI(EKY`fXM7WxJ#D?!*nT`dZIO2+Zu@AUtG zpW@OlmP%;z3Y>);z6d*UE{(D}px$>U*6Dfrn(e8)0^k_=Pc}DG-u1jmN)5&q)sEOC zA-4g-PenTZj!6{Jb|p~q5kh8;ho#SJ;zmQkEbUbsqDhT4pYr5~j(Ndb@fI4+C=1=3 zAiMPSU@Su{HEmd8Qtp-7N9cHJgV3s6-Ba+Osg7#yO9K&vY!3%Szo01i1x^u=XP{Z) zKyw#4^5d5+E{h?Q!mz$44euy|Yl)<4z_cFU3N0yE(&*YE-jAK%d#oM&@niv`mB}Ci zP(jJbd*BFY{d#}Wh?LyXoQK_oyUGzfPGRV5|J>D4&%3qlG!$(FepubahLg%M;E+_x z%ss}EcsFA?)2cxAb+>#Zq9-^tEU`6dp2Ukjh_^M9@|^5o+}^>`Mtg6ZnXo&?ywy1eb91F2P7UXI7qbdCaZE{`QHWRRPNZ%*rWXZg`#v|W33}NqQF*-B zJ8qrn%jb8&F6{#(-;Szk`aL$wx{L3IoQL5KS)bBz-c>mYoo3CI!>RZ&H)9zAM~SuR z5Xg9F{GH6ex|_z{nPHO?LEJYe)>CAXr0(I|S)Y*YXYo~POKotS(2+YaI3lA-Q-pdb{!>`y z)*i-gR^JcQ*kcbgE-1AdN_=Sx{}`s*6r~L%yEVc_VCgV}^Yre5JX2`lhByTf!4Bal zOtue&`HbLIn@a#5bfc!-9GCgvT!&0;l?nN!=mn)`Jy2UH*6F#lUmJA1SOLN!-naT8 zbo`h}$NMOIPW0VvZ`t}GB%mY=D-M7IK!w@a2=ZBKl1jzp*6czkdWy*sxrgv%1jU?j zL83Hsx)?k-7;dBp zp`btWPWy$q*j{drg_B!Pe+<_GUxA-YnE(uKRFK9 zR@V7%EydB|j}q%!ru{yW{V6g$aAH4{+e8%uCQK}Ir}rX3i2c$^@(N7aX`SMf=Y@NK zqP}l9-D9{LJ)DKT0utqhKe=lIVGky(+5lIsv~Hb{Jz2~zPq~gVPmu0ul*Le`#?`&7 z1BafC`|6Kjqt0oMGKF`kv(M$bnFG|w)vU7XdpI2V>)ei%({&8e{S=(lPl@C)=wohC zYYS2fZfk0oJZ=|DVl8D1R+<4qYW30dXcE+|t)yq8$p-&@Y+3)vatOQfq5YF`}?=pBFqPB?odl=lvMBX)OxoUg`Xqygh zofQS_N~aw58fxL4AGd!yLtktb|2TRO@2%d!P*GL+z?gmHwSzc-q z`(mt=&aE|$%Q(h7;Pi57w#KSH@^_}|F3*SqUPG!Equaz(ExuN5lY~!9ejWt^3moTG zsXE^!V=pxoHr>(u;Zgee=ch1}SD+&6SF`Nylf^4QG9PqQcvV&v)baUyic&;|lt2j8 zgyvTZDLJR(J(e>(HPG*Egp93*tFmGoS~NxIatE#_@>jq-9R5o~e=2diBTk&(Tyj{! z4%W=iptF&_7}MFZ0edIorVa{(7%h$UAJ+{*zsp_fOCnLFU)Igy-1_XQ&$J$v+HW;e z@%S5C7>~bDl;{vfV5k`0&tj-Z0RLSvqqmUn(XQJc&eLB3VU9ZOpUkg7B9q=L@B_E~ z3M7o?{h!vNvRZf6p6KwY289!AY=-c;M&-_gZ9@QmH|Xv>>~8$&Qg>!v=;teNyO530 zWI8K-ucIT43xTk;eQr$x^C+~G{PM^SjLJ*T(vwke zZf{!^Y-DC!jarEzm1X}}gqK7f=rK-=<9(bh7{A$m1%8g=|7!|Z%J$(a&~x8Ua-KN% z3Y1Hu>zJe}!vK5a$L%t6ny;VV{^@0kYKCSHO@tXuqz^ruCig zV)z{M+Q*bz2aR{q+o%HvPh#=93uo<5QMz2u-kq;N&TL6rMRkK~t1B|yx9o<-{(S{N z#R=gsYKomVnKS`3a^XJ$Zd}hYWpfbodpFMr$yUzY5--~S!pXIUn*z!eIuLmKe*I@^ zu&N`5cpUFcnfpPYrJq4?t|BGcZM+;oS0K=-o+v z#@-ii^gJ(vo_Lws5Bea6E)Evq85zZy&UgffS0cEJN`?l!xHil}xvComGu&K54`0`ArICT9x@{&}$$sU=Rg@nMp|6){kwWaLhJK?DUv$DM0pcXFy{!n)}1x6DqlY%GA}z1K{0a+vD_;a>WXaQ ze$7EE*g(PC=5^{0*pyp8bwGh2wVH2EN z{$q~OPZ9EBz$|3E&0a+q2XWIFn`~8J!KjTzB~;mp&)4G3+6AwWQKgSX7qj8CoG)30 zNzfDHkoi5v=sYIP0p3tB1hzvY394kGIfF1H*Y4S1)`Hm;hLilbDW7j%w78tfNdPF$ zcl!ZZ_lMJ_Rg)1bANtN-aYCq85sAa^d?ca8e%mz-xbN!5NB~AHSUA53PmHv^iW;t| zBb4wMA85Sj=(^w)a2hGWlXE9He;lEK`~)teA6M6|;I4yhS7egl93V3AW{tE8h8j_` z>J7`5(LQ377_PY$%bBh2B}YG&i}_B-9TuodNudc_+zTAFN7{_R#;e6yf zrJx?qGG@GD(+y9rt)cKOp8d`Kl6exPaL*NmY1x}CAr>r;dQK^jn6pBm{^kaO;wN6* zHwyJ(uvj-jm3FBa#+HfL?qh&aO)O6{f{Qu(VhzCSZe1 z8ehz=IVMzuG3^;LXP1UN5ya421l%->{!hF@$bzcna)&vB`LnGrHHcWXo-3)tES0%5 z;ojfe^C=EdH2_NtKYaRTV7$f0)cgJ;&KPgv9o&Jl0CmSzHiAqUS05_l7DQJSwxhOL zBhMBG_Kj$0S%WnJIIDIB0$9J`%!IM8O2~mQ!7;DU!YeSnDlT~5N#IE0zv6rTkd_-@ z%iiLiDffeGPlGl_#Ocdc#^X!Mys@vQ)W_r1OPNG6V1Ri*pqFZ!%Fmj2PP1m(*aaeY z1U?Mkx%;f>@3-58Nao|@&*)5X2rNMeFD-cKm~bkh~Ye%m_9Nxm5Yj?k6v6tRJ}d7?!`iWWD|O&XdOh2*5{=^N{HW^iCAz5Ioa*hN48)<=`s^c#Y z(M%oXA?brGv)ST!G&^|fljltN;}~J%c_cDT0N^!GoGU8#oO4#uByT4tjbnvX$$Ikr zbQgltg$6y6L>t-0ZMncR0!gReeIAZiR2yG2?QmurCp_=9x8WKuwmDy6 zH`Mx?RGK-X>0sQ?*G&Pk)bWBEmj~;Af{U0niB|GyP1T5ouS6h{!XbJ>?hCH^Az>QS zC4~{$3`5wr4HgglHqPGLcavQu(bTZs;2~kw;vOL983i0vbV^He7uk>C*SUppwkRIc zLOkx)hCL#>q>+}_9eG6V0v>>coEoS~iaKo64*zx*tzCNp6r>vi{RL|r=EClNHxDXf*k+lcgt#}$FVgF?ziMi@D7-2C+vNA5x5i3zAS3{B6% zQpzur_lc=mn(sn7aQdJ(r7^&AB{XZ>;x2 zg{!-?4N91nx$pgCMRzSP;-hx|-r_iDaz(dqE6lbZ^*KEQ6A+ny*~v_@iwV=0yq;b# z`aFbS-V6<=|MW06ECpiD7x*klj3v@fBRE*6oeLuwj_??Ug&+jMZ9*!bY95$RrPlkY3KW>tG&`JEr zQXrGPFo1(jjW~xqmn!tg^Gpq{-d>sLvMW~gv2T;P|KLuocP#71(&b%yLhRtcBL0&t zdd_0%vi#Rqz^`7We=05LMx!wzNA(aMYQRwhL_8FXp-}M26>q)_PVTA;>Hg|ep&?z~ zMoxqtp&ztk?CTDA<||Ona+^nrK_tSVX7(gM+k{DlIBtG}M`nm#&n(P3X9vqw8HQks zkwcT|6ZC+7y25;CVY{cQhOZ6YLFcFvC(}U~z#|j^SocCOL!tB}zUSe?K*-WXI139S z+dI-Yrf5l!yUAO6fA8I^Nk|QnIzf2_#?_zpAH{_(XM}h=ZLCp&iDHBJ^yk$b7*&%7d#zY;1p8V%KI_214t|3vw(?+^GpBFirteCi2nYNB%b;xcY1 zz@~g>^diB4|I%vwCn2Ido+~|0-s_H5`b)SO#+?7fA|X3sH=FA9zF%-;INF zuv*rgHwv%MItD)o8%tQ-gFeM`2npCtY9rh_nt;r}I;y&@hg@F*^ z@7Q;$xM1w^ho4k9R%v2gP_aXHs7qE?_4efLd>Q1-Hqw|upIgQ&5G$TWKUu5C=v-Bu zz|#R1*(dk`1FTL0Lm5m0^J}SXl1(|TwttU>X@4U*5Lgh*eh9Kb6+nKzvgO0y@TKUn z;3RN$OKT8D2}ojki>^OoiOr)Y+fQ><2VC&Yeq}mrF1ld&oTOlY867A3ay?&JKT;UJ zof-r1hVh!?zm|zWoM>nedzU9{i4tvg)>Iwh3I?NV5qdyAqy{Pd*Lt~LfeeiK zP-C2-{NSBDgT#t9AG8}(y|ja&+*0;gvXo?j$^T(Za1c8;Xic(ubIxH$bW4#06bcu! z7nj+Z8TjcHI5Ee@$Lj&tTXpg+Dj`2()s+h4lzwL& zGH`^;V&?95`WpF=+(I0jLkQ7xp2eRKmN@0Im`k;`^Q_>YrYXJhO=adQ5)LS-5V!Mc zJqoZ#DMO)KB34jf;|M%urAqFPJc0a0MW8tJQq8WLyS}i!U ziw@CWD$?VK-8{WV_xSOz>=!%m3jAm6wGCgzZ`2zstZdX1p)V)*fi|It0e2R3^uwF@ zE9HVv>-MP$g$Xmva;Nnv4f@g^AvqWDD^+*i_qa*k@W&3eFW}=ADrHD_N%*ceuX}$;~68J^)V)q1XJW^vw7)UhfG|b&e=`&Jd8deZxHg` z?(xr@6aDyBBKo7A8~5Z?brkba@S2|Dky)c(go;OKD0ttT>H|ko;{9UWjl%r%ik zdy>S}W<8vO&_0|B0{)_GHgH9y=}UER+Xw?g(L(3NZU~3LXP2m=A7%Q*`pu5=SAD!M zZPcKgoXRLWq((~;Y<@;oDDS-~!hl1Y6G!u=l)k4Arj7Q9E!?j_e~mESm8L$T3+8;P zMS}Qb@KV#_JR$I8+q`rrxzAtLhxKJRf6(;W5aCKyM9JG8Ftq4f2c{Y~e~?KCOjJw$>O^r!)UeH5X&HZ(CJ2{W3+6 z*wXL#ohz49hP)hbn$*56_Hq$?qzouamvQ>U)OdTKT>i5xsfIsh03ixI0}Z|j`V1d> zPZ)n%6GNsvFXC(1kKv0NWc#h_Qm#@r_eypme~4VP;g}yo!Z-pKZgqjeUmg4PgcbaZZKt*)@?rm(#I+1@CVfJ7X0dI@vmCxhlT8 zufs~>Va#<%ru2-zx0D$Z0(&X~8Ac6o&Z!Jiu5p=th0>@N=3ex9vK5ay(_5&4LdJ+O z00r!HgJlJ^2;;eHS~MF(KmT&NxaH&`cxuEU{$?`)_Q$LKmnZmdGY6yk>&qv&JWP-u zMe+GOYEqT6{sX5I@Xho&Q1$*RDvkVM1YPo6sxhDgi&j+IU@4hOsaDO&^~ zwr`evXMK;H=-VOotOqeq@^L6>J1~fj#42U@tvM!6Lhk09#msmz3N3{N6eR^}aPANP zObPPgl0oK6k{AkmX7P7lV&^G*T^57i@y2DRa$dBxTKbqT>_nKvKOR9B*wim(W?zaY zEmUebxAZVVagVv(x+L)&Ma}DTYc5?a^SpVPo@CV-gqkwWAbLm9&k=p=TtUIxR$;38 ztG0ADsB$LcgXmcEahwUTH{|?at9AR?NWKPo+8?3tyggQj>&OzSgWbj}gzZr~Db%u5 zW{f2%r%~8ux%hXQ-3HcOPW7&0N)9!qSu?X^qJX|EwP`auCCUkXDcUfK#P6gs+yV#o zbqu0DTRJDWs14x$pY@H=*fN2WwX}JF`t2TmACdtuVazT4Bx%RK$CqO2AMfZgbq-y} zf2bSEiw?&sLnfZxweKqYu1NrT^j>p@6iASUi2DRK+F53Mxzx|Q7+Mkh%;rz|XMC4K2B5ydi|XorUFFYdHFm~+B>%K_lrdM$op72DCfZ^;=Zi5&X< zw!LkbxKzo%DQ<(UH~LcSN}h}}1d7=rU?cig>KX-f*H3%EM^hKhr;mI|;)sk?so^H) zA;|n0u8Jt9K|jC%Mhix7?2L>{;`VIkKrTIJZ(Z^;ikW5_EYyR+Adb9FMUpIM&vceWEq?s^3-Xsp++x1e95bv0-C%f6a8 z6o>}L3k#1Q$^4b+(ZVaEb2Z^48Ty3+=Zb`^)(;g-72t_8F>uZuBUz0FK>$U;v?;rF zj?p*wsfDad@>gf10JC-wJBOr!>!7iC)6|lS2#<7}$kJuVk^sThbC@Q&O5I0xn}T{* zbNl#BOGnoLpQi_9$ox4{D-Bd3hM4n1s32V(k4BRw@4VO)M{NdaY52VVM3FaeVh?uYm23qq|_)pA-#N78hB;EFsgs>EcH;!b)lC zQ#E2!a*gxxe~=Y1R@t5rros?|Y^(4Ug&ni~UIE@T0bNc_RGVWTiY)*Qx?LB@+|x!8 zbL?Zv)X*g7r=~#eFV~3gLEddhcZ49%g&L$f&}3vH#k0p&Uh1XvR_BMjm+6;}3#&t0 z6+=iQU!u{$ltW=H&GNUp%7$o~Q^ho{OilE%@bZNcdSnpX)8cHP!|zUE`7q$P=hDAj zcvW(7h`OXNO;H)sSJqMOI!}Paa;m^PLXU}*(PJ-fj^L_Ieelxx)Jyugy)Fl#ZrXc9{nBUwQW5l11j!3>C=B>S=G-xj*52e|u!7`m?uDQnAZr@lxN z84GhE9pVd>ix56BK>QLj!%0QU4>Lwcj>{%mej&>aP@S`RZ-)uR6W3$-0cjsUsbgTid-VM=I&>;w5NQ&VU9-*$W@MfmmJe~IqE_V)jO|#z{l1;Sk z)%lErkl3DSvu<|EmgKbA9O2MO2)0T4iBIDPW=g-wa#vs?rt>)D@_XU-0_@(QYbPke zlhQxffb4k94x#Z2_8L1=a$0(c6qSDfIGhT`?goX8;0-aHvw^Ocm5@D zJ2J!_NtkC52KxL+O|Y`qvO!SJez`M*KZeHXKsi=&LOY;nAwv04MfSq&pcn0sMIbzh zp=6hfe8^?`gesHo(K47|m83z&kTUkRVnTQ?xdn9eiTo%^>12OFWtIx2nB=g>2%BUV*^Xqd(Scu^DRI^Fj_W#HS&3>$Ez!u#m zMGFZQBM3C0@5vf)I*9MRxk1F7TxP_#r)LA@IUf~ei^q$ybBIdXQvfruAmaI*3;Hdi zn(T||IGC-)BmsG!Qh4nObB89Ci^PtX_Iw8jVHmhv0qtye`EECVKHHf3sR#fI28gDCHCp~X(`~O_B6V+*D(5x7 zxOUwD3}Bp=-)vYus99*-MC3hrOkYM&_1gggLdF5XRJf`LjiB**3u6mG3O5#s*FWd& z9Kqa;3gAp^6%KJ1Jg1?P^Tf)rp70PhZ(+V2T)HvLjr+m_gvRq}V)0MOGM}P6Fu-s^ zNn^yrpviX#h;_YEa7~x6sfzn`-v;0pJIU;=l`Gcg`*92OwRKk*7rtxa4uWE`{5?w9 zV>;EV_Mxo7e#+~~-rIz_N=^=5e>aVl#Kb_@1JtURZn0k;@=T9nJE0VzjM@O&A`Q4~ zfEP?o9!Zuip1yR;X03BPpU=L1+34{w80){UF_uOo=#`CK18oQXN^SpFV4JBB>;6gm z%i)PFU+i5sblez*$xZ_V33Q!JP?u3|(0KRT+4Jr02M$=tsche1nrz?Ocm+82`oJ=yEcMH}r(GCDM#70<7CY4?5o2yDaEGu>MjtM7&5G%!}N#7fe)s%@b{D zd|RC7UV)^-+i#TfBa*r@&7X-h=Z1~-#w7>Qb+(h{QvMtHd+74 zX?3g8<~Pc{uI5@)#XcE^cN#=`2uX#6MWELO01beHkf3u-y-hq8QlKSO>TJ5vD-GRz&JrrqP z)#!tTH^x$Oj$yD6{rRFS({^Alx8-iW$JGkRSF^QWNk zLj1~F43Vyou@W?WX~yM?IUh?@Yj6kV^OxPWy}iu*V`Qmkz!fIdUb2YGpMqaG&#G)e zKs?HUyKH=tvt}T?kONouJWrb#nk57JK8|8FrK@ftyge}GHfUS)F>A>Yfl-b_N@PK{ zcJ9N^gl>;c6W74ps@t|Ja7#&oA3sf-7Db_92D7GVp=uwa_Lyxhv8i5EadKy8^ay>< zYq@x4qB-SWDchx|t}oB5(VRRvr)a@f#6vAYy+gPjkbw1`xRE;!3fBWr5H1&or(3ow zGDxhZURslPuZSQ9``Mlw*FrSmA$1y#!Fy+_I#%)c$uJnh+b5Tc9f#eB7TUv&+6#Q0 zhft{w`EKev-$cH}@Of^iSgW#DiEls&f5-alpy8CQ-u=wGutlg*oiF3!Li?Vt&{dU? zmR_m)EJMGdd`T(!Jbh5uckkL%WTOWU<7vFKD)W6{X)8!~+a6|h*r}rD6>P4ZR;aE$ zOwZetQB{OtyYQ+>(yR@()mQZ-T7UO^ZXU6u9(7LM@*FJMr}v5}8xLW8UP^gVr1aLs z+~?{c6N{KiYk+t?*n`WA`&gs z1eQS2xS#;)zKO#8#KHNI>cr2)?s~KJB+zsnaZ;!qI`M3r&`|8Vtr#SGh`a!GgCKQ! z{>z9tnNI;%*o*K}OKg1$Rle)sYPG3bGKC)uM}uf6ZP+# z=Y61RqsVtiVl?mZ$<%4hzrj=B{lP`S9{UCie{X zTqZAF6GE3Y9AHHj+Gs0qR&Z?;)%%_y(2ofrgd}g#kFzl| z?{6pv$>?O2V$uyPrN?;gwTJEp7H(Z>X2DV=^HW;Jv_L_Ywh(O5)FNhci@lEe%1Wau znkoq^8y)ev1VX&sW21L))90b{mR048KKw~69AwzH(;e29UPz;hU(M;Nl_>CuuY9hq?=a59$tkc?F_#rzK{{FXl)dtynLNuwaVD zxJSE%!9-y)DChkyShnyEZ zJL*s2hzoA9SKl^RF;^v+qA1P1xw19zTmju)#BGxL;L?mw?_<^leOlWq38q2MjYF3Q zyi_EuKlN92^!#Fkx@z?X!i{IRaMOcm(fVC5mL@}tLn7ZR@%9Ajq*n4SLr;MRcazy% z2#GSjtF`y&*c4Rj3J3!;V}BRt^_-fz)m#RU_5m0%2fnpSW;1~z7h@lp>%!I%33XgpQ!+wxCa zhkQ?T9;>cuLS_aA5`Wk~d9&x`BGK|7nU%(4z3?p?rqSW{6OFet(iOdEy7+FFC37_z zO)t3`%%yT~)Sb9V%Z6v9A~)4}ydI#Q`AuO;;q4_!=cAes5@HPSZQfMLM&p$$8QGgK zf2*_J9)^%FboCbMw`_yM?EUO(kFQM==1&5~idpXx^h91zOIJDLzl1~u@5flq5){u4 zaoCLk`%xv}mFa?}p1yP}0F*-bzN90~9KWaH^y+&6Rm^i-=>SPwfQ98zwQO9m_*v_X@+n6kqGSIBVJC30X^*6dK6fN z%hDLwb=prvsnPp#I?Cv05|+Y~ssblP1>^Yw)4b;uE!g-%BoeIOh_5um9Ocnbre?m& z!?lmFY5W)=N^U|3VOLP)$A%jjTWEPDD;3{xtig+uXN5eDSj^=!2+n7XKcWz2^A1At z9gJ;kbQ~TUQj{Oe!~Pnw@$u|g`KZvA^HBP2g4%)U($3%@Y#F;L^xs>q*$taRYC_YjMPF*6ig z_T4+_{R$%ABqjiw)ZwQlwqJeB?c;@jqsW+(He%1HZjMsF+Yy?Ba=EkJ8zfm+$G@D2 z=LcDF{oawy`qA<1NyChMEmax)dbv`>Uz^2=v=oq-=}E`9+^4opI9@C^14A%=dMOev z!bcRGTVIX42hlSXPT%&KNu5vvS?urtFM9;?8=JG7xgl^=)0+UF9Fm^4DB;A5V+o!g zVAj&r&l6srGImOaZ)foAJKA5hIa#C<<~O4#M4@;HPVrLK*dNO(-O1P$CBqg+fVAQ( zerqJ7xZW(p;UH0_qrCp563%(AM?b(vEoITK*ldn9Wm|(A8d4mvFtQ^O14Grm))3se zHtE3X{v60$dHe-0M-P;9{D5b;~~^PN22Qu?&CxY z(g=E}YHwKx_S-y0AVU8Dqgu@eqZS!Tt1Vh0yv-qj}wlv2&W(UFSlJyqZqlrS+h~yt*e||9d|?V6aU0+cjQB-o|}28>dc~IZU@tE1~L~ zb`=8!LkAgVy;}jzdE1Uyw+?c!K#q6~?(G94nVJJC@zkTKsXdo9 zL;qJoMFq}`?4Q{`v#I|Su^L@GSTsLXZ89CX zgclHJY=exls}7c3`zp}k?q@0>{W|jaJzmQzoPpveddi0dpivBSNwIkz$t!y+wOwVy*5;w%!e)Lhrx*YB zY)HzG>sbY(it7T;`E=btx=&U>0}){v(@SWhs^5!t9*bhHm8Lm@}QcK zEI&4uy!=fkGpBuN2QNz9-32~0c9I1;7;}-~(ISoD*%P6f&%=TKkgF4dz;%?cE$ID^ zrS%_7X{+cLi8F0OW9qy}(?L&5#_dRh4vQ*!?|a2Cxvt&MOjNmO5i&m6e{mIe$=nrA zg(IJcm%WweVXF;|mcCTmyY%8 z8B84JF;AZ&cod&|+1nSBBYV+Svn8%1j}Bg2g5cKiCDyw-P+amrissX3^9zPUjwD_j z^h~x`jGekI)jYBS>D^J#Q`6vMClO|97h4`5DRH^>Pdzq?p*Vfl8W0%vl$V81#Srk7 z?Obm}{b;5sKJYXopPcA; zg9oxxi@|oi#CrrjspBIwgV_ow+j)Um9;O1~0m80(uasWG z(|o%yKR*bU%ECqcRO5F(LYacB+^Ea*_u0B&o-#*=uoR7av19N$U4blN z5p^+{`N47kGhzMs%rwsRXJc^B?&mwj{u2iDjjSjh70&}f*Kt+LAI`*1k`_JLyG8{0 zC8V)S&`%XEpIh#vFdOz;nx?j8OZDHi;TG*ZQ!?dyhdy7MyTEvVjA#9F^uF5oF#akh zvTd5wq}c9AluWoY>rg5?@l&`Y3bYqR8U=*gdqQ-%IS!8wIV(6RPTYM4ZEo&j$CJ&1 zdkL#-x#zQi^@#1iZs&?x|rocNe_cBZM3yWOT|mbKT=((pHI#yrPooomp3(8}K<>S`M~R- zz$3hyYb?EUddJ4fiY&JMfp|`9ZwXK+6JQ}wDR;4oo@JLJpZhr`4c;+F7ECVn9xTn%a|?A zo2{x_X$5Z}gqZm@Zme`aCw_`*qK|d&uqxaIF+3_Ns>o1Vc)y44#Fm3_Wfcgg)Y@_x z6)XDs?ute@@W*ZY*eFZdC;X4>?4Nn8-6HY4f+x;Uk3ddhJGawEC4F{h)GclLf0%Rt>|I6f5QF9_|t-LkI7sdr5+j5h+j zPxLI7{9(#b8{nmBx^0>?*PljAJ~vts4Gfs21x8jB5qR@w7$mJVhCC_v37WphK zQ93%qp1mrDVj3H!k(`SG(BOACc` zc~3d~(sBaR&W9Wm2YVf3A0ibVnw)?Q5zMcw_xw`0?z^ki(m(IA6;U?d-B&=`ZZ>El zXJ_F0m4ZWw`H8)Z;~>l;XK}_G5QuXU58wF9LyG-MR`}@LyQ8*@b`ZN2@=IeHdLViR zGVdbJQ?5SC!q^zR$_j=4hv{F>;%x>PD%>Gs{9OB$eh`xbl`yLeMbZzVBU4 zR~*-pib2X;dQvFRxa{bRoHx5kHCcX*mcPU1BXsYh&f<;dktwHc6g9fpo>%92N!T$0 z9~FW4P^^$9DZM0?A0ld2j@))slXz!xL*iX0(sv47480*xXLn34_;7$<0ZylF(*@Ww zbo+v%Zs-jOuM(MNu*-C?tmUxDs+CQ8tR?pyr3Um5IRM9Bp2^A%Gq!Ky>(XV+xY+}T z)z}Mr(|(SvTgz$vZeX%^qVG9oYOAwD3X^M5kh=e1jm$Q`sD%zmSS|7~{eIWE`(FDM zI-A+zBe6uPJFO(n3m!95EXt~y?6wzjS?2AQak31AmZB>#m-|l**Yz$x8~q%vG`YgC^@=L5F$JlJHIIv3MLt^A<)mETBTu(K4>8vm zfRx-A^5hzBL`X%gs1pj8muux63~Y+gqA*#g(0l@zTf|K zj-~ikMmRm6X@HvNRHLY{>>*3?c?@qy>{enCA+_QKz}bs|GrJmLfGLLF`hg@>LNS4R@2i{o=b+cO67c3@t{@9c3^xS<1%W_1!)q@ z5@p5u{Sz?^jIKzl*^;R$)jak5OGcM~L}zVZZ4`peLuuBg{M!VUWRdnL@XizIbs?|f zCcta`luV`Fh4Oytc(#5Vs1<4=1s_z@RBd_&uRa%Psg}wm#FS1Zu4xQ$V=Ow!H}a#+ zxm6XI)2ab~ZO7{>S%-hN(>QWug_@DRwCntC4-r=@^_-2I51t!DMut$oA>Q z{i0-~fDSyfO%!C|w?*j=UP^MBQDr5v96DNQ8$VW53zA5m2iavroWKhU@*5z1y(1=$ccekqkm~>7m8&KMj&=``-W~K-|A$N6z#Gxkjun9wI=< z#2uu*_)yKI&+%wF4T;_4tq3Low~}w|xKED`I|z3kb}VXRYs(BLofJ?zRA!MRtE4El z9ZI((`Y98qJ)MbcHsJzh7<|Rm55n{)rKun*h=XKx`+cdUINJ@!Ge1*1o#KtUw-8>d zNCn>iJG}G;p&Ez)w0i%~k%AG9suy)`QMQ9?C*H3n=eZWyw@&h0v8Ae(L*fICfP2o1z-~Pg&%dy*$r83*?>V(*PsdrA`EfAHU{GjG z@0}s2tqDyvlyv!0c~q1)>J7AGiEVo;oV8 zWca-pkztSEQ|!xsnj`{wMZ$S2(8z_BLa{V9|A9v!3@;5?;o2Pu35`GAT(^;i?f>gf zEcK`Wt3!E>DUT`|03IUuH7tg!@L7*@n^XvrtE^fZD)E5Z1~%{JS#$%)uqIF6!Ze?S zkw)kH+c~4$bw}*RH5Z$wN`e(ejcTA2>4>h@aK90eldD7Nt?UIs=mvV~QgO^&;}f-5 z6Dzz^R&P>(z|-Q{XJ=K9R^7Yt;O-2}nO{7tEh^-Knwkwu^@`S5ieqWO?4r1)JqV!a zPj2{DY)EuGjzI+g_4WLB4{0++e~7I81Sy=<-abc%VwKxoFWZ%69fHCZNE2lQjF zsJGI)5fyfp3FUG(gcO~Bm#9?3w_wR@ASo;yxYTMKP10h`kCQ8yZ(;KVfL41!|UMsz$R> ziII+08WvMEVZN#&%vE)noULzNy`nXdqyE4d49$gzO0j z8ms48PDRJtghXpmWN1S6&Rc*;^S~G{3yE@>3uTqjElblC=i?8|9W||Sh}EY2b?cOG z>Eu=_f3=>V_`WS0lYHsvfKI)ef!pG~1pCAp|#gK#ZUp4a4did+k z=6%jWv-JVfU9;8T;SV{F>U=2OU0^UWA($GjhtbyV_i^rPBut_!dRouo!lhv*_X%`X zBP2XYn8flEqsqN7wGk1@u^50B`HVu*NSY5{uaYm%iEU zqh*9ZM0Dq0I$B_Xu#ub2G_u?+BM0r5>ia9-;;VOwCHFAJ@)oPEQEG#4z4hS*;hQAN zs%!#$XY619=Xvy7I_=v0`ib;CVQ7Z6Z?ZAr?Ww1i>Pfv z=hLI#7y64Y=AsB?Sfq%di(e}$AmLs06(%nZB?%jllmDrXI!MZXU8{-U`*lKc_8^ji zJ?GkkcHFhoBRB{HRy8K?$P!#k5{VhYZ0j}sAwzL57$mW+-xmZMkU8(7q+~ikU#{H_XQio3olvxh^fOQ8v!+$?C9}m^p zY~X%?VnbagN?-hB6A38*$!Bwx$8q}@Z?{~ig&8tWOX!!W#h-MUX z8)~6GIqd=P(=brs1!#E3e~B$ByLe~vrW>NH>lFwmbMl^R7Zm>+A_6|+qa^TB?8haK z9X?(|S^p;BjQ6twrois3_+YQXFH+=|n2ooJYhL{rHNNe|+6g{*mD_Ddn9;CV+RP|I z=JiCB+DLKqulBNY@>T$%()Jm^o7&u&b{&?x~!LNbdwoV9)G1o|AN0 zh6qSI_On~TSSF*G3y%{{a2`u~;q3<`Gdt_4n|WxjjVpS*hos<9 z^TmOhq&^7JW$JZTwyv{zvg?E^$$Cz>JTT<67z`q$#^O~Cli0l$Q8S3-p>9}%YJNG~ zPDUW7h;ooU);bnyec&YCpQ(!0!fG)O7j#0rW&-M@YMw zXgS1|kOj76p>Tz&G_4~XfG280)u!XL)S>io+LWUhQHkkFNq>gWuk0#Q^2ElwF2)YO zr(HJPk(ycqmOk1%wd{gR8MJ*w;%_kS5)AY@PdLVw4?6|RiOvFT>6!nGMET<%6t2rG zUI?9|!-X6kR4Ga!9NO4Oi=q$xZXPi$ouJ-^%p~~Gs)m2uGKX*J-Gt@XAE+Uz5uc~Pi_(k; z5`dT$f;1y@UUmIx3)m8_SxNgMZy}}qUC_W7L|5m|UOP7uuSI6$fqZ&3+FUD52Km~0nEZ72A?~QtPu8cM=dy}dyq)4aS%7iYh+k@tr*^3Ay z)&;bTLn$`=eGx;aFwRtqpWL7wJ%zh+3hzzrXm96Gywog8PZ|sL+2b{8RIFJP2d91@n19c|cQ$e_Zq%op;!!c4;TuFl&-vF$IdsUP0 zm`uL;iw_nx3Xa8riiyxGj!flC&4Sh&SpyP*!wXc`D(rLhrxUOJKQ93MS zOTY6*8#ZIn1q}A~3t4MzgD8$<fxK~aj2*Z-5T>Kb8@yH^wB}hYo zW^uQiu0z^qYUid=5l-(mk2H}*sEXf#`K$szC2c@J3Yxln=(5~$K3pn3HjP=O4uS*}uD1VSeJi4WrezvuX6UR+_0oY_ zi!MVH%9ljor>6=Ic)ls+(*!6Gy&~{xIN!hIvPQ_2rORa-m4fAG2!%vO->^*&It9PQ zu8KlgwkkeWPZa`}*QT#KqLckiF-$b_06pa7D%_Ji80xC!1mT3l#KxJ{%Qzdr$k1YX zbs`F-_Jok^x9nwA<498>F!Vx&H);~om#uI|li^uqAVp2V-egxZ6_Nz^z$?ohwS*6o z+9ogb%=euK=;jYc_D|hRHgHuoQd}moXoqm-lFqKl3d4u)poLP`zr-f%Krs*ouE3ae zS7-@P%g?v0Ua!o&_PD%D*}eqg8%uh8j$RmpM|jS;?X2(Ei#WE3#u0!dnz`~mWE1gA zwcgmFQaXOetAY>yUhK*Ugy^1+mfAU9LP5n2#~y7kiA7kzwJ{%c1n|_d!QUHfJR0rm zyw|TZl-AvzG_k zYFj{sW-@Ho=bje8hD59^a=rE`5ES#vwgNvjxVs=Jf$!#`5JOfqPE1YlfXU);F~=4R zl6(*lFj$nPygg|T_tur0g7y*;%v_LqOBW)AQN?fX-L29SPmQCo#3V(ac?9n!`0pQzsL1TcL>E( zE^~37C|d$f+yLM?K>7W_16&e*YwwLFm20RdBU?68+L$K70Z&XGJiY}K5ZPAFo`lY zn@s3^drH(`0HaozN8O@Gl?vz~+zY)`*(r}Au?1&@(Jo%g*Yj$+zOs0vPO{36RS zU!_|58FHQZYrQ>sAd1Q)Y(b%%ge4@U%oX!8rzQ;K9D-;oZ{JERmn0(?uG@*+|Gh7y z*k?0TYb48UO>6Qv_!HW@vi#!5{E&wLyYE?e3E%5PdUY)TT;Oz^WddEOr82?Rg~|ix zx7CeQ=O;7xDAlyAw7*NR$pM=URi3`EUvVpN|LpRXN)C!e=js|yu>ol5`g8p%&KAYo zOx=v{dU7Lqwrkfu|nMjZS+NbvEIbbMIQ91V~MBj^CTtvyH=?IhzwbUSoEy-a2zoG7@bRC*4Jym8T9nnml0oU=r6jkKS>rSr-DJ(vYZKLc#Yx9P;R z2SL+N_S4~AVxCLgnZ!n4e#Q)&KmXXl-5OXONyHM(XRGd+cYbXy#u()3OROhA7J zwGxe|lE|TII&(}85-xFEJxs1#Dx&^b)*Qy7BR-vm{EHP7J5&YCCY=Z>s~ zJQF<4HP|Po{`vVXOjjDz-G6YlA5qT0u+BXPwuARAbAV?r3JcX=IkBNGHZc8%kpTj- zYm;rrCd0Gp7h;#Rv)z2KNsY>HuP#2a@uXIMP zT7ZcK!|nh6xG3Sa-LS5uzN5>_`xcv}iQ($+lCQFbI;HY}4yPz81mltFO2i1FxCDmV zNPX_e!(3WA@0*R16YH4oeZZwhCk0-LA2eU_(?Gj{PtDN?_-L9WQvmjlI zSFoha)!||()?|ABrjgNBI!J@&{%m$a2#6qt>7SydB+eocy_LTQCd=eFu~;!c)sU44 z8ozv~oVe5~dOG|KY}{*~t$0ksSH+{3a|xO~yaBji`N?@@iK}Q*jPsy(PfN1GB?QB1 zuT27aT8&5#CC%1d-{ym~pxIT&GBpB%q$KYwunNd4=Wcw%6}vXHJu({Oh65e3aCP5P zp6N_YE&G28SH9`-9#mwAy_gzMPp;iuC_OUp65>S5;i46_)@Q7EM}1z{YTAHq{bbI- zLhsf3ZvOqEIv~ras=ux{bh=Y%IG~Xg>66|Yy*B<}Nee(LKuP>pxw)1rZBeZsl(@Q- zTmGc&G_ZqFMv^WOJEE2%zCbH8<5l)gr+!M98xo7uIu}j>$Pjv-`}PSyHP>qC zcxs1%1@5o%P<)#_kBv&uOAykNR#(mB&;up+U!{LhUR=(%pN@KCqApBC6;bMp1ok45Q3eh*`{Hof z1*^ti6jzgv483($h=xLF(X3XZ|1}WkY<>MD`XsyIKeDVdOX<*hD3-q6nexgWbU20N zqR09Hh`m{eGo(<$wcMdtnV^CPhovMP8 z?QE&t2TLf`@2rE`0&XM1x2aZ(XEBIZM_P8Y>VH)@njhGAII1QI?t?`= z_$-vJW+|}GFem@<$JrM8;U6J51g};q_X_~!!gP8)q=CK^Ku`8Wc~jt6sW;d9;6E?rY6Fl_V(?okrn{z9}x#h*hhjrT+b_mF3eKt*yBvtHN>SVgwhlPjr zNa0Tmb=;WDdn@GxBO{776zG%lUq^07hSto#as>HsFD6268D*2XfWW+qU%URjq;9cM zBa|9Hn1|$~K1!DO)Y10Ri*2G^pa7j4S+q2l^!EwJd>7wNt~H z(#en@X4#nx4^0)sR;tfOY|5=KnJdG7$?SPnO&JXtUhk4%Se(?eLizLl_chw{5OjOg zNA=wwY=XV;I6wIk;alNaWcRc4jR$Nm%!kiZN^GNOBmr3_l+NKP)noa%`-F^S2- zxbAS%S`f^K7rgn>jQ~ey*!`)*ee^=X2h@pFu|{hAr5gA$wJ@#4PoK55NhO~{>>g-i zx1|nT+Bk>L;+fepU)vr!C@<}mHrBp6i$SYA3Qjw1%MylI^ksQ&KFp*J@gYv>1jJ{` zJaxE8s)Bc$${3ZkQOeNw1TPp~TW9~QKLTW(onJ6G8o8xrrxmSw1+&?v1O;77%HTmR zI=}qs%{lHqS};^_8^-9BIX(I+tVJsgU1ZzHxw{j=+ooA zgh5?$3nKZarjOIr7z9{K7^p#r&8o^jMY_}$*mY&WvoBD9I=L&@R*nd$+XOrn*Tn_s zs|;_U4g>ZzSk=Ez+#k*o{0*TavD4B>)?kt0ycjo0=MA|b52-+-XaXtTbCs@qfJGrG zd_ogj;1MHpx~8&(w%o7sEcdBT^$Jtk#@jk!d6V9U!aTjQNgiB&OgulIF-BKXA)rf9 z>*i=Z(eS=%cP$2R3|w47r5(tI0pf-{@?ii@yn1;oYJwd*Dn+oyaKK)8xb^3mmX6F; z9YI3ty2;!Tt)V5!{>ych+pE`1;1UFeu%$F$)Mt0Lal}6}(&tKJ9nW~Ml9N4P zeK#*APHiV)vqev6lq{S2d&fJ$Fc4r4d@zcl0JGAH?;p9~q&tIN^J#`K z6yE8m!^a5YrH=KD3J6S`zSU4Nq^qazD_pi+_{U0JzhX_<)HVftBmtAK$V&0^jz;gJ zm>b2h;!g6EuL3XS`=cb>#`z^!((6gXT0p2Uas@2_8fFh3eM)1DeDNsHGB2i}t_)5n#B|Q79oXW=OtM)s&HiELCF; zJAJ~Cm^e^zx|>uPgCzGvt#yBF?2k6sm)@X|4ueh`x;n#W*War0V|LLE8jL!wyg16W z0u#2ypG1|O6#E*tSu7a|+GsQ}`WMz%{C-%{s84tV^As}4^Fk@D56CP-liCt!zFP9a zZRP%lZ4v|~e@bZDjJD~!C1h+k;rfDV^~^lt{kkn7U!j55Z=y|pu;&h({z zd-B8OAeLM^onMjWm6`u`Nkz~FkFXIph-`y62Ox}N)_3bxMPmPCB4u#aded@g2b#It zO#ORhEvQgDck5z~t@UqiA-Xf;%uDMhcQZ%hJPJFQ8mJL7wegOhV_PvbC(@u_1Kq&S z!eEKczxwn?=3-mVmnPChiP55+m&QN!5?{lPoTqoCd(5>kCuslzmP@FK#$E<6Ki<+_ z^*YwUcR+heTE!4X^G|DgTQyr$!D0Cl)ra#Fg@Mj++3r5yQ6xOx)qXGEy=fuLY1lKH zS_kTp)pQu6)D8=kDX1WzU~QQI{QB1#)$KSOz;~;WCqKc5eDzR@VdqUA(A+{TD@aPc`Ev{1+-xwr3hfDfqfBWRX#3Yu zJCDagOEL~Z3GA(A%p~bZ``g|+X8B9%U@yTg^+D08M3Hg=ouy(<&b!zN52i6V9wXoz zrn?;TyF?bZ%RN;6H~d9HGmyy>H&*;O74EhrxBpr_B0_ouy6>UqMsZ%voEVlE)1H6@ zKvYDWX1%~32S9N;ePqQ-#%q?faT;rk2|YxTz|jQdDdd?6c}Uxin@qG<5EE=|1(hrk zp&+HD(bOMcBpbvR@o~SKDAX}8+NF+yU9bI~uSXG`(H&>vf9UQCBo1|VfG@vo;+R;I zjNUR4+>8Jh7=hxbscaZfigdwjSR@Fdru(z~%z;PN>c5HP&DfdQ$^5KMbJBOXqvhlo z;%OrSbvtGBn@D*mK(OXeD35juQ$xdcV>`uimj-cWy`(vk1B3Wl(-^86C%D3x@#-vn zE^+!qS(WqT4#Z^fV$UB4mKe$UpufBpojx~G=>kT-O<$%Ft<7&@Wg7sG;C{Cw+QwY- zx`+7WS+V|hc<&URC)hqUZOfUzZ*PlF-#nD68-1jN$u(u7uHivS$RinCBsG9YUZ4=l zCRr4Rsgqw@g@C)*-C=rpLocYY)hV8SnMF|*BTKP>Pem2^vEO5l4#k^c;lCj)IN-QZ z=Aai99288-x8YJnbJzt$3Xlt1cQ!w&^L+sTAFkWghqSlSo{H#n z=pys65(oPk^;G@uwj+-Z2c=9y3x-KQgtzE%46&xhd2of8E%)+T6Qh>>OIby&;GhUr zdfnoXW9eDDim|rL!JtSPL4!RGL9EKBhT*J559CUY3lpz^XmbIePdkb6aFbWHXJi97 z|9knP)leiRr)BaX!G-EKUP6Z7qQZdLQG)0_`2bSE`4tg}?=aS@@%|qAq{9@(us<2YE_GC3H;_B zLZ_wa#a18pZBEpnIyWum1y&iJCARKKnsQNl){NpdKGUjV_)gpxyHBIyEl{$x8^xSs zfWuO}33rwKtOcXk(~}UHT&|jGtoCprjp)kOXFc{sEr_*gre*r*Bzkj%jBbupgenxi zm>GWgY{NX9y^i;JggN{{3>I_xM%UA%XUo6T^EH*DcXb|}qr^j)!V7lu0$$-Dq+6TE z{Ozo|=GURjuJ{gH!n_%z;F?Cg$s6Ktu?lE2JPWLucZy+_I!;}xxq-^2wwL`zd$#c`pqKIGpyy}4l5JA$1p#zxNzrRH^`TUmw6sXAqMqQ4~;gO886yCzbEs& z9LC)W8$t7-O;&v4+Qi0&r`uw>-5N!!VSF$lK!}E-q7WWn4GmSJyz^9f8Sy@yAp1kc z;`f*w!>%AYrER2(`nJ(J0;*QaHzrI}wyEmE6OeK;_Ywb5YHZm6A)-f2DiD+MAh2kw zb~+!pU-BcBu2yKLBHq;LvZ(t9ynpO7cZ-OVyh_GFGJ}x?4ZSh=xl?mde04I$S7hs^ zk2xuQs2ubjz9=-HOLUo+u|LmMG*ne>h=K3$sVTF9<`O8STp%PKAn#S>SSr&BFOhoL z3kWT63?*X6fpfiR%SNm9gftD}dcFD9MI+UCp7>~PSM~FWk*S4!%rAzi?)E8R>F=qPn#N5(ChJ38AbA`5*+rU&&Nv z-un+5BO&mGEmnjfaRTZ5&ThTap7Jtnta{)<*d&?q3Rp;Wavw+V_~kEEQ~DhLwC}W0 z)FZ6wh@R3p2k$r(F%!D==el6=QkE z*dXFc0?aZqT~kYVT_AFTAi!4Fdkor}kZ+|ZG-(k=Wq;h9dt-qY0B=6Hsp%Ud3s@#NickovN zkPR^?Iv&+PB+<2oPrCM;_JtRC2eM9|JS>nI%2WX8Rqbw^tCu)fZk6+Cbk3;V zX+3j@F(z#Kzk2%fts{+nc{M2o1}g&?<}iiKMpq~8X4<=}?IQ4POshxlwcmXVN+yqc z5`7g{Cm;y|Ns~%%8G{Sl|MT~f=T?oGGJP`QJ8)(|BRPFqi?L#<>zJ*2eA#=Jaq!;W ztt3_O_UR*ca|(M#$|N~?ZKbiaEq4}Xpr7Hh!{T3F7yqf?@mz`*FVv{L>DWurEInO3 zaTjqlxb08ZkJ~$zzlV@?sXF^w)3huD@Kqm@Dsj%9je_KXUj(;6dEr(w!K7 zTYr6)f3PF!8-h-IS~1Rsnc83DzMghPuQ2z={Os{`I|N(fpo*B!?*kdTHcCdWkb$JjEh42{13b)MJg>!y?aWN|JHq3nH_#d^ zE2I?;Nu-pm%Kws!-|^%C2zFH3xzlIhM-3tYrUIa<#G7M`s6d_JCdt9Rk?euNV?N4R z84D093|m4=a$H;vKJ-rbpTXAT31Wl&qJ&L$1R~7PW~IzVf-J<+T zyyX8Zi};CKS0LYhoLm-pi&oKF3E>FHoMX2YMfuu4%Y=Ubg_UY>%gC?m}E* z3d2P6YksAyUq(_Zn@$6VT~Zm~s{eG7J4fi*QkulP-eXKOwdMUibqPTl(T+eVjr9dm zne6VQa;HJ$&25f?AdcjMM#k7TG~~uVXo~Og&?Pyt50x+hDt9}7F^SLAt3~ChZSs0B zHwBUBI#s0lvx5p<>agsx8b6@?s}u)idAMTML35&}R( zamz%wtR|TQTPG?M>O%j?F)^~miUgv@zrw>Fkd;5Q@j)ej`&wtD zmp3f+Ja8N?+Z$Qpof$?T>*_9V)~g7~HT9E<2JSp=f+n?8ip z-dHT7&RIq1hf14BFTtkWf>OZ@0ni4Q@!v9&N0O6C5|7<=2)xUZ*Uz2s(J&Gfo1T+^ zYC$=C+kP7F;__AvOta)CuF{b1Dw=ma(yIjr!*ljHVtjy&YRcGy!?sobUmeLX{q1_? zR?xLr>{@~Mle>Wq?Dy`8LC5r=YO;XAPe2Bzd2H3kPyq7fUGCd^tn*+FuQ;g5W`kpM zccS2Wv<0G$dn&(LFxNKlp8{S}ms1AhPFXupYduk%?q$t;@6rAAH8y&{bYYZm+?rUD zXCKb`4$AKKu$SVaKX9#b^1Mfsdb473s2vt&(9$P~L+LeXP1u`K!u;V)Ecytv$4sYL zesVKMkFa8ENhBBXOYX^Ld^~M9i1y9e^^&KG zuDbVC7O8(BX^?bD|DlM9)|W{!q6@Z|^d+E3)qmv%f!(#DaLzM+ZTb1$IfitAEu^FQ z4YEUcGAqs?YN>l)4K?gj-~mkxb!bhdC7KEqqa*3kMC~1@p4B?Xlf{5Yg)5n>ye>m1 zm&M@$Y@3m6G$|%)n1CYY>)JkF&)-vpcN?lw$AqTBTd387EW`LG%7QA0(5or3pLs7a z|9C?|A_R?rv?Zz~Z^cc+#Jofeb4gsNSn75ucy_P!nydK9c=M$U{DyIK|6ppd>b@<8Qxglb*xH$kVMqSfJ~(^Bm~F+`^v zR%KU0ZA+Ho2}00|In&aUVi4Jzml2UJDo zhg_*x^0iSv0$!hK61Wc9u|j$jC@E*{q17B=N1ID3>K+I$ag4#xpf(TkyT&OX{sNk5 zj=Y7S`)ng;8$pE`lqpa-%yJGsB7bVQa5(aMcv}_d?So(M$&PHU?7=2c(idF6|PYMtnx?3(=zxyra(H40vnZdeKpoiiXx5Q3LuhoSmyu_X+ zYWWszdBUa&vBwnXo=ew!hv2UyJaKkioAP7dizbkOctN+0c@z!B4#wVN@t7hBE&iA{ zU(7^wA(yZ1nd%E%#(XHn)J|ezkiW0BdxGUr`OXdIth-5?2BrI*D~{#S(@}=KD|PE! zFDfM4!09t)Nx9m}>K1cM>fq=q&M~$)=j0+g`RDhGa8kCt=Lf;XCzD| z3NFI6s7)n!iqs+Lamq6fvSKVoGE>>uiwo;v{fyxItY z^>b<IGCR#57*)?&p%m3utz7MIERa%Xi&F zruFZG$6Bs4w!g|JJjq9l;M+oc2{ z-{u=Xpvme-t>duP3*9d!_Bx&sm@H+=pm> zOB&tVGX$Sj|Ls}-n}_iv7S^;Xj&buV7m0q7cVKRL*RM7Pk#)Pg{^O@{^C1r8n7f_! zq*gEg^7bUl1D5m|Gg$+uy?lQ-Y538we}C7#>hWjkBM)Jl&gq~4{=ZE(>qr1kS_sEFH~2y(YWJ%;4fc z>Y7;*mB+AVW^Ta6A(WDiBVYI>Bd+`|TXbxqRsp0`GO~5uAQ5a}f}3>$WZb+anvC)K z5!wu@Zc#764jnWmh(lhgfS;(v`JS4qt{oc`7~8JOHFi^r18r!u1;=gcP@?ppf15ph z-LsN&Q{NNV#*aU5k6uWaV6CKvrOEq?e*Q7``+i+J+|-8K@NFKXU{6K8008m6dmE zAX%LBc51BGeygSK?m4A)yGMo%=zNk)8n+O8KU9#>UFF`AIBwG0M9gVv(7WylVIGFZ zMYS3+m`&p#?j7gf!~I~){n*=$Uyx+cR^q8%!3C{!iT%V;XA*QsC|81QYTCY{O=IX8 zU#qh|%prrF10Fvm1NXQg`#+HO)BPh{D81H`Y)mla~hWig3}Eem8?R+8|+ z0JTN0M<4?D|0A6JLj})45k@$2d2H@DQS8cAwpQ{1y2%n4@l2zY36GQQ*_Ik@y#Sm9Qb$#{EueXMiqdF;Wcd+$Z*< zk(Fh?06Wm?{}2SlT05NjrSdJnCI}THyPxr4H^T7y(%g;;8ZH_!gX6J2z)h8`EOW3a)XYqwD+)S8|>q*}nS%JpHhI#41(4dTt zhz&T}oxE`#CCO_2=?hd)xsn(0A9$@g44@R=eJwB`Px;P@Lf`;kWynqNIo$8MQP?ZIyxjfrKY@n6B5BSHca*}C=tt34E zM-lh4rZ(O{21AH~Dxvi%LYwZ+Fc0uPz=!4c1y0-GysYE+QuNt!zcgWNK_h3N zO0s|@S%_2JXy6A9Jn5?|Ed(#*Q3+>chu? zX>tmr+Nj}l3|l?^PU+E#;HxZ(Ktk29pn_=0&5BphfArJ#nk$(wTE*ukOzSqxnn;HO zOaU-BYQbj5PeTiLS^GZXwikZgXAt%}5x@p^)T|P0FaXlCVjA@*kT8xdGUa*gaglrm>ZVc_{=8P|U15c2JGMFimsqdb5gUXEJ7)mLPV?*WRk8OtM1BMLrq7&mC6h3! zIXc$UUI6x=S(5jChDr7A<`~xC7YI6fo^p>tdk{eb!vM28e=^nSPk~296ywf!hTy;o zR{g;ZMP;us){4yT(vdllW*&;J88YkZfkm_LW19375`=F7vwtYGqL(xBGM?)pRB-*X zo(^}Hh~=moPys(kPF>4IQ6W4er$?TlvN)p$9%Fj_H&1bqi#`MP<}lw7nrw}?hFVlq zBI0cA*9mj-4HK}pNnI%L7{u_G4%BB9_#@F=&;b*(&?s9G4+~FtZICI?j{!`ABgWR@ z!FaEKD~iY#OME;_%;<+?dg)YRTlnU6{3Nq~U4yteI4BQ}R_BSn%;8P)f|&gOD)s1k zj$|F7+-_4?M0B%OK{$MI6Z5`}yl8ME@8w80d8-2{r#PL;phR2Rk09z`!UX^NdU@-5sMy5|Dubmwh-+r`?vgudM|+x&x#p z)ZKKS5Sr|sjpo|ypW+j0CmN3i4&YcVo)pm@%$l*@!6wD28l+;;fV6fiWb^7-+T&p` z6IPBI+^Dx1hyf`6bXSbbK|zKrE=Y1qjs+rq*v)aZ7>q`fj>N+{ z2=>cUUPtUF)ZRJj`zif=l$ZA$QHz4GBhaMcf}obcd9mun z(6xfYi;Z9PS)!et| z;yOU~JBla)+&#jVX(^S;7wfoqrmI<77`B^*5a$@V3(CIN+U5lN2F_}_? zIT*PT22%2X@nXs72nf&ROiJVJmy3r$hzZ|{GDWkwkT!1(nSrJKx5-9}zWQ{H z6thUo4jh7Eg%VG7DCr=Bczcj+R^lo(qo&RsD5{t0WW>~YMM}CjTQe9X3Nw|+W$jQ7 zSaU-uWmQUj1=uQSd+DN~FB%gd)C7AYEsp^GYhmwM9CR4$C_EiK$8QVZ{kNW{-_@Qs zTCpkvKp?shUP`Q33xt}%Rj>(r_GL6_6LOH37^VD<=KS__b{q3Xc8JBnzfYG{?$>xy zMd}P{Fi@HnX|!qf<~3BQaus;V|9sHEB@Bg06(bQY_Ji7VGpoa7L0H%owmfM-HsJT-Pc?BVc81qeMcjalw!bOWb~5L)Lqgqs#t!r zLJ|Xt;%R0g3GDyiA+@-;c*ad%pk%g(M|CMVp(7m~roQ07!}6yH{!dW~wT%T60?ulA z%7t0YLw|g_(eB(>(yg0Qt|E%dcY-;TW;N;b`_Bn~!+=v2MRS=x)rdd9k1^(cB-u;f zah8f3)pPsTMh-E<^1e5f?-xQ^_AfFbnY7=uD&ITFguDO|=SOR5a8rJiuJ)dL53640FrIHTu&6`>M z9=TcDrhed}7Dl~eWX{eoVZUai)E3g< z?RMcva+|g`h}-+-;!sj9^EJ#^R<0X-Y{xybl4P}?`K|zdM;x@=HzhQ=wgl)t4LIwa zPF*>o#Hz|<8_Yi4{IP)x7Q>kQiDwm4?>>kKi+HmdE;%nrtKroNC47@fF@Ib4Tih|# z_%rcADHUPwsMb-j!71|VYPPc;3QdoH?7Vhi@~95?^mr1L2Gpe?8CKf=xVJc>L%+>+tH5kfQH%6%7em4IG+m3?&#bTK{uty?G zrba-G>O-^rNv<;m{eH_6Xi>JF(6TSDq}2JS|Hswv*F2ppeebJnhF8JF?oApcJD^+N zGZ$n2tBIPuBzGI(n@U7aJK|)rjR&0By}9#&tC}yW6eaKiI3N=+ztROcpE1{Gl8R=y zvqeQaJ0Bb3oeZ5Y^Di|+ZBKHjSOmO!+y+9%qWDeQDJ@>-?z4&=d`8=kV>KBVR83JNmHOc=Yzn%H{<=J88cZ!P`1Pixh1bA zVo%ey#4lIH2x;q0{6Han)J1MRP>vr=-e%eK<#%}UwwP$8lOd0rOb5;WGKKB~oOGbGj`F?YA$a~ene zw|Byl{!vg*RC8C;GGmfV_h1kUFyOBTAwX7ZClqL){lg^xI2gn?~2x@)Rw4c9fQ4X4EOcSO$?=KGY4 z0eW4jKmta!RtI!0_PBG(q$yV#lVWxYY#2+31`#jhqszYzEBMHGd@31`{ladv251>+ z0$6RR$G~I=wG?7S+F=DSh?Qn^C$bwZqOk~ZuvxZX0Dy;UGO@3kYh~gr$jSdzdXtsW zWa7$dJY0OPNNpH2$Oz|8I3i1%%P&B~Gk-8th3imk z!t=1{0yqJ{HwMpPz1%{t4%@2Vn2}9}Q*s!E;dD_$tx#%G$+P#wyR{3}2$l|}zm3BS zpPQ_4IuU`5!+@wKIGht3@S2zI&1U%Np&8QHl~ie1|W+A})$*nY*qtgprxW zI8L$pskX#uAqVG4fz&|v@^m(>jLX~CrK_JVr!tKH(GhZobm~O0m#4cseJYB;ale40 zzhVT`TKG0+PS%{AWzT;NGu1mK-AVVAZ4cO6^8RJX z@vL&MflO+F5foZT zsAPHga}dW&HnHj%X&pP_4pf!jNo0LrJvc{FGy9fb)k!yWEVv`cQ{h=3Mi?A^biS30 zZ=oDYf{C8ZH0_+D$Ly+@LRSWL32neyeRfdPzuw<<(>Y8JBCpU;iIW_L|9;#RQL3R9|&QUgW^x?VR|VZ4^ryK6P}bVZK&0m5j|; zCgUVa%7l6lp4YrK58k7WHJ^fq+Uy)J3w8+Zr;09^^3M~*k+FTOoU22^wJ@W`r2~Rc z^!bc9n1}24H9i@Zw*L(c2)&4vb{|@>jyBv%8J`gRpd{r{OS6IUYppP{XH^ zkDol-J}?Q!bkT{=w0rs%Sx*8_;OLN=&nltVpTl8;#kPf{%S50g1rfGo48gHI)+^Dn zFpDr>HT12r&4Mc8BAU59D1wuWKjwZ>=#IE#a$e{8b}s>PVd=f)-P$#AuP5$b+|QR> z;tk&~6U|WLYzJ<8A}*+OySFsXA{10&!;2z*ud;kRW&dudOYpJ5okw#fOM-4hpdaL< zp=G@R>OX%Qm~ud3JQUiR(m{D2^{B%9c-#JRaXPe)T`zqopMjcLe;gFIl{Jsq+&Ss9 zZcC4^#&-e-^)c{ng(Y}fLG&N8vMy9EjsbWwGzJ!jd&pa9j8Z@TZqRH4pxtUTFWGop ziJPHZv;g*~@(7HP`}@*4IIaO0;!>FQz+v!FJ)wyvVugmKDyS(Q3~u26vf7-D`LAkh zBg}`E|0+4@NPJMev^+cY`t03RN0QR$f#Uf{tE=g+=ci!eG7^Z>5+9!@{WiP+0M49y zTTIU|>J-F+QNCt?3t#Ujz4#{LZ&tH0`a4@)<(|*lTh6 zGp6I9Gc`KSM;fe_OHyQ|$nW~Su7|^vZe+N<*AljR8WfhjjOfW@5q0-hF9~tu`wGFm zAcW545~g=3&IMs^gE-0a2*E^JM$XC(MBhU66{oj2eRz&+z$_%_?%Cwku!VJGqE`Uk zyiSt@zWG4T#i)tg>;(Oi!hpplr_`;lA3xdhoC;R-V#a;bms3cT$u_R$xe3Us~Wt zvjHAfA!A_c6)R0r4y?br;cP*QAhHWg7;7R9LeL*4HpH;*$-Re_9F)%*LS+xnKB<1# zG^2KoFd;n9ZZ#&fvBkolhfDCLx{Tv?i)3HVA1A5&-88n$;OO{J)=Y==$_!;wowGT3 zdU|!EQbVVSD;I4)Y!n3u*9DbOD=%btCLYLSJDZ49UURD}6@=lQN5V+}zdH4s0I6G0 zysLV`!wuVEB`>+7k1>}sjWQyC9<+8dM+^0i_*i4}_CTo`Za)V-=DB+S0%^?@eJO@K zH1L4e?#(Xsz5z75pFTiIn>iqSbB=Kj4ks^UL~qrMt?9@!cwqW&rOFsfTHj$*Q6sDh z=u653>EwH~gOA#qNa|X4ua?Oi7=t${FxzA^V8sT44xp4n&RDciruitMT1+x-iC-QSO3DcSXku z`z-+vz?2*3sR`DJ=3xg47Z7I|W0!HiK8#wn_R(iW^MuF8N`>%B5iB6r*eYDO>aqfL zJC)j`iF!I;5rqV^+nCKuc>HdpwSpq)r(6-E{l?h%joqA1}m^LboYOr7tl zn0%NJsP~B$(#==A=fWePkO-Q8rg(S#Yzv5?uD+0^Ms>#H_4Y@hJGlUAg!ioz>ZQ6qjkP=(MU12xamm`KqxGABw@3c2r_amYj{I+ZD zMR|PhRMnrkae;+=PS&?VA<+n%?rNeFdNp=+u5mnsrtX@lcb9PF$)nZ=fO_mXjmjMl zk^K|pHt1Y)stKqWT1tVQ-2zTBmi6uBjIT0gv+I{NYfv+*y?^UR_)? zu=-6wp$TE|HngbEgghj=!SNgqq&U9DtYbTIz?g|*i<@Fcn)+>7V}|VXnZ;oRW&H9p(WBaFq%isOvRKy}@EK8WUGmcmg03hWOdD9V~N`8I+Cmm=^QUI1&)F zA`q<*Nj2_wBd4SV4m;g3deA$G_#V=Y>g|KX0o?$0Tz15)*g{Hm zQn+>>?q}M9Y~x;hh}eZ*7OSYlbta88ugJ&KM46RJWAO;%0g{e-{E4ntv`ppxdc=Ne zg%@e1iq!-b+ul)A+5f`cF&34#X7$$+Qc^J*5H_<6pMnS3Rw0KFe%x?E|mJtsFi zz}e+iviT4w`!Tmpy9*i7Thk1Q-xOXUFq`_pyljM@Y~gz7q7cRcM@%8Itr$DFimV(6VWw90R~xp*2HQjHclnn1Kq z*>nuCv&!>0ib_DeJB;+;8sg`$nsP_0Iw-%hzaKYd%!{h+w-fhv;(TyP)nfxU%-&`WzWI(_I#WMLu`SO{m8>K1;;+#+|2Sc)+xJo|2c;2EwjPQNFQ{ z4=5ScP&2z&P;JF;5Qrn9)(&kL>@=NEkv>MR#jHW}{w1=-G7fDPd8GW(eIYI0OcHM8 z*X&GWEi_iN!kRwUie;5}G9WUKEmRv;enJG>PQ8 z>bH2*_j|Gm@bud~h$ox3kka74!0b-zU~`>(6p=ur#%Z0)%Trz8JQi|f^!dP>lyzG| zo_!nXEh4e6ID1+}dwr|n<=t)<6D%=r@IybAQrPN=r=iA_QdY8?QPsCbHDxephew8cJE zhD0@EvdgWZuiE131Y)-Nbrk^HBU|l-0gbClc-X@49cTb|)oW|J)C~r2+~;%z5W9)9 zD|^hWHcXk2>fV(SGp6bRJmRxDmSoH45#R<$$p4joliT$hrFhYH6YeRh>{|M(zUEs* zr}wcu`%AgX*K|60*qh&z1IUqRL3g}x?M^dEMO#nc+*ch%lez6EeH^}q zNF0b!^kjw=x#ca?UOoJySVNv4NNlWNC!uLYvJ-Z?8KH5MQSV?x-TO0C?ZcF{?b^-&Qa$8lp%xGdfRP^3;fq7}WQmWr;}!2cY=Tw37llFDa^a zW1u}Io-$lX$IZy%WajyWdYqbgr#4iUK8DG+LfR_ zjANrj^_9t!JvPmWGSC9AKoBcgi0kurm<~}IKO~x5sotBo^UBr~a8}K|=LO`~rlm;Y z*U1ZaKg2tgwp(!JBxUxoTfN+QY>omL29@m@AnN-(BH^aoK96#13$C@2(aKJd)!HFM z{#KQN68}n-PS+wNL6-x3xIzeL3zRnpu*(=KjZd%BEWcEj@hR+D?g~$L2(}VxZc2)W z)jKelrL1GLtbg1UMTJAeUzy!6%Xou_`FB`@HyNK10~ViH5o3Z+W^s_<1#WfE8HKCs|cUL{woi%F8K<KcUHOYp?ih(!t2ZiBPQ`rL}2{$5F2#iIS_?EpEu z8lcQ?OK$x=DATlB0cBK~vjPiifxL_3MFEK_viWeL*ila!24pIp8P&*HHEQEE7FJyzd9aUOG)Ss2r;2 zveaQ34kB8Racr$0nI@nMuM3bwZIe*z<*$BiFe${qI3~kJA!n~c#Ou`$pt&_rC1P$7D-RYY{s>^SjF`kuxowB>JILQolP36FL1akc zb4|`1XZG6SwqAI-wM+p-q_bSDw=V(l7n)ka7jnkg-fAkqP+Gf2f47!i{Q%19)Ri?* zl?#_kM5_HAYWe*lcw=epMV6L$5U>h=@F&%$8)6lgZsu@Dulxaz_-uAKzVP+WNtve_ zjUbueHVm04wLgX?)R|xW7c<4ZpAJMo7%o2!9%aN;oKSIGEFWuqTj5g-i;WXlywHTy z9Jaw8pcp*Zk@NUzBo(F|8NBq{2r_h1D3v@y;_2d4?9PQU)3pY*4X;%8{c9`thr*cx z?}CSuBU%}94aUu?=huUocSc7x8in0GNN*5+5A9~iDNYu@v>d`x=iXUVtP4DpD92VE`_eI0g;xcc0P^@fF0Syj zr%#t&YOKb$oM0JjUgA>2I;AR#$&OW_&%RJd($W+R2`>pjJm#+v+7@zhgvAcc$pKnJ z6}p<)Xoga7huIJ#2N5EfRNN*B*TDs$5*b8k?}CZ$mW~Aicy<5+gT;pIYHTMU_hvV*N&}^rB<%w z%sweo_j-y8_3)AG%FNqL*n1Aus-X7#he$~=TkiC8eK+=NRF=wuY`1K&ogsO}kU`@X zZpK^ZO}k4CECI2HmueTFyt2%ulFJrTh?08tIi{srN0EgRlw$fxeAR~wLJY}`{tnuW z7Z$Xr1ws_J<$l++_WDOeW)Cf1 zk=h88nd;(km^a2<53q<3KkQofY{M3KLReT~n3McNrv&GG!=nPk%M6X=^{Aw#&!hU! zqUe0ydY5&4txH)L7hC&z1c=G7)P65C5+QLrc_L_6@pg28ga1$@ zRf_ci-=pPHKwUMY-;snArVHgLS7^lR66IUYWKFoDJtmDvehAfk0?zuw`^2oIvbvb= zbw&Ue@hgs424=%pz*QAoNz7%jrZfTtYw`9-$4_yLW~??9S){3(kge+v*^?C`nS!Aa zDj%@%WY;3@&&nm_xKQk*vOJ9E=HzTF_T^Pd$TX32wo7TFKAsBs*S#ACe#fBUviMEp7g;Pi zqQa*dJi~X)QH84E4-2y)f6da~O>J2whJ0HuDPRdhufyD>dRtN?;GyyAKV?dU@=P^R z@|T50razTBLmL*LP`FUAyo9On?zvF$%8EAS`v}7}&n06Ttd~1^CLG zhnXgH0(j0@vpmIrVsBplr0p52#{Mb^Ig^6jCb3gd7jw79R;PS^XgINNLKBYX6$QFl z3qK^06b55t3TfP^@~5bp~E=W!^j-fdZ_&fH0Ru2Rax<>l%5MA2%auBydkvL9mB_e7zZI==Az=_mHY z-A%eB_sEYHJU7LDo8rj37m6Yq?qdRT;K*$g5lGV#BUI%CUV>Bc5HaA&69H zOIIKMHgJC3E~zFvsSo1{`%wm?bBcIjWou0x~9$k1ndoj8ozd^~{MDd~-gwbdS3FtzSkB6(Q&ws$e zsZ(@1eXOgW?{vFE*O*84c?$!SrwsGghh)CRs0@S`V9fSdv@r)X-a z>`oZSQjO%k=0vW7mUjW+G-Gk2Z>(!jQ8j7K)DC@<1bEyEK#)4pA`Sa;RY%}*?JX(P zp8b*HYs>nXu!>@gCk(>x_ZaA41a}Fss2j3()sMdd-M3SiX}lANFwTR1!j!6ra!1eVqgW8k;w9`1KG(dE4vSFdo(WbdxHrZ81J3T*Gw#8^D?cyHfKJY9$G><{} zL_2fDG!AQ41qIYUA%}4cuqIk!PXEVZTixff!83p!H=@$Hc+Pm>U1(CKq-@7Tq}1$7 zQKS8ZW^u{$D)fFH=M=#Nyou_*8$3@)f_4EaFBA@j?w*wp|b+XW}@6my+e zxCPMm=jdV@JQ$)I=-PyE^I346P1keP#iE%_i)ZWd_yFRpFC5FHrmD=}A?!}VzVZ75 zdQ>|ss}7^#MiqtfFhsVzE`HQhPQzkyWXyTsokRC5+CkBnIWiyW-oM*i;dR}i=s zM;Rc&{wa9AogfbW&X}5|KzdK%k#qCkaL7&xTYw%6@cm{<^pyAJy;VTz+}QK{!stTN zLIw-3V{f*$|KA(GG?_^E+z3CK{+3SvsYJ#s5Ys?iIhrB+!l0JXdLT<|9mtDp&y``c zO&S$QK?FGShsT*b5OQ%!>Df|GF*$|S1s8JkW%`^Y?F$*X6p%jkXW|paR@{XShUIh3 zzie$SyW-i;I7XKyL14c2sx|cV2k!S3BZ2ql1WrWf=n!m~%wg4$^I1%iYAQe?{TFrE zQ8Yl1;gKJ6*K14Vh>bG@YHY<-$%P$cS};x@E}`1_RqUSdxzhiyPRT9ln~vi{l7;Iu!X*Aop4yRPPw8Dh?c=4kA8=oz=q9xbEUAGcRW-lN#UPxS)F zy{=l?xc6Z~jJ8QN(1qc89PS^NF%5%Cayvm+UX*tCaTr%X*=*cIzu!54?)ekVf=Wn~ zMpux>mj}(3uMZ6ylFks?K@Hyl$d%OY4#UU4U*qP}I{+#ABysSqMHS=Y-uxPyopQlq z*YT>LJ7-`M_{r&;V7@m_L2_P#p60Cg)w%Ea)-^DiM6OjaQOYG7j1-GJRLyK2JC#+a zw9j2RM7*eG>h&jNz@zaWOuNpCWn4XA#kE#eqy-Bb!6F$x_85N-WM$Np_xCH8i(=gX;>vH!?l@+PtVTx#tFBp8psN;PmB>~Z@Dx74OA3V>;2mr zC0jq)`@=J6DASx{z2{rs9SJliBYDDnvRa{HpVP3HQQ7c0uUKgs}@wJ40)-0;rQlKv2;+KRcR+>a!P4kNp@{HHG;kzo;8zA?fa)#i#> z|K5c%G$|P-<)yRobxMxmiKucwHnk|5`KCq%9>ZItJuVH|#{|somu(q)Dv6QTK0iB~ z?Crzj2?g$PsGl@K)TXxsj@j7^LS?FqJZ$;EZT_hTJ0A$_@2iWFev-y{yvgVMXcu)< zr2Vk$^M=G5sv@O0W~yo$pE)Z8`rx|fg!t9*iEu6t z2SpOmI;E52xN?-=$~@0$eP!}WL3+O& zs-I4qrSJc_XW%L(>zVBM$$7bUj5&+pW3#rAGExOUbeL;iy7KnSsMI-`?!YYtt9_4i zPr3k-q%EEBUG4^0xWmwic9^~@i&ERnz+E)BD}esK>3Y3oc-l_u!|AY?Bo_j%E21&? zsuq&Rg%M<2stfEdQ$emc#)=}qK6I9kzNiNd8zHgt{EV`qU?&#wtk-8xq#j8P)$x1s zS1?}q6n*&mE0fd zhL7=Q@i{Vh($B-BUl$Q=|fcHEa}eX@Q#I(ZsTv&F*y5^>u%W;0I}>&h(YzGnIxYtr?1ue zW+MtMquruM5dq!6|AG<_*!E5NUYo2!H~e(;6ilrKPn%6*pKda5wjP8fGaRy>b32^>JOQRmCMQPn2z>J+*{mWWKpAbb-Y4^#s8>^vUiZ!qXl1ZCy2Xax;w^Z$;xgO09c#roI@3%+$iDD4 zHw`Vt^TAE!6+Y@8PW5XQz=puowJa6soV7K-3B2@0}#1 z5_kUpnX{geB>Te(bwisJNGYN+`9o*o-A6M>Vgg`tKCPTZweX60fJE(^`n8;7`>ibW zM|N__b2Py~iWP`(6ie2kFr%4k1x*6*KxEeeDy)lf_#=(}F2PDvi~0D?0*NfZHRp#V zf92;lT6l0FnZvMEcBI@4GS~ej3}Ap9nK97aMgtw|Fjl^d8I35 zcA)ADO6554eFwM_2wURImp8Sy`-JsE&!(6AITIvGz9oq;;3ka{am&%OO;Ws1|0Nee zY(=og6!~B1lW@P=JYEC}>(>&jj5}$9#%p59#>vHD z*7k6`5#t;h%P%fkNKJ+TLAd_9%2W>aoH(g)8#HlyCxv+*1Z*wMX2@d$O>FF#)q_R} z2eoYYJo~`Hoc?A*^Un$o;A*>w@Or@2!TvXvi4K$P>|fz7DqN){*qyIw?bFuFx=#0u z8`*4QeZ-ZKDdQ1FMJoT&-=!Fg&CmnR_Dx7ap=!a^UMwfFV#np7S|GnTpnQgC)6Hc*GC ztx!Mz4*{|A^JL@IOYA#H2$2&SAzgBONy#1&-DIB)r-az9O7!pTu^0N&O_(x z`d>XtA1zPAmeH!)R@<0>>ga6?KD^A9!|tMx18!9)L3lzFj}kcPcXokP6eunohB2av zuq2@kt*m9W{aWOK!}IoGM)C(=iCm5t2|noVm-RXu%ZXZkz3Cvu_>j7SEF3O^I0^#H zjQl1uZgrSDUBrLPkM5cpG0q#na;+{T;}(d$Oe*VIt3p9vEV9zlu`bNhqZSclhYA@l zDR3*9FbTvZNM@{L(p$%+A?*d{SX^)3P!0Gc*H-Cl+YorDe~A)%k8rfSUMK}N3}(&y zVs1H$p~(@{p*;KH0E+0)@1#%IE(Qh32QjUzFEy|Hn0!VPMGsATIc4Gc zT0gajG{`1Z2XSdXwSog6uUln^C)owwGkui{lkEnjbkhC)+>a1joYl$L__XmPGz=|2 z>ayr)Q>?1U!&I`0=OK%PJXv%CB1WCS4Zj4BJypz?bxp|?vp9Wr-C_iA^&B#2F?W%1 z8)41_kwkDWQ^*9izJ~WemUpda%A$F!dsp1_9XoxTT5%ZfU@;qG(ez}^FUa?_ow3hw zP(l@@x1X<%Vsxr>yO$ICkt>7Iy}YR4t5CgwO6_i%T$)ZmrLLfeh;IyYJQq0Qo<82T$nY_zYrXe|DM*XL z09ab?w-Av@J5;OUZwuU62qNVTV(vv1c`)ioHqR1;MwdE^!{fG?9{F`UY?w-nd%DB0 zJGs}f4=v$Er_M{J&FKwZU${#v#R}*p;bn-#V94>{Bea-~Fs)YWG5xp+?gg&^E1N9( zSIb*A0i(I>D(P-%EtNV~sXxzhont^S_mPyDkCAO@PWLk`E5>#v-=Dt#J(2dJjPCVR(0kkEHSL{f*Gi84As+-XQr$&mmHGhi5D>SHs zf|mhc0Q93b{y-Fhy>)R=HfYWkCL{dM$BkcI& zH0>k5&6@5P>_PtFS4nQ|*S@Sq8oM)U3j?_U@$J&n;o2k#%J7r8)DI|BHUIAm(PrMo;QZG^Gb7N5359=VnOXn7Tt<1@cQMO2K5^Y$3%jK!3i2D zx{q9c3#}pLMl$+FOz5L5ID^JgXkITh12gG5bOXot-oDimv!(ptccna z>4GaiJ@d%sfWm`jFDZ7tc#=xZ`jgr_mGHX2trULS^BO#R@Y0o-1H21seHa{R} z+hXK?X&)eC@kN_YIcy>%#!+_5yC?5%x!w^!EQ#QTf6%LVvE7j-lU z2`6kcy*&}kg>fs4=}=p`)Z5DU0T$h{!@4sa#FP)WI@-zPdHklPjERh`^Kr6&f{JuqdJ#_9FQ58jkl+}?YK9=r*e5!O#G(~`zQSZ?6VOZPY;4Gap7yvPX!s$qL6!Y! z9uO!tE+nnJfy!m)uPxp~ea2>RN?{_gUQVAj%Db5RRs@JnXc#=SA|Xzy;UF>dnFtvA z$VCk)6By2OkA=_p?JBH}_aofnv`))9ilwd_@D%-g5*>Bdj7OEjltcMQ?nR%e(5s}s zg1}!a9(5{pxyNoySGx%kKA<{I7jpbK*=p=$rl8hNLRJkR^;c0cizjH9lO17~>V z`$VG9E`(lOGL4l2PQ2SL(LP5PmzL>~bg9K#WC~EZL0gM%x`qu!gTlV;vYViS0gL^LC>Mu@IV0_j~6mZ9P zHzlG>86i`&7sVR@n;&&j)!+dw%xv0<4_fA~;NI|SoeNfIhG^pN0F`Rr=~Gj>O(T4% z&Z|E%=JGWi7mysd;|P0iF0jwuyj%DhmEs@3HFNd2gSHHknQu=OCOtd{MN?3|l*nI|769l5$_Zg%!@eVrE)p?R9S#Jscr-DO># z*g_H8f0I{CQP5={ZCBpHajqYV`0>}R0{c%6v2u?~LP13dDg7mCldO5&KmgpT6f`?7 zA5@0|+&8bW?#S00;htMfS!Jvhs86F_)M4OQlzQ3FXnG-Ou=Zg=Rfk{@x;nmlXwGkK zfKdgVgZTUB2vb!kvN-ZWAXjXi@lMaI19!(tH5wuWXB@{<(P~j1v4O?C=^R}@B8UOIR>o>mZP;Mj}!@O=9XAjd@otYH{CulCMu%LaH zFFOvv*;7ZXfF`5Z73c8({#>KPGm)D?s`PMrqk>O8uV&{oqV1$AXn zV2KguBsj)z42?suM*5&$8h(!2v#(O<)il;I#9&jD^N{8KCL7`AHa7&shCvU}?N73HTr>+3%C_8T#*2@!{!OT7PMES~ z0qycgU|qPacKo=C!Yw2Uu>?l?{q&m>(KoHbioT03;J3B%%XUmIUK^gcdxPL}oaYdZ_(iXsbrv}twS{XvsjeiWPm`wvg+MFAe!n`QE>!Kz7jCoB)eA?MJduP_>M BgM9!1 literal 0 HcmV?d00001 diff --git a/CERTIFICATES.d/04-certificate.avif b/CERTIFICATES.d/04-certificate.avif new file mode 100644 index 0000000000000000000000000000000000000000..e6663146d6f4ec8f70a068751ed96f7f9b90ad75 GIT binary patch literal 22386 zcmdqGWpo_NvL@QX7Be$5gT>6UnAu`xW+uyGW@ct)28)?lve=R=i=`*;bI(3|X3ea5 zbN{`Uy`u8Vh|I|NDmt^Ws{sH2k*TwXy@9KRDd400sckGwnQbf#Ol5_bg#ZAMej5{K zgFm*9LS=4j?f5SU0N7g?IsY5~sjV#x|Lq3B-on}DFB{0mmD|GF&gf4|6aWAN{Ly>} zZWRE)GXwzrR}1^;L)q|Q{mTY&3IJdsePC@13){cq`pbgz(J=Wl;LmsiS0-i=J8QeY z!ugNo!~Dl0WNmM5@TVvC-(x;}i@95v{*gZhDho%Gf4K$#5DZ-0tv^Bm`71aCBV#9{ zzXJUe>VSp4qy0ynWnph*_fex+IN6(g)E@=(;3JZ|4}fHE;coFq0|o^J^-;kYxH5|b zkp0mBP>t-Y9c_)Q-9LQ810elBR3CTeU)@3e(-|D^PiM}LKt%ok7e`xe8+#M8zb?Yu zMixf)+)f@&&L%ca+#h``tSt;2J-7}2&62>v-sUg5A45NAfP;VrfdfFnK_Ehb0Dx+& zjj_RBnUa#C0sNWrBZLou2D|~l|6=@y=f|kO@Sh9Ff8mc50YE{({<``89~kTd|LF_) zNB)7){|o<>KG1*p3H|5;`d>H%^P}-mp#J*2ue|R7kfg<>#6Kqblgp3G`#L}b00jvN zgoJoBo5J315 zCj`h}NUPgoeSu#KOiQr=X;wreS0M#KFnMEg~u=E+Hu;t*oM| zrmmr>Wn^q(YG!U>>E!I<>gMj@85A568W#RFB0eE8DLExIEj_=Wu&B7Cw5+_op|PpC zrM0cSe_(KEcw}^Jd~SYWacOyFb!~TV|KRZG_{YiV_08?CyWjT@k57Mi{o(oV@-Jrp z6EEZsUZCLMVBo+%yg)$R{t!n7hahH#L=jR18aSYmumnJ%3CHEt^+A)eD*Z$^bex63 zAYcK;W7Vkpaqrk)UsQZxLRV-M%bn?|E>!&RZID|xsw=C@ zpIIoY<03WT76Y4qD9X71X|cV02!AaE3oHC5AGh;6;LKBrdOZ*I!SjvvRtrx5)6RrH z0v9Fc)ypdlYrbA(D66SR$d(XT$-}cth0UkdJ~#5&H2`+-FZ>w1Xl}nK%8Y7{eBBhU z{zUjgyq&v?g@fCrG%`hZ&nHu{=tU{F6@HUpFQ-hu%thC^YJxc?Kzlk|e<-Zu z?4ay-z+Czh`GIz1avrF^6qynDj<0DIbkj_p>y|#T&~wARyyE;?2C0=&ydF+sB*t?`@TMCA~m`+n^Z9xi3_;_o=&jIwD{ zL@q)%#o@ z^h`c^!65YPijYd0e)F=QJm{9UlLk}}2J^x)xLRPq2j6mv-23>PN_wO3WQ1#JG-^YN zJ&%~lSINHvpfN*wjywI_%#eEIXtW8>@HAz|+;uwyJJ>ddg#k^XgU&IQx-D!Rg_nW3$2v<5t zz`g_A3FUz3d$9xM+Cyv(+M6^o9Xe3!aj|~6xo{U>Ux!}G)f!x4zFRq>0xqeC5#=oH z&d;_VZ(H91J+g0Tw-#k=w6NNnsfqEWip_zZu~eYZgKv9pD%SFsjE5gtYN+u$p4xwV z<#gA+D3bXQq%#I7ScAn8g% zM2VCii&rTb97!eCrxdiSYoUHq7QA_wksf*AF{1C@_8dX{(>=gx*xqtc1WsYSOv7LW zdTg!BOC{qSuxdB%&+O7AC(AFpWtW1bAP-i?Svmb6X<}u59C6StAPo3L`J{GKP&8Cp zck5J_VnrZ_=9i(kq%FDezt2b+g-8cgXD&2FXf(udc!rioZm2*sf{vo7_-fv@ieCs+wN|D zfCil{osf*QE1gUB;xmnxP_ESGxvan`NgjzJCvWBmZPk3E66_6Oa(@S?|9S_2JStf4 z+161%jR>NNw?N~0lq`dB67(!(vxi4!Yp^6w3oyz#ET5@EWJ*gRmr_=f{)shKbFcsw zCtyVKRp3?FpSAEBqS21THZgU970w8-k4LEU7B-i3w-UFB^*Je4VjVml&^O&>!QTGK zjlt#{^C>1F_g8UKFd{DTSJ$2`5ax7%HAl7s5vGpAt%IUiX=6k1 z%>mRwu=g>U%jjuOl=f$1LC|Ud)~+ShuQPWukAe_2^{Hd%v9W1^D8Lsz6++ACJ?Ez8 ziRhY`|CvWG@)}NE1X5C`>#eIIBMEn1l2zK;pS9`V0j4d;S6tQzJ;xMjJ|!BKzVhpp25mPwQkYpt zHj&)O*`WzN!nu1nU3In`D5CKIK@%Wwt8C4Zi?4=rXC^qt7;xixzOuV`n6Yvic4fNhG|R^h=Ue_y-n*KvVqhiQ0m|0j|qCK$dqLtITM z=$6Y0g0>14f$&3rUENK+;pTgc=e>p|pl71e0cc37EoJn^aR~swl{i!g+%rP!c4hAx z&a)9yA!9)WnW_Z|BKR_1e-+n#hnO-t_r7dru~YooeBZRtG;aQ)+a^{Fyq+$CUk+W! z5Z8_KbYZTw+Ra%VtZ?fgpHD)zA>ks*lBMCZi*;`YP=6_R&!HUj{7$(1>{Fi{kNoi zE$k)8w&(2IJAhQp@}JYrfStbs_Qw&Qj(Wz6%YTP-4*|hmweEkH-E0Nj=0cP*(yQGp z?zqK)868E9*Y-_=tE}1yJ45(lZx6X8hp^?jLx5n} zZqB`D$s)(jn5+r5Q8MWQ9*b+w_&Ng`|IZjCtoWq8s_Pfa#>UlGLu!)O zyiDe?J{T4K+hxAGprsZImcM7!qW%Y_sT%9q=rPeYY(1Vdo$>=wFw=ZH414|9TX$6o zeDm81#LWJq5qHVC)bQJue?xoZozW?9D>|L$LfQ&n%pi}P?7elf2fSV3`vCDR-L2V) z?bwubBI`>v!7C>-Z&!?>InOSXkN@`lw&hu8C%6-+Aq$3D)<`<^qY&rle)hvKx6100Uz@=@z(?RgG0W^Znecx89T0-x z=o6F#7pB-!dqc-qt!n#Ht4*ijC`rf+*2-t4)LMglf-||XcY!ifKde&D>b*Ilc=vLq zEXutyTcx_&Ag;0=X1Y02gC1IK!xWjrL92xi|If8v^Ph>-d$>n_yG$vK5Gb3$y@jn+ zBurvD$xXlU=Dq`}tzOD4L;ryTLOymH-ZLMM9w3%l0 zL*>?&5x|b?v~S|XD?hw6TEq@Y>Fz=#DAXmQUFlJsb{~#<0yx!txv(;z+Y!A5BxlZ_ zV{)^849|3r=q6LVXjo?_8|Vun5b}xknJ0J~eglP)kVO*e0F;|h7;%r5e|bR5Cv)aA zRGb#JOvUK%O_3C@8=PN`RxvMPK_$N=CJFtXJmVCP8=O;2uR@$l+lIubDuIsQH(pGHlqMO9yAG_#NUCNMhLkU5 zbgHbgO~FxeboAurV<@1(uS{o6XS8mOEv``dEX3%D*$`?Jh${%po3d=MYN=c|oHGU* z2dB_6so3*halHe$3f}?2p+>NhY>((FnaLYYLDBp=J9j|B5EehAO(JE2%ySN!=FRUO z&ftiNW}!wWH^=FK9+NV8CqMGWW?uzW20{-m+=yrkhl^{^%O_3-`|W-+M{`!!SQo5k8^<}O=r;TX9ae4Z0Qa{bOzyc zj)m7jH`mefGp3pBC->hGGDs?|VuxZTpNHk;_%E;W&{jxoBgPZd(y8*}s-WS>HzK6; z)pLh=-ZEXzWKwk8s|r(Bd00lejKs-PckrC=_fI6@BWP*1Ra?D6LbYWpZyNPOdG%W; zqf?cfw%6IgJ@1D5jptY8JTZqML8j&XYUK3*98{IgOIs39&30{H0Vo6AT#xQoIr1ZH zKkmLB9G^3QG+8WzC$ti_igWVD3=&EMmh$Vgb&~Ww)P@dJHz1+m4jr-z2wt2cgc%XkBG0-G|^DH9|z{RdSp+!?-x z-bSie<7^zk%@pTZq*{#ShZd?+f;SNEq#7>HBN9Aqjj7Z5?A8bfjPYz>Xq*)S&z~*S zgbiI;g>8K0n%>n~P=GY%?w@oe!nk3aZ0xY_VvY3*%0$%jq5iFvp}XNBjxL`Rvpu%6 zgQsur8FZqBrU0ssf&eKYtwog!8u1~K04cDVe>eUp{we?a)dXu!c&^|*@mA#*wtlAk zu|anB-2Zv#6#Neh3pecTW6f*}ym~Ud1Gc_AAHM@?XimIz%3?_~H+R@<<{ zNqUDM{J=ZF!|y8RtqaTVit+XK9k5)Y`2Rbt+5*_eL3;Befkp3tu$AY<_W$*%s)A%* zWhfJD>>ZG7^`f^eo$;*xmiloJ+J3bJ%;q=rH2Iyxyz#vQmJ0r9s9c_5YvZtMgu~Jg zoD5_VXU=hYoO=gYz60h7Up{_KS4sS?d1d}MF84ew0G@pa`e*mu=@;S5r~~awY&Qb3 zTlXqr;LHm+=ku`j2jToBe|X;QHQ0GeIH4adIEV)rMxf;0#$Wa(JWy5c?(>{P8W@Ct z4UpcGA#oPiubfpmPw-H~t_#+&GR!w-B4^&vY&!lXAaBc2OJ33_pentDIUpdT0iHZ9 zHCVPPd1r5LeSEtVAd}EXEqtlkTiaTsX1FJ?IKklv>9Ml2E3Lf#L(N7*YU6)LTZGNL z^6KKtlhMax#_z85ZSfsYEbwsu4$$)d|ET4EH~=sD{mres>#Zz{`@losW~}Gi%CiFS zeHDNLfB|AtFbI^u__Gv&ef-(-*ie7p=;-(UmI)JN-1yUNJYT)k|2Np2nLKr)`H<6KnOAQ;@CQbPOI}=$CD(9jZb3~rE0|I}D2e+B%+PM9sK#oRf$}3@aSQf%g zI>7+q3bD2Cff#9AjjBP=vdX%Q-&rtPH`L%d?FvKm0<4LilU?_Sx97wLn`(6v%WpQS z`*-rnh-A4x=SoA`KOF8DaF_C&-gG8EM;-bx(X&Y>NXs8-h%9~WswAnTj>~v>BA~;q zMZiWpth~?(mZ@64-2MW+AA3hXPBG2mMUSa2hg|D*BTy!9%k&95+rsO?2q~-ym_t&% zf6Xf0*Y{S$P<;V)qdZ+VK^R>#WH9rQG8nEuDT9JCXY*%ibdxa#eXJ6A=~iH!q1<&y zPgDu@UYa!YsPzQ~$T$0=7>W$!52fc_D1WylWBiqNj|4qAcJEt)050rUp1nxY7QB=p z9{4GA$)agHxCWIIW>;Nqr!3E2RmD88s^%b)az~?rID&JpTm`}xiOdwr$XGx*NAX7i ziw4dhtyxY~hgzX9t#6a;QwQ#yTc3yuS}-`$S=a=CV@KaSh9FPsEXgoi-a$ZA`T@}a zlnGxB8|G44lXl=4#I!;?Wx4L~&|K0*N$dN%lGou}n2s@xXkrI;6&q}F;OAbhKAPf~ zv!Kc!mGh9-jnoz$z3>{E_h%w`=`uc zqiBUXC!ytecp-;6%sR&dd26pBTE>X*EIGm=etl90wEV|kQwE~|j&GilJARhh7~S5h zx87;2n`*F2{`s)9oG{`!kh+Z;Ajgu6KIKoEIxXKBiyvMBjsn8UbYOYTIS#PeS`1?Y zM+F(oAW#Lau=ELdWcZ&5w>nY<;KCBouMm~wW=(ZSgPM2( zr4+?JIXPoIggE>peAX}Mxe!5w^BgWE#Vr97eVvyA)(KZoixLh&VY!;%jR$C|-FmIQ zDE3FA21=(|BM-Hv^+&_0KP9S(jTOEeZgrER=ocoBUZr!O)0&cRZ|Eph7E3x4B;s9^ zhdkn3A6qr?6Pw)VGde!jj*tP~cM&(PMxz>RTwJKwf3RPX73uTboyF0S90PV{Mcsim z>RK%hKC26zEHOP^$;y$5DO7T;Rk;^7KQKeovMm;OzzXBhKLaC_3Yk{08?~yQkH0P;ODvNdv91^HPlVBLS2Qze}g8`WbbBYx(zr z*5gqr2U1Q_KY{HD%qd0Uy0sp_rjf=_lMWFO7;WiKxLk+hgxPVvF*h;T!<}-t$dkkm z#njD#32tf#!Y-CwAD2p6kq>4YHjKJa5?O0`d)nG#X{AJIZ-BQn>D{uT7@YVI=?9$K zpC4oqal(LOBsow=pY3s*>gM5!JfjkWzd#f(c4)rIA?8hX8z5RTXgyj5Z(cv5_~8A> zwU!+vt>5cM!Jp1@w5NiMy0{N)*8Tu2cCHn zy@dzEf%;NBm=kB^+Ut2o7w7Z!Pna9()^9#;PUnvXmo6MoJN4wm`iR)gpU3(QQCM{y z&0b;`a4$)GRf!u#iD!@%smx>*YFN6Z#bZmO+a;c9Q+p*G&pBu4F}wicZ5CFpmi76* zz7Gn?GEUFr0^4AbQpV#215AmOD=e)Gvm+A9J=bNBJ1M6n50uyFt?q8z!UzSpMnR>p zj0a%IqU7ES6%oD(gKM;NgkQbXJYdFnd`_V`zMAUrHZ!2rjhciV7yJe}pHRt2cpo`e z+s<5Uc*h@!HhMgbC=Ubwx#$&)Tn7*$sVg=h|Y|;kt z%o^KkCEbOf&Zy?C?(EMn5wy}CDsh{xqRB z-rJV?F7s(B*XtN}6|&Ep9vQ>FEWFHp06Tm7BGwAoef!g@CA?$Ct@R5hG8$^KCc@4a zP{#(_(3LW5+jVU1z zFU!0`1)xDb`G-r#GF=wGk@SMPz47gxo(Aad7Z(K~=CJ-iQl5*%&iFD|i9Z^B^Fs7sz3S!6yMLd>hv!dAE8I z?gPlhu!&C_uSzvrIz_^*1HXh|vbXDj|X<>=x1UET6{R zAR_N;&uKonC9Krj>^VcT!>13EC859>_NLWtpwXRj!|?(6EXSmn#8kfe_y@Pq)l3FK^XDhaz`AEuatjpOfW!Drl@6Jb|i-? zl(Z4a2!Q%I#+EMa2r&f9{Ba-iM>;H;$XJruH;FD~j8x)|FNj-m zwJf9UY4&Oy*>wR;KxbkjvB=Yr#9MOuTh>w100=q!#4hV{9%peG50E}+LSpQv?2d8d zR_h_9efqOZjfTSc&qZP~x`ns3)z57SpN2^h!EwS2sMjopb{hfnV+zv6ZuzjaZY!Ma zkQ=sCGY61$tQLw%Oj1Si zP#`UHXG6?)sNMr$T2sQJC6b;G=fAig;ybYo@I*>`JRN@j^yT?XZHp8$H6upi#$}L% zGq+GQ8A0O#o#2*+aV@Ys2NmQzw%(=XY%-78^jq2-4MEvuT2R^$7Qq6z?;KKEPL|xW zK2p5nPuJ9sx3^>T1ht#s$vXv{hIu~xG%ZtkrWPj8-s>3)%9H*XAlEzR{d$8iEEm7j zviIAup(vgf`Awu8kuL3U{64?wt~>}y!k{@SHe?Vf^~mx>=FJ+CZlZRIi}MCmfMCsO zCzOkFA;5+4-e0==&(zx1suq7=DysYy%zs~nWRcS(;3K4jQz%DKw@!A#W_btE{p>k_ zEQE(+fTAlh)KDs^-<665NB!nGz{)8Y1ItGN0n&&lFZi~*1wEks43KoBsR)LAx{q_y zD1}3dF7Zj*9quk2T{EiR|M4yaqD?a(O$d()WmKwp<#s!S5Yf_&m}Fv(j#{Y;8q%Q& za`_wm+bgA(xmIJWb50so9KFGH>K-ZV*G{CzyYPB8j z`wJMG@}gKlnbyC{F$07`n2Ke*=c*Wfu1CI{aPL>*Vy zw@k0;?~GOM9KVyf&-U_W?M$A7$*XxT4q6jiJ~ugC?`a-Nfl_rmMtBcW5O)1?niYI{ zSCuD{sF#T#WBW#H!Anr-%{iIi6p^k12gCZx_za;#>25Zbcu+Tqfm&^A#}2D>J}88t zX$^6r2n>wvTNAP^>>75iH9C7Uu>=!2Xf#9NRcUZcT2giorii7nqoj@g7r_ zB5qdBmu$dZMWe^i?@v&_uM*n)RV=!bDRrtdval`@y&CH*S_*>gFgHF%s!qOTm7NYZ zA%uj$nE3&r6*{tl%>9DixHFOL2uOPqRC86Pe0~2pxMn`*rCOUg?XwB0Q!Eyzv5PH3-n_?dEmSkxiv?WmoW;CrYs2&?X67xn> z39m;!PlPz?)68?*)1gv1WTWo;%GwgdKiNxAWKDIL+s}NGwLvuieyMvxuCCVcie9}{m ziyh>fXqf1T*DwSLlxi7P&Po`W$QE*xswKb*Qzq%9Xcbis@mp_ikR7-jMIOYi#3<{C%=L)ABt=6%v4Zuo8hScjJ!y3?S`-KEm3yP+Bwbz9X z&fU{X<9!xH5GSn?CY1ZwZQz->7dh;WmGbJ_5U?SdL%*N?n7i&qxgW>{L(k?L)rsN0 zJx%11zf^UFX_waVNg8TsStCh^AIpj^C z-D`xIgwCm|OoGg~y6rlkHA8rx9XpEFlq(s($tO$+JNeSj7T=u3p7+eqH1q1R=8bFm zhcGy>Es5zUlABvF%|L%Bs51mC$JA7EmuJ^@ROk{p9@UKp_-_JdK6f8alekBfrS2JkTT-z z*J{jUOK0JFM~nm9@-&=Lm)a6-8(EaV-1(9MRW`ml!wQ1?p@(4Ucdm%EFda{hB8zJ| zZZe~^{rp9C4o#2+dC#&J`rlac-cQqy?jm0!vUDE1=}pEc69yJ4^tFZZKe9~ z8cfTh+xL0V4lqiH!iRN!mfJTY!!dGNqriYlK^km^NMs$GlGru0lwB#a7&%!H)iFOW zb-T>9@myRHR?9A?G!o<@(cRe1zzt^()|WnmVD}`gsVzxEF@97QfiDlRu(7Z z(7ub3bCna(5jhHDyB3+A&uTC@|NFS@@VZZ*N2ia}VRI7YLcfqr@7hp2T8o2-!`MfXIiaRGuJ&gCCx;)`5_e18iU2;uXaTS^K^`L$1N1qPnr~ zcH$A=xjrH6Bd(GY&h-t!Zq#}PCf$t&iM~~lRVY}-3A5iAH`VRS`m8RyP);Qm(Lq6l=v?1m2X3T8dAVz^A4Lj@-T;p(OCCaZ z&m$mtNKz!)L9HCv>ok2nDBiFLe3g{GwqoIpeb`79 zA8pxg3w|g##*5`Nosi<7JA7jd`+8xRhZ8Zr4=n)gzC*jt%VPZ_T(c=Xlo_kAf6Cg* zgFf=Q_j7pKb!Ljk8+Z!l0(e6V!gr#Kwo?(v>)x_3GEO_;IP3H;#D?+gv&7ZBE`gU| zbE7oh&8Ogp5ydutTM;<3nd41#V;rfyoY3VWq_$)K07-QEcA4qDQ|fL0?%vX-RlMH8 zQKrdX3WdW-osXEtNesiL|%L=Nh0zx+eZ@5f0QbX?R%Sg^BdJMi0f=Q+N@l5weW)A z4&L-jLX=HA&*l;*9RD==Bm*`wldbNOA5Y>FCTje6+eLV5Z0Z}u{s%WhCD*4%R(5>Vvo{nXx0az`X9~nJi zL>130YsWmT^Tz>l8tmOsoMv*TMkVPHTXh@2^@|6Pjw7tb?JwjDJw|q_?rVH-mi-eY zwh}P>c}wfq_2@AABt;izWTVU_9E0?N&Q#6dxJb}ehrU;Wp2ewkYjK_tn=k!Z`P?J} z1a~vf(7KBpuO=#8`c|-0h%cW(^%xtxvYhW+!!)F77Y^m#UWR`+_v?y(&j*8|959TE zynA3i02h1ES!@~B{0qs$^0!2%m&Vkp86fyy<}X6F`P+aYqCu7@oUJZ|}fTaNWugEeJw1mdw1YMmuk zT)I!z&9m`T=;}>@FyNGOWb|1e+42W|MZS-~fjmfaf_TSC5---n8<3~XpSS?D)!;pI z#at-_<=-kQ&;A51A;xf__*qILK8orhr*7rT0V}^vT$avDIdYO`zHI1&q(W@{q|*f% zD9_C(-pGuqnFh)e@ik6eP8##rhk{bEXhpO5bPS3Wt z^7bRnm2giz1QMaWjQoVU(20XprNA@&HpQ^w4vze5MMjp9-hVEv)Hrq;hva6|Ej(FJ z(lO9sP0~`uRfWIs20n3oV74>Mdm7b4C1raX)%JVIkJE?G41uK}A=vV|E!s(iiLks? zjicw6Ossm9!B1mcy{JzvGx-m9GdN$OG$5@{0#i|k8>{(+_*fQ)JO6J4w>pXpf0$cG1|>U+q5a6P`@wj zqI6OciQID|Kif$&4=CWYW%F_@2Y* z6dE3IIXhjf8z4-@?Z6bcv~_4)0n^vcuf^NMjh%3HbHC*?pl?A5k;)Nt{9aDj#pTPkjHP{e90oon>@ozVPPk?6 zL{G-!%4s!);kE;i=6!1qmX13(x(I^wdopvl#NfC-wpSA$S!vt1Mec#r17UVO|B|AH zIKFbBgj_c7_063^-bx|?{YjYA*INZ08mG^8Jy(^Ll-v*!dSsHZ&r%+xd5Jn2;B17s zMrjg8G0AaGws+4X5UUwBc_##%h*_UE3p))~;JVG7j;;#RH~Qvw_hIx}JhpCpeNSa9 zIr`5oOm~;Xm{xj}ZhM*|$^@l-;#!RY4NWIex@eV+xii$(g8*H1GX%PbH(TiHkp%4K zY;5ZB2CO4erZN?v>r9Tc#4i_ESr8Eh`!!U)cjLd73kOc29%pAJ%Z?o$uM`@y53}w3 zDPuzYua@6>aSIl!q^j*e#1|;X(n8{eM$h`O9%b>%(jP7&ZY~Jl1kSbvAtee{j^rqr zUL@^#&@u_j5+74~>%fR0Ouk)JzPCrS&gvz&zB;A;_8T*hK(~=hcYar_BOUn?=%e?A zRyf(qcF-Y-0~vW}sN>1rTo$Y#b%nOlzIcI?Skmo2%cTLYI5&wGpw?4}qV1Q&B z0sWTQeYgq3u4#~0xqIz9v44au;$cdXs0n8`N;m-=dX6zLrOQMtX(Hvq)h+3l9u{kD z!A;I%nIK6eo#>VRZ>YD8nI4ww2u{333l_CfUz#Ori)1(WWkvoiTD{^`%wI$4(O-q5 zU=-cUOi1XvtU#r(!#1R%n>qC1O|GTd#?ef``R zD8;;>RJXMpV#m24G-ZS;a8AW@cI^q7xB$9VdbXtYH(v<|^Kj3w&6p}52(M*LlCYwj z*XX)b#z|ZVrRi51ChiNOo))*Qv578=HAMKs9p-1HknD^5_ekA-|0W%)R2eMq*EU)C zj{bst5YX4Tkl9<0%X?!XZOcy|o`^UEolejAP37=O@u(jz@utk}RGxL{v41ITJYh(# zS87#|(YsMgWE9n1aB%KK+*YLE-N>~w>&L+0!Xtlx3{*uz=zwI}-M55YNoCugcVaMu zKNot16tUSACW_fLsnve7^INXL!MTf2`NKso$z<}PDucar7Ydd)skW6+m)m~w=-cwB zNz*edoMva~8GLSF+9ZS}Hmxfng?;0UC z;d_P{5Z38FzY-dCn!BEB{hfI#pH5R;P>x_6*M(Ui0E!07j>}HCR1v9$JmUU3a^Fd6G~wm-9jA;yvXM)>_$6DmQ8Yl&bulNT8Kpi51o{f&o}g{rLlUbsf0G*9;@ynKkHw)o0S_N_y7v412uacdJ zawAQ-Pw?gO5M2=(!bZ=p-6;8NYA|&m`dgS9b!aMy`~khbjgiNhM7QGbeF>sKI`X}< znPCvNv1=)2@X6ctf%kG^jp`5sz6F-gJto*?T3oKc_|>vp?%p_KzEsz`MjV%H_7)3< z*K_1md~o^Nb=QRns%r2HWH-{%nv8Oecq;_wJW?%OKH)t4>Nn7HTPXoVQL(h6nuUV7 zCV~#f$lyg$O+~7rse!M0w=C1(HT};f;{9Lr0=Q#-OV%Ys!g8>5_A3%qdUq6hIc;0z zfX2uwf>31j)qY*lZP~;Od+mf&PXi8>{FuN~+=iQe2R#nY;o!|`i|%H`N^HWPRtmzL z%n5R!kIL;DHt@EeYDiZ`lSXb)AKO4dK;M#8W~|FYoR^^w@9 zr1UzwlPd-jfxOL5n({b4KR&P>T27anubjSvEzp@}oKuin*}-l_fH(q&Xm|g;b8$F~ z-o^KJ_;vvvAs=O8z4Hyk_MYj&o@U=&V@F!9Ed_BR0gnHG)HSTA9Dds*e?eUdLa3}NDL@=+P@kTTP0%EaP4rSAZ;BE zF!2`jBEBNND<5egCUNmCHdPc~ki_uCUMiC646Yz)UJV*40`|jTI1{NdZ3LhrvA;1e z&<5gn3f0wyR_AKda%f>(HGvWz+>c|?0C{%T6@Wwg5{Is6!|_t=TMIus6rEq2lFJAY zIQt3J=pUpHMkLVbW(J=x&!2MT4Q%%zyYxq;I7mdW?T>ts>v5v!xEF$wGQuq{9QRL( zC;5_#!OeTIkCMT)meU`a!aVg@coJ@y21kAq4E!Ya%?(NsD(u7mw2Oi-g(WHQbs=KuPwMl&m7R}I3Y8QSpxL^3G1G!W3J zJW%XiR_JAZO(WL1sB{%?o!hJ}f&LJtGvX<iths?0~T??8V8+du&`-KF9EF{D!97v13kUKslD~nv`@iLnrHZAxsTO5lH6kpr_Y_ z;v4D_3Ig5xH#jKPT#15$_;4t_u;@D5pT+5B=;ZqpIR+#k+@v?xp>i|VUm3hlOI2hJ@lV#dW_oHZMbypNV|@SwY_Jd{073H;@I(A2 zqJ}ZhUY@*Ndx&pQ&+Fto93(9VXP+i-tHq_ z1P9rptD<#1z9)#$;;hH81i@Y0Uy;5Vjm_M@I5S3{fq_0-h#~R#k_zb`GbLSJ4=S+~ zh_*iY)5PHF1bG*4lK9Kxwgw{@9+94`X|$1xNw-C1Ou9w$a97tXZKlkOr-2q`Zcj;`*F|}45&d$^tuj*;5D#2ZoE!lX{Y;!Lj^rQVrBgl3zb5@NO$nH9eyl%&8hIL^HhPLlZ+nqz<{ z1wx|T4tr#`O&KI~_nEtL3*t$YLJDceYtZmCx#{tsos9x#;YQ3S{dZb532PRu)95|Bu88NqsUM!)%@--;c|7#s0w$nm5M0n z==(y%irI1}RG*XD4cq-@+@R{rS!mIK{PHXW{jJcD!^=ZK8luyWz$CN(nK?K9WO31) zZ&=3ls69@e%C`|l5Wiu}dofm|aE785*zuzU%FObhJDBxIYcsr*@dRftYB{jU43DZ{ z3wC1kh}geo{7$g72c(0f;F} zhj;o4{U%Xrfn6qpGO)x$rrO`!yOK&oxYZZ#1{`*X-l$f{Cd0u69K`U0dFdYs6OL_v zZH%#g-oWYY7POdgRod)0oau>lZv%-rf$1tsrR0s{hdjLCoJ?{wO^;p@?x3a>dduQ1 z(Z3vy2x{54@P%Z}wwPC{YCl`4J|c;XWm#k>t2lG!i16Ge^l}y8i2;-QG+%{o7r2m)%2TDCZW)P7do;W89Mdw@51AfMn?EB1vYw{u525?q8_A7UYw zp3sKjcOaYV67XVsGLzcs`kJ}I)vzAG&xl#2oVWViBtG|jrf=rkW*1sa3#iGOm8wU? zQwSt}TP>z)HQU_CB zY|ORK5o^}!b%tVOjVm2BF>vtN=V@sQug|6&O|cfcS`QXe)a1gz8!&DfnZ)3ho2so! zjXIqA;52Hbi4S^T4Y-t=%KGF^1&kQ*Cjv3NyC_-!4w9X~ypaI}W4DYmfw@d~iu91o zK_=f#TWv)9vZf<rFbPNo-h5Tl02NA4w;H%Yz#c5afL{|4#sC5t!~|dbJfhSBwhhZ#4;(oXOa_;$P>Vsrx+hA)_%P9l}i|Yq12gPaK zC9Du|eWrrPF=PPm(7II@W->Fo2)V!dp3!G3RvbVhB#D!WKLL+r{q1ZkpTKY)DvVMX z5@5}Ly6q1PIR9hF14R6XRK?eEL>YPJen$Mz*y!6|C|LCh`Vid+ z{LFMLW@7P#ILbQSA2pZ^$FW$H*

~Yh_~P@|>z=u7`j{mT7_W>n)j6m8kZ+2GJP- z7p|UDow?EDuHSWa%wI?&N5mH4&`iGzk5SCaQ5kF3)h`VFrdcy7b+QF}(Jd3IoVUuB zPgGF&!rl5?22T5h{Axz+!GJi&KShb^N@xPja-+4QslkyJz?keP-CA3Vbmh2Hj* z3YDENt1;WTbcGkdfJNvU-4%0Nz499@J-SC{V?S_XM3HuXpS(R#JUaL=Po--AT@|J3 zQZ1GsgC|bhV@FZvJNtVuk(N0bd1G$IlkH)tDK)#B+S^Iza0G!IUS?qBo)Em zfB?c|y9^N1!-pX8=5AvuX2blexPf*JouiW-Hz~1I1+LtaqIh2d>j!E~*d7n_>gAtq zQQ3@qKk%6-!&Dzo`y5>>>$4YN`Iu>60@+O954s_gimvy-uhv=xccBa1p%i-_gYWYP z8)uW|xKr9+*`WQ~wC%Rg9W#t7@G3g6ghn&`?XGG@DJ`feAn=7~HYfME_1Fx=T%jRm z#g)=7+#c7-NUP*W#eD6SiW>~fj<0cUao|$DMj)SOch(R=I-(`LUwMZ`4^dMZ*{En~ zkEs{J4M&+r2KUwg)#g^vTe%e*L^Axwf5g>l(&YC6fSsaT|KC<_GLF>utyNSx7m3#4#f}!EDXdi&@AL;^6 zJxH2$rYJ9(`vbyU(0`{-zu3W;!y%Fo`EaFBqD%k;N43pteGAII21! zXSEhdbik_O*3BN6n9qr;If}%8q**Ac*1QZ#-9y%5j8>}SF0x=W2~Gu$(P=2Gx1!qs8WidF%* z)@KPe1{>LmglW&jKrpyWcbf#mQKXqZmSb$t8&1dkG#7m2ZXmUZMQ%!j;I0ddy0H-n zfkEU~E%tu#yuBzahtSZAFZvN!KrR+SR=m?u2N(tQHou~CFVkQRyT=oDrLqJnn?@#M z^CHs?u#xd!SBelTfy~i;=i1sgvrZ6Es2D&6*7&P>90I2J%G!rqAm~82*u)WC-qem} z7N4Tl#^CJXxQHJ_P@fEQN6;EO?sF7|0MLh{*RRSfm?%qLWs7Hycf6(dWauyXO zFU_m7H**m&6cEbwC%&KL)Z=AYY=;#yP>qo9z2ov_iSO-q&-5-bW&0e1GXdEDS-z(H zCNHq-q*LG~-+l3`b?|A^aASHzWiZ_aqB; zHi=q`oV*-Y%)i_}$Q3eCPN(BgXb3MyC_k!0j5YVf6wmH`(qXjnDfra^!_QXtxS;$h z{xB(+y=D^otV>uzn7OH)FYRS>=N^(=m4%?RdNhE}n$pZVpJm@u$8cORhi0Zfp+6Dz zWjUfjeAx-~Be_ZGzCe14%XIG!;yJ3Z0uyf(V`(|9@{mg?Z zWB_6tTU3)QIy60kPie#}FTD-RYLOnT4SejOR7B6WHJle$$NYqmTmM)QWyyA*f(0@( z5M==b+^LzX-vgL`XYCIsdfrJ~9_mXHgB-4(x4TXfFIyEtIQyrb5HwA~66weEMo{C< zL=>#uajU=0$YL=B!9kpW^F=^BgNMM%rA^)czaM{}>rN3lN|l7`HeSiu9mlMe=0RBv zA$WCiaZiVjmgcKLC;ohdN8t`4Bx$0x?bdM-RyfbaTy+z_&p$^Tq*4$BkYzkt2~esl zJ^k4#g(@KZz)A@mL1YO zEo}|s?@gZZcjd3TMToK1+9nRXS@?J{xlZPZinfHKBAJKhOLov3UNR%2cB}w4oNc|% z&#Lp``f=!+M<_tKDJ!C-B-4U5nIOE1m)>L^UeAT7d$Y1MI33cX+hnwkl|P1j$UM9V zxy@Ls_zfKMp5t@7%1h>D{4hxNo|5R>XY1r~T_9o7anEO%ME?Yf8;NG63UC!XGVl`k{+imEfkrHNF4}R3U1VZEFM1IhmJmm^ zP_ZTwn!1Ra*r?Xqt1N!yPh7YvWaNf3r(xLB-O6efWt$&0ZlQyT6JH#3^2VR$YTvK>*(Gc83Ef)1|$;@Pc*tsi+a2NJ6;VthUCckVds8Yw>g$1^WHlIkF~Bm-{t|hp{h2J1 z9I-0!u*|wG!>EL(%SY78*x>#JX_l|$G7V$o+ZL}Lwmd*M(mdAPP2|*d|CyBr*p`hK zX5pLl32Ps81!3d7*qMBbawi##k6`Ijc9XqkCzmh`U5@Y4vS{_t-K!Oa$|q0H9IJ++ zGn@^BLZwb5TF7$^1jW8|N?mZ(>(N7QKKM8}evc)!flSVFL`J056?M(EY{JL;B7nr* zp6_~uEyyu_Yc^9q$$B6ul~HnX&E;@z-(9GO{f#m>^BP~$sX@hA#1L10Uj%|-b@Sp? z=%9g0DW7!yZMdrFpZfPN#bwJ@j>nQ=aF1Rdkx^2e(IeOq2{lJ$1eY}!ST`SCVsctp zNYT^B$5R`W%yQx<0VC3TNCjq_hbsMh0r5ulBx_NG@PYy)u404 z!9x^y%$|e2ymysjAZl`pRg`MI?TBm@nO8h}UD%txlF#jzK^p((^7)To;y(R16JF54 z5DFe5P(2~ShsbV#pIvH7qM|P1R5pZqT2lrZR$}tuDf~8DAe@5w+Arx4x~3bgIkR+e z_rAhen=Km!zpG~1@|}_0k@AyfLUsi=LH6*Xe#rx!NStW06{KN&c#CV=j-VHXR+;I> zpXQJ0FO>P|Z`M2fCn@>6IoB1a5Md0-N163P2>$1rdQKUQhrRhIX0=nBskZmg~Fd(Muw*tSKBbfz%>tb*Q;_(&9M0%x$(*ucN4 z6AEWC!s^e}_iq=d{hbdPpCM&Af*T%(C>V~(UWiY282&Pay0H&}jprP_A|p()A}Iw= zM)gQV{Lwz^uFE6+iwN6fYmgd>K%Cg(R)OMy!sA;!Qj@Is>{Tpw93^v);Cps;S&Rtw z>^Vo%L&^qgJ=M?#CLoQyL86qzBb)$Fa&e1MvZ%?(7Y1|IT|=;4K)CgPBtpkmlPp(d zlPM5{KHMMV6_duQ#(2L;*@0iLejEfDa7TLC|H}{7Ft8FilHijyUG4MCQexgyhziW1_--^BHW!{jSpe>f>8+8QSfWU6s8lWSC3ACQT!^N*h?R&wo_ z=haz7{&786ZiGBUavA*19OHOv!BOZ7j;rcc|AsW0MxC4Tv1`>2>BN*Hwbann##llB zx6W2~3iiqD&LA55jK+YwVQj7BoBV^oCY(Qi)^M z;G%tUMW*X9o-kg)4KS|l<@|*(6Cv0`c9j_xnhc>o{L!e_+aX2@k(f1CNhIIH_*o6? z>u?T^V*PAGoAs)2`w{8-tFe;T9*$h!y8ayYn2OhMI zUY@p)t|>`aH1{loJzqj?g~F1ZA{4rDeH;Qa`rM4R36688KMiHk3#6pZ^c?EJ4{Tj{ zXSVFVpIBB_f<_!-xlBp%M{N3~pEJ5|dS;wZ)P5?8}bZPo- z?h=rhMv`s*p-;X0++eTy!P^e;%wXT1EoW++I|CIDXukb2Z^V5Fz9$Tm-@>N&)kbYL zqOSt>O4AfF7cLfsHWRg3MDGfhBIqHtN*MuYTsgfc&Vt*l^0u*F+~dM1~&3*#REm V(D}T0{ai`;EVN36d*R2n;;^5yT!{bx literal 0 HcmV?d00001 diff --git a/CERTIFICATES.md b/CERTIFICATES.md new file mode 100644 index 0000000..dfd8639 --- /dev/null +++ b/CERTIFICATES.md @@ -0,0 +1,74 @@ +Certificate name from browser +============================= + +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + +[⬅️ Go back to main README](README.md) + +All well known desktop, mobile and server operating systems come with a +certificate store that is populated with a set of well known and trusted +certificates, acting as *trust anchors*. + +However RouterOS does not, still sometimes a specific certificate is +required to properly verify a chain of trust. One example is downloading +the scripts from this repository with `fetch` command, thus the very +first step of [installation](README.md#the-long-way-in-detail) is importing +the certificate. + +The scripts can install additional certificates when required. This happens +from this repository if available, or from [mkcert.org](https://mkcert.org) +as a fallback. + +Get the certificate's CommonName +-------------------------------- + +But how to determine what certificate may be required? Often easiest way +is to use a desktop browser to get that information. This demonstration uses +[Mozilla Firefox](https://www.mozilla.org/firefox/). + +Let's assume we want to make sure the certificate for +[git.eworm.de](https://git.eworm.de/) is available. Open that page in the +browser, then click the *lock* icon in addressbar, followed by "*Connection +secure*". + +![screenshot: dialog A](CERTIFICATES.d/01-dialog-A.avif) + +The dialog will change, click "*More information*". + +![screenshot: dialog B](CERTIFICATES.d/02-dialog-B.avif) + +A new window opens, click the button "*View Certificate*". (That window +can be closed now.) + +![screenshot: window](CERTIFICATES.d/03-window.avif) + +A new tab opens, showing information on the server certificate and its +chain of trust. The leftmost certificate is what we are interested in. + +![screenshot: certificate](CERTIFICATES.d/04-certificate.avif) + +Now we know that "`ISRG Root X2`" is required, some scripts need just +that information. + +Import a certificate by CommonName +---------------------------------- + +Running the function `$CertificateAvailable` with that name as parameter +makes sure the certificate is available in the device's store: + + $CertificateAvailable "ISRG Root X2"; + +If the certificate is actually available already nothing happens, and there +is no output. Otherwise the certificate is downloaded and imported. + +If importing a certificate with that exact name fails a warning is given +and nothing is actually imported. + +--- +[⬅️ Go back to main README](README.md) +[⬆️ Go back to top](#top) From af942d90d3eae961cc5616118800ec1727e14004 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 31 Oct 2024 14:31:20 +0100 Subject: [PATCH 614/908] doc/mod/notification-matrix: link to 'certificate name from browser' --- CERTIFICATES.md | 5 +++++ doc/mod/notification-matrix.md | 3 +++ 2 files changed, 8 insertions(+) diff --git a/CERTIFICATES.md b/CERTIFICATES.md index dfd8639..92a124b 100644 --- a/CERTIFICATES.md +++ b/CERTIFICATES.md @@ -69,6 +69,11 @@ is no output. Otherwise the certificate is downloaded and imported. If importing a certificate with that exact name fails a warning is given and nothing is actually imported. +See also +-------- + +* [Send notifications via Matrix](doc/mod/notification-matrix.md) + --- [⬅️ Go back to main README](README.md) [⬆️ Go back to top](#top) diff --git a/doc/mod/notification-matrix.md b/doc/mod/notification-matrix.md index dd46404..fbc9b91 100644 --- a/doc/mod/notification-matrix.md +++ b/doc/mod/notification-matrix.md @@ -52,6 +52,8 @@ Trust Services*. Run this to import the required certificate: $CertificateAvailable "GTS Root R4"; Replace the CA certificate name with what ever is needed for your server. +You may want to find the +[certificate name from browser](../../CERTIFICATES.md). ### From other device @@ -127,6 +129,7 @@ function available: See also -------- +* [Certificate name from browser](../../CERTIFICATES.md) * [Send notifications via e-mail](notification-email.md) * [Send notifications via Ntfy](notification-ntfy.md) * [Send notifications via Telegram](notification-telegram.md) From c5740c2328c4d468766686717fd14b9860e0494c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 31 Oct 2024 14:43:39 +0100 Subject: [PATCH 615/908] doc/mod/notification-ntfy: link to 'certificate name from browser' --- CERTIFICATES.md | 1 + doc/mod/notification-ntfy.md | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/CERTIFICATES.md b/CERTIFICATES.md index 92a124b..819c32c 100644 --- a/CERTIFICATES.md +++ b/CERTIFICATES.md @@ -73,6 +73,7 @@ See also -------- * [Send notifications via Matrix](doc/mod/notification-matrix.md) +* [Send notifications via Ntfy](doc/mod/notification-ntfy.md) --- [⬅️ Go back to main README](README.md) diff --git a/doc/mod/notification-ntfy.md b/doc/mod/notification-ntfy.md index 2a43e3c..5393d44 100644 --- a/doc/mod/notification-ntfy.md +++ b/doc/mod/notification-ntfy.md @@ -52,6 +52,10 @@ basic authentication. Configure `NtfyServerUser` and `NtfyServerPass` for this. Even authentication via access token is possible, adding it as password with a blank username. +For a custom service installing an additional certificate may be required. +You may want to install that certificate manually, after finding the +[certificate name from browser](../../CERTIFICATES.md). + Usage and invocation -------------------- @@ -82,6 +86,7 @@ function available: See also -------- +* [Certificate name from browser](../../CERTIFICATES.md) * [Send notifications via e-mail](notification-email.md) * [Send notifications via Matrix](notification-matrix.md) * [Send notifications via Telegram](notification-telegram.md) From d213369e73da042014ca68af17831c5bc3eb4310 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 31 Oct 2024 14:34:17 +0100 Subject: [PATCH 616/908] doc/fw-addr-lists: link to 'certificate name from browser' --- CERTIFICATES.md | 1 + doc/fw-addr-lists.md | 10 +++++++--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/CERTIFICATES.md b/CERTIFICATES.md index 819c32c..2543299 100644 --- a/CERTIFICATES.md +++ b/CERTIFICATES.md @@ -72,6 +72,7 @@ and nothing is actually imported. See also -------- +* [Download, import and update firewall address-lists](doc/fw-addr-lists.md) * [Send notifications via Matrix](doc/mod/notification-matrix.md) * [Send notifications via Ntfy](doc/mod/notification-ntfy.md) diff --git a/doc/fw-addr-lists.md b/doc/fw-addr-lists.md index 2008c7e..3d9e771 100644 --- a/doc/fw-addr-lists.md +++ b/doc/fw-addr-lists.md @@ -62,9 +62,8 @@ The configuration goes to `global-config-overlay`, these are the parameters: > your local `global-config-overlay` and modify it to your specific needs. Naming a certificate for a list makes the script verify the server -certificate, so you should add that if possible. Some certificates are -available in my repository and downloaded automatically. Import it manually -(menu `/certificate/`) if missing. +certificate, so you should add that if possible. You may want to find the +[certificate name from browser](../CERTIFICATES.md). Create firewall rules to process the packets that are related to addresses from address-lists. @@ -127,6 +126,11 @@ Drop packets in firewall's raw section: > ⚠️ **Warning**: Just again... The order of firewall rules is important. Make > sure they actually take effect as expected! +See also +-------- + +* [Certificate name from browser](../CERTIFICATES.md) + --- [⬅️ Go back to main README](../README.md) [⬆️ Go back to top](#top) From 31dfdf7e6243527d77af6b4ae93e753cd45c8cbb Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 31 Oct 2024 15:17:31 +0100 Subject: [PATCH 617/908] doc/netwatch-dns: link to 'certificate name from browser' --- CERTIFICATES.md | 1 + doc/netwatch-dns.md | 5 +++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/CERTIFICATES.md b/CERTIFICATES.md index 2543299..589d480 100644 --- a/CERTIFICATES.md +++ b/CERTIFICATES.md @@ -73,6 +73,7 @@ See also -------- * [Download, import and update firewall address-lists](doc/fw-addr-lists.md) +* [Manage DNS and DoH servers from netwatch](doc/netwatch-dns.md) * [Send notifications via Matrix](doc/mod/notification-matrix.md) * [Send notifications via Ntfy](doc/mod/notification-ntfy.md) diff --git a/doc/netwatch-dns.md b/doc/netwatch-dns.md index 54dd6c6..cdfbd97 100644 --- a/doc/netwatch-dns.md +++ b/doc/netwatch-dns.md @@ -59,8 +59,8 @@ resolves to the same address. Be aware that you have to keep the ip address in sync with real world manually! -Importing a certificate automatically is possible, at least if available in -the repository (see `certs` sub directory). +Importing a certificate automatically is possible. You may want to find the +[certificate name from browser](../CERTIFICATES.md). /tool/netwatch/add comment="doh, doh-cert=DigiCert Global Root G2" host=1.1.1.1; /tool/netwatch/add comment="doh, doh-cert=DigiCert Global Root G3" host=9.9.9.9; @@ -87,6 +87,7 @@ Also this allows to update host address, see option `resolve`. See also -------- +* [Certificate name from browser](../CERTIFICATES.md) * [Notify on host up and down](netwatch-notify.md) --- From 084c246ef0cab329fe981732089277fa8398800b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 5 Nov 2024 17:49:28 +0100 Subject: [PATCH 618/908] fw-addr-lists: simplify looping lines With `:deserialize` the **record** separator is always a new line. The property `delimiter=` is a **field** reparator, so you can parse a lines into an array. We do not want (or need) that, so use new line as field separator. This will result in an array with just one element, and we use that. Also convert the data to line feed explicitly, just to be sure. --- fw-addr-lists.rsc | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 4675e3a..a9513d8 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -65,7 +65,7 @@ :for I from=1 to=5 do={ :if ($Data = false) do={ - :set Data [ $FetchHuge $ScriptName ($List->"url") $CheckCertificate ]; + :set Data [ :tolf [ $FetchHuge $ScriptName ($List->"url") $CheckCertificate ] ]; :if ($Data = false) do={ :if ($I < 5) do={ $LogPrint debug $ScriptName ("Failed downloading for list '" . $FwListName . \ @@ -86,8 +86,8 @@ "B for list '" . $FwListName . "' from: " . $List->"url"); } - :while ([ :len $Data ] != 0) do={ - :local Line [ :pick $Data 0 [ :find $Data "\n" ] ]; + :foreach Line in=[ :deserialize $Data delimiter="\n" from=dsv options=dsv.plain ] do={ + :set Line ($Line->0); :local Address; :if ([ :pick $Line 0 1 ] = "{") do={ :set Address [ :tostr ([ :deserialize from=json $Line ]->"cidr") ]; @@ -109,7 +109,6 @@ :error true; } } on-error={ } - :set Data [ :pick $Data ([ :len $Line ] + 1) [ :len $Data ] ]; } } From 9c945b1a3283bb352707c69630c579cf82484dcb Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 6 Nov 2024 10:03:19 +0100 Subject: [PATCH 619/908] mod/ssh-keys-import: $SSHKeysImportFile: simplify looping lines --- mod/ssh-keys-import.rsc | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/mod/ssh-keys-import.rsc b/mod/ssh-keys-import.rsc index 8cafa95..00f443a 100644 --- a/mod/ssh-keys-import.rsc +++ b/mod/ssh-keys-import.rsc @@ -88,12 +88,11 @@ $LogPrint warning $0 ("File '" . $FileName . "' does not exist."); :return false; } - :local Keys ([ /file/get $FileName contents ] . "\n"); + :local Keys [ :tolf [ /file/get $FileName contents ] ]; - :do { + :foreach Line in=[ :deserialize $Keys delimiter="\n" from=dsv options=dsv.plain ] do={ + :set Line ($Line->0); :local Continue false; - :local Line [ :pick $Keys 0 [ :find $Keys "\n" ] ]; - :set Keys [ :pick $Keys ([ :find $Keys "\n" ] + 1) [ :len $Keys ] ]; :local KeyVal [ :toarray [ $CharacterReplace $Line " " "," ] ]; :if ($KeyVal->0 = "ssh-ed25519" || $KeyVal->0 = "ssh-rsa") do={ :do { @@ -110,5 +109,5 @@ :if ($Continue = false && [ :len ($KeyVal->0) ] > 0) do={ $LogPrint warning $0 ("SSH key of type '" . $KeyVal->0 . "' is not supported."); } - } while=([ :len $Keys ] > 0); + } } From 0837391c38987462c3a1787143d631b92e0a0551 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Nov 2024 08:30:07 +0100 Subject: [PATCH 620/908] mod/ssh-keys-import: $SSHKeysImportFile: let `:deserialize` split the fields --- mod/ssh-keys-import.rsc | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/mod/ssh-keys-import.rsc b/mod/ssh-keys-import.rsc index 00f443a..f67c0fc 100644 --- a/mod/ssh-keys-import.rsc +++ b/mod/ssh-keys-import.rsc @@ -72,7 +72,6 @@ :local FileName [ :tostr $1 ]; :local User [ :tostr $2 ]; - :global CharacterReplace; :global EitherOr; :global LogPrint; :global ParseKeyValueStore; @@ -90,20 +89,18 @@ } :local Keys [ :tolf [ /file/get $FileName contents ] ]; - :foreach Line in=[ :deserialize $Keys delimiter="\n" from=dsv options=dsv.plain ] do={ - :set Line ($Line->0); + :foreach KeyVal in=[ :deserialize $Keys delimiter=" " from=dsv options=dsv.plain ] do={ :local Continue false; - :local KeyVal [ :toarray [ $CharacterReplace $Line " " "," ] ]; :if ($KeyVal->0 = "ssh-ed25519" || $KeyVal->0 = "ssh-rsa") do={ :do { - $SSHKeysImport $Line $User; + $SSHKeysImport ($KeyVal->0 . " " . $KeyVal->1 . " " . $KeyVal->2) $User; } on-error={ $LogPrint warning $0 ("Failed importing key for user '" . $User . "'."); } :set Continue true; } :if ($Continue = false && $KeyVal->0 = "#") do={ - :set User [ $EitherOr ([ $ParseKeyValueStore [ :pick $Line 2 [ :len $Line ] ] ]->"user") $User ]; + :set User [ $EitherOr ([ $ParseKeyValueStore ($KeyVal->1) ]->"user") $User ]; :set Continue true; } :if ($Continue = false && [ :len ($KeyVal->0) ] > 0) do={ From 1f526b356121749991fee69cee5a6c728855c8f2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 8 Nov 2024 08:50:12 +0100 Subject: [PATCH 621/908] mod/ssh-keys-import: $SSHKeysImport: split with `:deserialize` --- mod/ssh-keys-import.rsc | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/mod/ssh-keys-import.rsc b/mod/ssh-keys-import.rsc index f67c0fc..d6b3b3f 100644 --- a/mod/ssh-keys-import.rsc +++ b/mod/ssh-keys-import.rsc @@ -16,7 +16,6 @@ :local Key [ :tostr $1 ]; :local User [ :tostr $2 ]; - :global CharacterReplace; :global GetRandom20CharAlNum; :global LogPrint; :global MkDir; @@ -32,7 +31,7 @@ :return false; } - :local KeyVal [ :toarray [ $CharacterReplace $Key " " "," ] ]; + :local KeyVal ([ :deserialize $Key delimiter=" " from=dsv options=dsv.plain ]->0); :if (!($KeyVal->0 = "ssh-ed25519" || $KeyVal->0 = "ssh-rsa")) do={ $LogPrint warning $0 ("SSH key of type '" . $KeyVal->0 . "' is not supported."); :return false; From 6c8fa8e639318b72c2102dfff884aa039d09a0f0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 12 Nov 2024 17:40:05 +0100 Subject: [PATCH 622/908] check-routeros-update: replace hard-coded version --- check-routeros-update.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index 84849ea..c7a5702 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -67,7 +67,7 @@ :local NumLatestFeature ($NumLatest & $BitMask); :local Link ("https://mikrotik.com/download/changelogs/" . $Update->"channel" . "-release-tree"); - :if ($NumLatest < 117505792) do={ + :if ($NumLatest < [ $VersionToNum "7.0" ]) do={ $LogPrint info $ScriptName ("The version '" . ($Update->"latest-version") . "' is not a valid version."); :error false; } From d97f63fa5a9e4649338e2a70e83516fbd6a61abc Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 12 Nov 2024 17:41:54 +0100 Subject: [PATCH 623/908] check-routeros-update: add specific message for empty version string --- check-routeros-update.rsc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index c7a5702..7ff9ccb 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -60,6 +60,11 @@ :error true; } + :if ([ :len ($Update->"latest-version") ] = 0) do={ + $LogPrint info $ScriptName ("Received an empty version string from server."); + :error false; + } + :local NumInstalled [ $VersionToNum ($Update->"installed-version") ]; :local NumLatest [ $VersionToNum ($Update->"latest-version") ]; :local BitMask [ $VersionToNum "255.255zero0" ]; From 04172f0438411dd803705f372c7e85bd879d4d6b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 12 Nov 2024 17:42:54 +0100 Subject: [PATCH 624/908] check-routeros-update: make invalid version string a warning --- check-routeros-update.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index 7ff9ccb..d489351 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -73,7 +73,7 @@ :local Link ("https://mikrotik.com/download/changelogs/" . $Update->"channel" . "-release-tree"); :if ($NumLatest < [ $VersionToNum "7.0" ]) do={ - $LogPrint info $ScriptName ("The version '" . ($Update->"latest-version") . "' is not a valid version."); + $LogPrint warning $ScriptName ("The version '" . ($Update->"latest-version") . "' is not a valid version."); :error false; } From a545d0d39e21b4fdf0b68153f7b4b175e2ea2bdf Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 12 Nov 2024 17:46:02 +0100 Subject: [PATCH 625/908] check-routeros-update: always exit early if up to date... ... and just make the output and log dependent on terminal. --- check-routeros-update.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index d489351..0624808 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -55,8 +55,10 @@ /system/package/update/check-for-updates without-paging as-value; :local Update [ /system/package/update/get ]; - :if ([ $ScriptFromTerminal $ScriptName ] = true && ($Update->"installed-version") = ($Update->"latest-version")) do={ - $LogPrint info $ScriptName ("System is already up to date."); + :if (($Update->"installed-version") = ($Update->"latest-version")) do={ + :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ + $LogPrint info $ScriptName ("System is already up to date."); + } :error true; } From f1533b8962bc67d17e9f6b5666ae51ee4d1e1ff4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 12 Nov 2024 17:53:30 +0100 Subject: [PATCH 626/908] hotspot-to-wpa-cleanup: use the timeout in message... ... not the actual value. --- hotspot-to-wpa-cleanup.capsman.rsc | 2 +- hotspot-to-wpa-cleanup.template.rsc | 2 +- hotspot-to-wpa-cleanup.wifi.rsc | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/hotspot-to-wpa-cleanup.capsman.rsc b/hotspot-to-wpa-cleanup.capsman.rsc index 45ea72b..e305170 100644 --- a/hotspot-to-wpa-cleanup.capsman.rsc +++ b/hotspot-to-wpa-cleanup.capsman.rsc @@ -65,7 +65,7 @@ server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; $LogPrint info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ - " was not seen for " . ($LeaseVal->"last-seen") . ", removing."); + " was not seen for " . $Timeout . ", removing."); /caps-man/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ mac-address=($LeaseVal->"mac-address") ]; /ip/dhcp-server/lease/remove $Lease; diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc index 081f3d0..70bee42 100644 --- a/hotspot-to-wpa-cleanup.template.rsc +++ b/hotspot-to-wpa-cleanup.template.rsc @@ -71,7 +71,7 @@ server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; $LogPrint info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ - " was not seen for " . ($LeaseVal->"last-seen") . ", removing."); + " was not seen for " . $Timeout . ", removing."); /caps-man/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ /interface/wifi/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ mac-address=($LeaseVal->"mac-address") ]; diff --git a/hotspot-to-wpa-cleanup.wifi.rsc b/hotspot-to-wpa-cleanup.wifi.rsc index 23f773f..c814705 100644 --- a/hotspot-to-wpa-cleanup.wifi.rsc +++ b/hotspot-to-wpa-cleanup.wifi.rsc @@ -65,7 +65,7 @@ server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; $LogPrint info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ - " was not seen for " . ($LeaseVal->"last-seen") . ", removing."); + " was not seen for " . $Timeout . ", removing."); /interface/wifi/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ mac-address=($LeaseVal->"mac-address") ]; /ip/dhcp-server/lease/remove $Lease; From ae655646ba21cdf4638e6001a49c9d3cf849bc08 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 12 Nov 2024 18:02:26 +0100 Subject: [PATCH 627/908] hotspot-to-wpa-cleanup: clean up daily only --- hotspot-to-wpa-cleanup.capsman.rsc | 3 ++- hotspot-to-wpa-cleanup.template.rsc | 3 ++- hotspot-to-wpa-cleanup.wifi.rsc | 3 ++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/hotspot-to-wpa-cleanup.capsman.rsc b/hotspot-to-wpa-cleanup.capsman.rsc index e305170..674a480 100644 --- a/hotspot-to-wpa-cleanup.capsman.rsc +++ b/hotspot-to-wpa-cleanup.capsman.rsc @@ -62,7 +62,8 @@ :foreach Server,Timeout in=$DHCPServers do={ :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \ - server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={ + server=$Server last-seen>($Timeout + [ /system/clock/get time ]) \ + comment~"^hotspot-to-wpa:" ] do={ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; $LogPrint info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ " was not seen for " . $Timeout . ", removing."); diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc index 70bee42..88c307b 100644 --- a/hotspot-to-wpa-cleanup.template.rsc +++ b/hotspot-to-wpa-cleanup.template.rsc @@ -68,7 +68,8 @@ :foreach Server,Timeout in=$DHCPServers do={ :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \ - server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={ + server=$Server last-seen>($Timeout + [ /system/clock/get time ]) \ + comment~"^hotspot-to-wpa:" ] do={ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; $LogPrint info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ " was not seen for " . $Timeout . ", removing."); diff --git a/hotspot-to-wpa-cleanup.wifi.rsc b/hotspot-to-wpa-cleanup.wifi.rsc index c814705..b73f1a9 100644 --- a/hotspot-to-wpa-cleanup.wifi.rsc +++ b/hotspot-to-wpa-cleanup.wifi.rsc @@ -62,7 +62,8 @@ :foreach Server,Timeout in=$DHCPServers do={ :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \ - server=$Server last-seen>$Timeout comment~"^hotspot-to-wpa:" ] do={ + server=$Server last-seen>($Timeout + [ /system/clock/get time ]) \ + comment~"^hotspot-to-wpa:" ] do={ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; $LogPrint info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ " was not seen for " . $Timeout . ", removing."); From e5c3aeb5cd314119dd7b062e43d65fdff7371051 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 13 Nov 2024 08:57:05 +0100 Subject: [PATCH 628/908] hotspot-to-wpa-cleanup: prepare real timeout value in variable... ... to make sure it is not re-calculated for every single lease. --- hotspot-to-wpa-cleanup.capsman.rsc | 4 ++-- hotspot-to-wpa-cleanup.template.rsc | 4 ++-- hotspot-to-wpa-cleanup.wifi.rsc | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/hotspot-to-wpa-cleanup.capsman.rsc b/hotspot-to-wpa-cleanup.capsman.rsc index 674a480..d429904 100644 --- a/hotspot-to-wpa-cleanup.capsman.rsc +++ b/hotspot-to-wpa-cleanup.capsman.rsc @@ -61,9 +61,9 @@ } :foreach Server,Timeout in=$DHCPServers do={ + :local TimeoutExtra ($Timeout + [ /system/clock/get time ]); :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \ - server=$Server last-seen>($Timeout + [ /system/clock/get time ]) \ - comment~"^hotspot-to-wpa:" ] do={ + server=$Server last-seen>$TimeoutExtra comment~"^hotspot-to-wpa:" ] do={ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; $LogPrint info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ " was not seen for " . $Timeout . ", removing."); diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc index 88c307b..726bc74 100644 --- a/hotspot-to-wpa-cleanup.template.rsc +++ b/hotspot-to-wpa-cleanup.template.rsc @@ -67,9 +67,9 @@ } :foreach Server,Timeout in=$DHCPServers do={ + :local TimeoutExtra ($Timeout + [ /system/clock/get time ]); :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \ - server=$Server last-seen>($Timeout + [ /system/clock/get time ]) \ - comment~"^hotspot-to-wpa:" ] do={ + server=$Server last-seen>$TimeoutExtra comment~"^hotspot-to-wpa:" ] do={ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; $LogPrint info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ " was not seen for " . $Timeout . ", removing."); diff --git a/hotspot-to-wpa-cleanup.wifi.rsc b/hotspot-to-wpa-cleanup.wifi.rsc index b73f1a9..32ae565 100644 --- a/hotspot-to-wpa-cleanup.wifi.rsc +++ b/hotspot-to-wpa-cleanup.wifi.rsc @@ -61,9 +61,9 @@ } :foreach Server,Timeout in=$DHCPServers do={ + :local TimeoutExtra ($Timeout + [ /system/clock/get time ]); :foreach Lease in=[ /ip/dhcp-server/lease/find where !dynamic status="waiting" \ - server=$Server last-seen>($Timeout + [ /system/clock/get time ]) \ - comment~"^hotspot-to-wpa:" ] do={ + server=$Server last-seen>$TimeoutExtra comment~"^hotspot-to-wpa:" ] do={ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; $LogPrint info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ " was not seen for " . $Timeout . ", removing."); From a224fbc42457550fcb7f6daa81c2cb14b7075799 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 13 Nov 2024 08:59:30 +0100 Subject: [PATCH 629/908] hotspot-to-wpa-cleanup: revert display of timeout value... MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ... as the timeout is a time value, and showing "4w00:00:00" (with lots of zeros) is not any better. 😜 This reverts commit f1533b8962bc67d17e9f6b5666ae51ee4d1e1ff4. --- hotspot-to-wpa-cleanup.capsman.rsc | 2 +- hotspot-to-wpa-cleanup.template.rsc | 2 +- hotspot-to-wpa-cleanup.wifi.rsc | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/hotspot-to-wpa-cleanup.capsman.rsc b/hotspot-to-wpa-cleanup.capsman.rsc index d429904..e935850 100644 --- a/hotspot-to-wpa-cleanup.capsman.rsc +++ b/hotspot-to-wpa-cleanup.capsman.rsc @@ -66,7 +66,7 @@ server=$Server last-seen>$TimeoutExtra comment~"^hotspot-to-wpa:" ] do={ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; $LogPrint info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ - " was not seen for " . $Timeout . ", removing."); + " was not seen for " . ($LeaseVal->"last-seen") . ", removing."); /caps-man/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ mac-address=($LeaseVal->"mac-address") ]; /ip/dhcp-server/lease/remove $Lease; diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc index 726bc74..fa99b5d 100644 --- a/hotspot-to-wpa-cleanup.template.rsc +++ b/hotspot-to-wpa-cleanup.template.rsc @@ -72,7 +72,7 @@ server=$Server last-seen>$TimeoutExtra comment~"^hotspot-to-wpa:" ] do={ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; $LogPrint info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ - " was not seen for " . $Timeout . ", removing."); + " was not seen for " . ($LeaseVal->"last-seen") . ", removing."); /caps-man/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ /interface/wifi/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ mac-address=($LeaseVal->"mac-address") ]; diff --git a/hotspot-to-wpa-cleanup.wifi.rsc b/hotspot-to-wpa-cleanup.wifi.rsc index 32ae565..d3f859e 100644 --- a/hotspot-to-wpa-cleanup.wifi.rsc +++ b/hotspot-to-wpa-cleanup.wifi.rsc @@ -66,7 +66,7 @@ server=$Server last-seen>$TimeoutExtra comment~"^hotspot-to-wpa:" ] do={ :local LeaseVal [ /ip/dhcp-server/lease/get $Lease ]; $LogPrint info $ScriptName ("Client with mac address " . ($LeaseVal->"mac-address") . \ - " was not seen for " . $Timeout . ", removing."); + " was not seen for " . ($LeaseVal->"last-seen") . ", removing."); /interface/wifi/access-list/remove [ find where comment~"^hotspot-to-wpa:" \ mac-address=($LeaseVal->"mac-address") ]; /ip/dhcp-server/lease/remove $Lease; From 5b09469cc6c707b473b74687951b2d1e6468928a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 14 Nov 2024 21:03:07 +0100 Subject: [PATCH 630/908] packages-update: drop check for device-mode downgrade... ... as things have been revised and this specific setting was removed. --- packages-update.rsc | 6 ------ 1 file changed, 6 deletions(-) diff --git a/packages-update.rsc b/packages-update.rsc index c2f0ba6..b08a48d 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -99,12 +99,6 @@ :local DoDowngrade false; :if ($NumInstalled > $NumLatest) do={ - :if (([ /system/device-mode/get ]->"downgrade") = false) do={ - $LogPrint error $ScriptName \ - ("The device mode has locked downgrades! You will need physical access!"); - :error false; - } - :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ :put "Latest version is older than installed one. Want to downgrade? [y/N]"; :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ From 1beda3aa7c08cbe0e06aff164fabfa86e8b6353d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 15 Nov 2024 23:01:22 +0100 Subject: [PATCH 631/908] mode-button: fix the caller parameter to $LogPrint This is inside a function, so use just $0 here. --- mode-button.rsc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/mode-button.rsc b/mode-button.rsc index 7908a7f..84eb8ea 100644 --- a/mode-button.rsc +++ b/mode-button.rsc @@ -52,7 +52,7 @@ :if ([ :len $Code ] > 0) do={ :if ([ $ValidateSyntax $Code ] = true) do={ - $LogPrint info $ScriptName ("Acting on " . $Count . " mode-button presses: " . $Code); + $LogPrint info $0 ("Acting on " . $Count . " mode-button presses: " . $Code); :for I from=1 to=$Count do={ $LEDInvert; @@ -66,10 +66,10 @@ [ :parse $Code ]; } else={ - $LogPrint warning $ScriptName ("The code for " . $Count . " mode-button presses failed syntax validation!"); + $LogPrint warning $0 ("The code for " . $Count . " mode-button presses failed syntax validation!"); } } else={ - $LogPrint info $ScriptName ("No action defined for " . $Count . " mode-button presses."); + $LogPrint info $0 ("No action defined for " . $Count . " mode-button presses."); } } /system/scheduler/add name="_ModeButtonScheduler" \ From 53b6f7720ec33146581ceb878447d35d462c8697 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 15 Nov 2024 23:02:43 +0100 Subject: [PATCH 632/908] mode-button: catch runtime errors in executed code --- mode-button.rsc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/mode-button.rsc b/mode-button.rsc index 84eb8ea..ac1fb4f 100644 --- a/mode-button.rsc +++ b/mode-button.rsc @@ -64,7 +64,11 @@ :delay 200ms; } - [ :parse $Code ]; + :do { + [ :parse $Code ]; + } on-error={ + $LogPrint warning $0 ("The code for " . $Count . " mode-button presses failed with runtime error!"); + } } else={ $LogPrint warning $0 ("The code for " . $Count . " mode-button presses failed syntax validation!"); } From 08ad4e519410c91d61e172f4ea97046dffc2db31 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 15 Nov 2024 23:07:26 +0100 Subject: [PATCH 633/908] mode-button: do not act on disabled LED --- mode-button.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/mode-button.rsc b/mode-button.rsc index ac1fb4f..3bd922b 100644 --- a/mode-button.rsc +++ b/mode-button.rsc @@ -36,7 +36,8 @@ :global IfThenElse; - :local LED [ /system/leds/find where leds=$ModeButtonLED type~"^(on|off)\$" interface=[] ]; + :local LED [ /system/leds/find where leds=$ModeButtonLED \ + !disabled type~"^(on|off)\$" interface=[] ]; :if ([ :len $LED ] = 0) do={ :return false; } From 4d8dce97691ad090091574a790449a7bd564023c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 22 Nov 2024 14:06:22 +0100 Subject: [PATCH 634/908] fw-addr-lists: spamhaus.org returned to 'GTS Root R4' --- certs/Makefile | 2 +- global-config.rsc | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/certs/Makefile b/certs/Makefile index 9ce8dd4..870cb54 100644 --- a/certs/Makefile +++ b/certs/Makefile @@ -22,7 +22,7 @@ DOMAINS = \ sslbl.abuse.ch/GlobalSign \ upgrade.mikrotik.com/ISRG-Root-X1 \ www.dshield.org/ISRG-Root-X1 \ - www.spamhaus.org/ISRG-Root-X1 + www.spamhaus.org/GTS-Root-R4 .PHONY: $(DOMAINS) diff --git a/global-config.rsc b/global-config.rsc index c4e04b5..2ed67f3 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -106,9 +106,9 @@ { url="https://lists.blocklist.de/lists/strongips.txt"; cert="Certum Trusted Network CA" }; # { url="https://www.spamhaus.org/drop/drop_v4.json"; -# cert="ISRG Root X1" }; +# cert="GTS Root R4" }; # { url="https://www.spamhaus.org/drop/drop_v6.json"; -# cert="ISRG Root X1" }; +# cert="GTS Root R4" }; }; # "mikrotik"={ # { url="https://git.eworm.de/cgit/routeros-scripts/plain/fw-addr-lists.d/mikrotik"; From 794525b706827682c3525eeeb0797567c757b7de Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 27 Nov 2024 09:54:19 +0100 Subject: [PATCH 635/908] fw-addr-lists: require RouterOS 7.16 Actually the requirement bumped with the change in commit: * 084c246ef0cab329fe981732089277fa8398800b fw-addr-lists: simplify looping lines --- doc/fw-addr-lists.md | 2 +- fw-addr-lists.rsc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/fw-addr-lists.md b/doc/fw-addr-lists.md index 3d9e771..f581fd2 100644 --- a/doc/fw-addr-lists.md +++ b/doc/fw-addr-lists.md @@ -4,7 +4,7 @@ Download, import and update firewall address-lists [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.16-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index a9513d8..34b2fcc 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2023-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.16 # # download, import and update firewall address-lists # https://git.eworm.de/cgit/routeros-scripts/about/doc/fw-addr-lists.md From e851cd5ad0ccb38667ec88a52fdc123cc5a16aee Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 27 Nov 2024 09:57:11 +0100 Subject: [PATCH 636/908] mod/ssh-keys-import: require RouterOS 7.16 Actually the requirement bumped with the change in commits: * 9c945b1a3283bb352707c69630c579cf82484dcb mod/ssh-keys-import: $SSHKeysImportFile: simplify looping lines * 1f526b356121749991fee69cee5a6c728855c8f2 mod/ssh-keys-import: $SSHKeysImport: split with `:deserialize` --- doc/mod/ssh-keys-import.md | 2 +- mod/ssh-keys-import.rsc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/mod/ssh-keys-import.md b/doc/mod/ssh-keys-import.md index dcfd95b..344f4bc 100644 --- a/doc/mod/ssh-keys-import.md +++ b/doc/mod/ssh-keys-import.md @@ -4,7 +4,7 @@ Import ssh keys for public key authentication [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.16-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/mod/ssh-keys-import.rsc b/mod/ssh-keys-import.rsc index d6b3b3f..c7b2788 100644 --- a/mod/ssh-keys-import.rsc +++ b/mod/ssh-keys-import.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.16 # # import ssh keys for public key authentication # https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/ssh-keys-import.md From 6548f83ef4f60efadc3574876680801ee09ef638 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 8 Aug 2024 21:30:46 +0200 Subject: [PATCH 637/908] dhcp-to-dns: explicitly expect type=A... ... which is provided since 7.16beta7 (but require next stable release 7.16 as that is available meanwhile). I had this on my wishlist for a long time, and opened an issue in March 2023 about it (SUP-111312). Back then I changed the code to support both, see commit 779b3b8872b23b784c331d7a454c86439046f5d3. --- dhcp-to-dns.rsc | 8 ++++---- doc/dhcp-to-dns.md | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/dhcp-to-dns.rsc b/dhcp-to-dns.rsc index 0ab5e2a..9bf506f 100644 --- a/dhcp-to-dns.rsc +++ b/dhcp-to-dns.rsc @@ -4,7 +4,7 @@ # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=20 -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.16 # # check DHCP leases and add/remove/update DNS entries # https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-to-dns.md @@ -40,7 +40,7 @@ } :local PlaceBefore ([ /ip/dns/static/find where (name=$CommentString or (comment=$CommentString and name=-)) type=NXDOMAIN disabled ]->0); - :foreach DnsRecord in=[ /ip/dns/static/find where comment~("^" . $CommentPrefix . "\\b") (!type or type=A) ] do={ + :foreach DnsRecord in=[ /ip/dns/static/find where comment~("^" . $CommentPrefix . "\\b") type=A ] do={ :local DnsRecordVal [ /ip/dns/static/get $DnsRecord ]; :local DnsRecordInfo [ $ParseKeyValueStore ($DnsRecordVal->"comment") ]; :local MacInServer ($DnsRecordInfo->"macaddress" . " in " . $DnsRecordInfo->"server"); @@ -83,7 +83,7 @@ :local FullCN ($HostName . "." . $NetDomain); :local MacInServer ($LeaseVal->"active-mac-address" . " in " . $LeaseVal->"server"); - :local DnsRecord [ /ip/dns/static/find where comment=$Comment (!type or type=A) ]; + :local DnsRecord [ /ip/dns/static/find where comment=$Comment type=A ]; :if ([ :len $DnsRecord ] > 0) do={ :local DnsRecordVal [ /ip/dns/static/get $DnsRecord ]; @@ -116,7 +116,7 @@ } } - :if ([ :len [ /ip/dns/static/find where name=$FullA (!type or type=A) ] ] > 1) do={ + :if ([ :len [ /ip/dns/static/find where name=$FullA type=A ] ] > 1) do={ $LogPrintOnce warning $ScriptName ("The name '" . $FullA . "' appeared in more than one A record!"); } } else={ diff --git a/doc/dhcp-to-dns.md b/doc/dhcp-to-dns.md index 572011f..4211d85 100644 --- a/doc/dhcp-to-dns.md +++ b/doc/dhcp-to-dns.md @@ -4,7 +4,7 @@ Create DNS records for DHCP leases [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.16-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) From 09e8b1d21953ad8ba5185b3cb02bbd4b35269963 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 28 Aug 2024 08:53:20 +0200 Subject: [PATCH 638/908] netwatch-dns: explicitly expect type=A... ... which is provided since 7.16beta7 (but require next stable release 7.16 as that is available meanwhile). --- doc/netwatch-dns.md | 2 +- netwatch-dns.rsc | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/netwatch-dns.md b/doc/netwatch-dns.md index cdfbd97..6d2c865 100644 --- a/doc/netwatch-dns.md +++ b/doc/netwatch-dns.md @@ -4,7 +4,7 @@ Manage DNS and DoH servers from netwatch [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.16-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/netwatch-dns.rsc b/netwatch-dns.rsc index 09d471d..6fbfc89 100644 --- a/netwatch-dns.rsc +++ b/netwatch-dns.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2022-2024 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.16 # # monitor and manage dns/doh with netwatch # https://git.eworm.de/cgit/routeros-scripts/about/doc/netwatch-dns.md @@ -80,7 +80,7 @@ :local HostVal [ /tool/netwatch/get $Host ]; :local HostInfo [ $ParseKeyValueStore ($HostVal->"comment") ]; :local HostName [ /ip/dns/static/find where name address=($HostVal->"host") \ - (!type or type="A" or type="AAAA") !disabled !dynamic ]; + (type="A" or type="AAAA") !disabled !dynamic ]; :if ([ :len $HostName ] > 0) do={ :set HostName [ /ip/dns/static/get ($HostName->0) name ]; } From 0d69f8952c25f3bfecd9e33c1520e74eebe42314 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:06:56 +0100 Subject: [PATCH 639/908] global-functions: introduce $ExitError... ... as a simple macro to print error message on unintentional error. --- global-functions.rsc | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 6fec6dd..26ccc2a 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -32,6 +32,7 @@ :global DownloadPackage; :global EitherOr; :global EscapeForRegEx; +:global ExitError; :global FetchHuge; :global FetchUserAgentStr; :global FormatLine; @@ -425,6 +426,18 @@ :return $Return; } +# simple macro to print error message on unintentional error +:set ExitError do={ + :local ExitOK [ :tostr $1 ]; + :local ScriptName [ :tostr $2 ]; + + :global LogPrint; + + :if ($ExitOK = "false") do={ + $LogPrint error $ScriptName ("Script exited with error."); + } +} + # fetch huge data to file, read in chunks :set FetchHuge do={ :local ScriptName [ :tostr $1 ]; From ed6739b8bcb93f8e1025401e22db4244c70ac8c6 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Sun, 8 Dec 2024 22:02:52 +0100 Subject: [PATCH 640/908] global-functions: $ExitError: give script name in message --- global-functions.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 26ccc2a..8941994 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -434,7 +434,7 @@ :global LogPrint; :if ($ExitOK = "false") do={ - $LogPrint error $ScriptName ("Script exited with error."); + $LogPrint error $ScriptName ("Script '" . $ScriptName . "' exited with error."); } } From 36b81fab9474aa0ddc6acdb88f51ef211a1c5563 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:19:54 +0100 Subject: [PATCH 641/908] backup-cloud: use $ExitError to indicate unintentional error --- backup-cloud.rsc | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/backup-cloud.rsc b/backup-cloud.rsc index f70752e..4cc7a58 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -12,6 +12,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -34,6 +35,7 @@ :if ([ $ScriptLock $ScriptName ] = false) do={ :set PackagesUpdateBackupFailure true; + :set ExitOK true; :error false; } $WaitFullyConnected; @@ -44,6 +46,7 @@ :if ([ $MkDir ("tmpfs/backup-cloud") ] = false) do={ $LogPrint error $ScriptName ("Failed creating directory!"); + :set ExitOK true; :error false; } @@ -87,4 +90,6 @@ :set PackagesUpdateBackupFailure true; } /file/remove "tmpfs/backup-cloud"; -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 52b5490babc9005fbbb8e0cb1e2ae323a2bd2f70 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:22:11 +0100 Subject: [PATCH 642/908] backup-email: use $ExitError to indicate unintentional error --- backup-email.rsc | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/backup-email.rsc b/backup-email.rsc index e507c6e..e1d44ea 100644 --- a/backup-email.rsc +++ b/backup-email.rsc @@ -12,6 +12,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -39,17 +40,20 @@ :if ([ :typeof $SendEMail2 ] = "nothing") do={ $LogPrint error $ScriptName ("The module for sending notifications via e-mail is not installed."); + :set ExitOK true; :error false; } :if ($BackupSendBinary != true && \ $BackupSendExport != true) do={ $LogPrint error $ScriptName ("Configured to send neither backup nor config export."); + :set ExitOK true; :error false; } :if ([ $ScriptLock $ScriptName ] = false) do={ :set PackagesUpdateBackupFailure true; + :set ExitOK true; :error false; } $WaitFullyConnected; @@ -69,6 +73,7 @@ :if ([ $MkDir $DirName ] = false) do={ $LogPrint error $ScriptName ("Failed creating directory!"); + :set ExitOK true; :error false; } @@ -116,9 +121,12 @@ :if ($I >= 120) do={ $LogPrint warning $ScriptName ("Files are still available, sending e-mail failed."); :set PackagesUpdateBackupFailure true; + :set ExitOK true; :error false; } :delay 1s; :set I ($I + 1); } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 2c4053cff55a7d0a90f364f7aded280422dc1d65 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:26:34 +0100 Subject: [PATCH 643/908] accesslist-duplicates: use $ExitError to indicate unintentional error --- accesslist-duplicates.capsman.rsc | 5 ++++- accesslist-duplicates.local.rsc | 5 ++++- accesslist-duplicates.template.rsc | 5 ++++- accesslist-duplicates.wifi.rsc | 5 ++++- 4 files changed, 16 insertions(+), 4 deletions(-) diff --git a/accesslist-duplicates.capsman.rsc b/accesslist-duplicates.capsman.rsc index d6e2928..ce0ce11 100644 --- a/accesslist-duplicates.capsman.rsc +++ b/accesslist-duplicates.capsman.rsc @@ -13,6 +13,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -31,4 +32,6 @@ } :set ($Seen->$Mac) 1; } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} diff --git a/accesslist-duplicates.local.rsc b/accesslist-duplicates.local.rsc index e90842d..aa78fe8 100644 --- a/accesslist-duplicates.local.rsc +++ b/accesslist-duplicates.local.rsc @@ -13,6 +13,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -31,4 +32,6 @@ } :set ($Seen->$Mac) 1; } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} diff --git a/accesslist-duplicates.template.rsc b/accesslist-duplicates.template.rsc index d275340..d0c282d 100644 --- a/accesslist-duplicates.template.rsc +++ b/accesslist-duplicates.template.rsc @@ -14,6 +14,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -40,4 +41,6 @@ } :set ($Seen->$Mac) 1; } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} diff --git a/accesslist-duplicates.wifi.rsc b/accesslist-duplicates.wifi.rsc index f4dae4b..b1444e3 100644 --- a/accesslist-duplicates.wifi.rsc +++ b/accesslist-duplicates.wifi.rsc @@ -13,6 +13,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -31,4 +32,6 @@ } :set ($Seen->$Mac) 1; } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 95030b9b74db03cf67c4702c82bb1d1224c9690e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:28:30 +0100 Subject: [PATCH 644/908] backup-partition: use $ExitError to indicate unintentional error --- backup-partition.rsc | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/backup-partition.rsc b/backup-partition.rsc index 51df454..f1e1c17 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -12,6 +12,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -42,12 +43,14 @@ :if ([ $ScriptLock $ScriptName ] = false) do={ :set PackagesUpdateBackupFailure true; + :set ExitOK true; :error false; } :if ([ :len [ /partitions/find ] ] < 2) do={ $LogPrint error $ScriptName ("Device does not have a fallback partition."); :set PackagesUpdateBackupFailure true; + :set ExitOK true; :error false; } @@ -56,6 +59,7 @@ :if ([ :len $ActiveRunning ] < 1) do={ $LogPrint error $ScriptName ("Device is not running from active partition."); :set PackagesUpdateBackupFailure true; + :set ExitOK true; :error false; } @@ -65,6 +69,7 @@ :if ([ :len $FallbackTo ] < 1) do={ $LogPrint error $ScriptName ("There is no inactive partition named '" . $FallbackToName . "'."); :set PackagesUpdateBackupFailure true; + :set ExitOK true; :error false; } @@ -74,6 +79,7 @@ :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ :if ([ $CopyTo $ScriptName $FallbackTo $FallbackToName ] = false) do={ :set PackagesUpdateBackupFailure true; + :set ExitOK true; :error false; } } @@ -86,6 +92,7 @@ ($NumInstalled & $BitMask) != ($NumLatest & $BitMask)) do={ :if ([ $CopyTo $ScriptName $FallbackTo $FallbackToName ] = false) do={ :set PackagesUpdateBackupFailure true; + :set ExitOK true; :error false; } } @@ -103,6 +110,9 @@ /system/scheduler/remove [ find where name="running-from-backup-partition" ]; $LogPrint error $ScriptName ("Failed saving configuration to partition '" . $FallbackToName . "'!"); :set PackagesUpdateBackupFailure true; + :set ExitOK true; :error false; } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 268743ef6be5c400ec9fcb044e4961c5d8d9b531 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:29:02 +0100 Subject: [PATCH 645/908] backup-upload: use $ExitError to indicate unintentional error --- backup-upload.rsc | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/backup-upload.rsc b/backup-upload.rsc index 8d96eba..12698e9 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -12,6 +12,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -43,11 +44,13 @@ :if ($BackupSendBinary != true && \ $BackupSendExport != true) do={ $LogPrint error $ScriptName ("Configured to send neither backup nor config export."); + :set ExitOK true; :error false; } :if ([ $ScriptLock $ScriptName ] = false) do={ :set PackagesUpdateBackupFailure true; + :set ExitOK true; :error false; } $WaitFullyConnected; @@ -67,6 +70,7 @@ :if ([ $MkDir $DirName ] = false) do={ $LogPrint error $ScriptName ("Failed creating directory!"); + :set ExitOK true; :error false; } @@ -158,4 +162,6 @@ :set PackagesUpdateBackupFailure true; } /file/remove $DirName; -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From c909bef613884bf67d239a1e6c0bed4e3d7a112e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:51 +0100 Subject: [PATCH 646/908] capsman-download-packages: use $ExitError to indicate unintentional error --- capsman-download-packages.capsman.rsc | 8 +++++++- capsman-download-packages.template.rsc | 8 +++++++- capsman-download-packages.wifi.rsc | 8 +++++++- 3 files changed, 21 insertions(+), 3 deletions(-) diff --git a/capsman-download-packages.capsman.rsc b/capsman-download-packages.capsman.rsc index f2ff024..1802884 100644 --- a/capsman-download-packages.capsman.rsc +++ b/capsman-download-packages.capsman.rsc @@ -14,6 +14,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -25,6 +26,7 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } $WaitFullyConnected; @@ -35,6 +37,7 @@ :if ([ :len $PackagePath ] = 0) do={ $LogPrint warning $ScriptName ("The CAPsMAN package path is not defined, can not download packages."); + :set ExitOK true; :error false; } @@ -42,6 +45,7 @@ :if ([ $MkDir $PackagePath ] = false) do={ $LogPrint warning $ScriptName ("Creating directory at CAPsMAN package path (" . \ $PackagePath . ") failed!"); + :set ExitOK true; :error false; } $LogPrint info $ScriptName ("Created directory at CAPsMAN package path (" . $PackagePath . \ @@ -82,4 +86,6 @@ /caps-man/remote-cap/upgrade [ find where version!=$InstalledVersion ]; } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index ad9b926..72edaa9 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -15,6 +15,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -26,6 +27,7 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } $WaitFullyConnected; @@ -37,6 +39,7 @@ :if ([ :len $PackagePath ] = 0) do={ $LogPrint warning $ScriptName ("The CAPsMAN package path is not defined, can not download packages."); + :set ExitOK true; :error false; } @@ -44,6 +47,7 @@ :if ([ $MkDir $PackagePath ] = false) do={ $LogPrint warning $ScriptName ("Creating directory at CAPsMAN package path (" . \ $PackagePath . ") failed!"); + :set ExitOK true; :error false; } $LogPrint info $ScriptName ("Created directory at CAPsMAN package path (" . $PackagePath . \ @@ -93,4 +97,6 @@ /interface/wifi/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ]; } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} diff --git a/capsman-download-packages.wifi.rsc b/capsman-download-packages.wifi.rsc index 056136f..74a5d9d 100644 --- a/capsman-download-packages.wifi.rsc +++ b/capsman-download-packages.wifi.rsc @@ -14,6 +14,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -25,6 +26,7 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } $WaitFullyConnected; @@ -35,6 +37,7 @@ :if ([ :len $PackagePath ] = 0) do={ $LogPrint warning $ScriptName ("The CAPsMAN package path is not defined, can not download packages."); + :set ExitOK true; :error false; } @@ -42,6 +45,7 @@ :if ([ $MkDir $PackagePath ] = false) do={ $LogPrint warning $ScriptName ("Creating directory at CAPsMAN package path (" . \ $PackagePath . ") failed!"); + :set ExitOK true; :error false; } $LogPrint info $ScriptName ("Created directory at CAPsMAN package path (" . $PackagePath . \ @@ -84,4 +88,6 @@ /interface/wifi/capsman/remote-cap/upgrade [ find where version!=$InstalledVersion ]; } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 172d43288e2117f2a687df6168d2d461e780a8c3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:51 +0100 Subject: [PATCH 647/908] capsman-rolling-upgrade: use $ExitError to indicate unintentional error --- capsman-rolling-upgrade.capsman.rsc | 6 +++++- capsman-rolling-upgrade.template.rsc | 6 +++++- capsman-rolling-upgrade.wifi.rsc | 6 +++++- 3 files changed, 15 insertions(+), 3 deletions(-) diff --git a/capsman-rolling-upgrade.capsman.rsc b/capsman-rolling-upgrade.capsman.rsc index f287ea3..d0f9fb8 100644 --- a/capsman-rolling-upgrade.capsman.rsc +++ b/capsman-rolling-upgrade.capsman.rsc @@ -15,6 +15,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -22,6 +23,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } @@ -43,4 +45,6 @@ :delay ($Delay . "s"); } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} diff --git a/capsman-rolling-upgrade.template.rsc b/capsman-rolling-upgrade.template.rsc index 3d98747..1bd5f2a 100644 --- a/capsman-rolling-upgrade.template.rsc +++ b/capsman-rolling-upgrade.template.rsc @@ -16,6 +16,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -23,6 +24,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } @@ -51,4 +53,6 @@ :delay ($Delay . "s"); } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} diff --git a/capsman-rolling-upgrade.wifi.rsc b/capsman-rolling-upgrade.wifi.rsc index 369dccc..c9e6622 100644 --- a/capsman-rolling-upgrade.wifi.rsc +++ b/capsman-rolling-upgrade.wifi.rsc @@ -15,6 +15,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -22,6 +23,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } @@ -44,4 +46,6 @@ :delay ($Delay . "s"); } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From dc7642c1fd3c3029e3993d9ff73b7743ec8e0ea8 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:51 +0100 Subject: [PATCH 648/908] certificate-renew-issued: use $ExitError to indicate unintentional error --- certificate-renew-issued.rsc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/certificate-renew-issued.rsc b/certificate-renew-issued.rsc index f2c1dfe..ce61f7d 100644 --- a/certificate-renew-issued.rsc +++ b/certificate-renew-issued.rsc @@ -11,6 +11,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -21,6 +22,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } @@ -45,4 +47,6 @@ $LogPrint info $ScriptName ("Issued a new certificate for '" . $CertVal->"common-name" . "'."); } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 00487f93d48e5e7547281808225d108eeeae586f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:51 +0100 Subject: [PATCH 649/908] check-certificates: use $ExitError to indicate unintentional error --- check-certificates.rsc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index 7aaac84..52cfc5e 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -11,6 +11,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -133,6 +134,7 @@ } :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } $WaitFullyConnected; @@ -218,4 +220,6 @@ ", it is invalid after " . ($CertVal->"invalid-after") . "."); } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 451df78dd8371288413fd45064141b6063e36187 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:51 +0100 Subject: [PATCH 650/908] check-health: use $ExitError to indicate unintentional error --- check-health.rsc | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/check-health.rsc b/check-health.rsc index 540336d..495b450 100644 --- a/check-health.rsc +++ b/check-health.rsc @@ -11,6 +11,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -40,6 +41,7 @@ } :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } @@ -78,6 +80,7 @@ :if ([ :len [ /system/health/find ] ] = 0) do={ $LogPrint debug $ScriptName ("Your device does not provide any health values."); + :set ExitOK true; :error true; } @@ -175,4 +178,6 @@ } :set ($CheckHealthLast->$Name) $Value; } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 91c8d306558c056792ff8132caa77fdf0bda059a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:51 +0100 Subject: [PATCH 651/908] check-lte-firmware-upgrade: use $ExitError to indicate unintentional error --- check-lte-firmware-upgrade.rsc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/check-lte-firmware-upgrade.rsc b/check-lte-firmware-upgrade.rsc index 2e52c2a..898d6f1 100644 --- a/check-lte-firmware-upgrade.rsc +++ b/check-lte-firmware-upgrade.rsc @@ -11,6 +11,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -19,6 +20,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } @@ -100,4 +102,6 @@ :foreach Interface in=[ /interface/lte/find ] do={ $CheckInterface $ScriptName $Interface; } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 9d17beef03ace2d75c9e2f9f98fa297707c9e0e3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:51 +0100 Subject: [PATCH 652/908] check-routeros-update: use $ExitError to indicate unintentional error --- check-routeros-update.rsc | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index 0624808..510acd9 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -11,6 +11,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -34,20 +35,24 @@ :global WaitFullyConnected; :local DoUpdate do={ + :global LogPrint; + :if ([ :len [ /system/script/find where name="packages-update" ] ] > 0) do={ /system/script/run packages-update; } else={ /system/package/update/install without-paging; } - :error "Waiting for system to reboot."; + $LogPrint info $0 ("Waiting for system to reboot."); } :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } $WaitFullyConnected; :if ([ :len [ /system/scheduler/find where name="_RebootForUpdate" ] ] > 0) do={ + :set ExitOK true; :error "A reboot for update is already scheduled."; } @@ -59,11 +64,13 @@ :if ([ $ScriptFromTerminal $ScriptName ] = true) do={ $LogPrint info $ScriptName ("System is already up to date."); } + :set ExitOK true; :error true; } :if ([ :len ($Update->"latest-version") ] = 0) do={ $LogPrint info $ScriptName ("Received an empty version string from server."); + :set ExitOK true; :error false; } @@ -76,6 +83,7 @@ :if ($NumLatest < [ $VersionToNum "7.0" ]) do={ $LogPrint warning $ScriptName ("The version '" . ($Update->"latest-version") . "' is not a valid version."); + :set ExitOK true; :error false; } @@ -88,6 +96,8 @@ message=("Installing ALL versions automatically, including " . $Update->"latest-version" . \ "... Updating on " . $Identity . "..."); link=$Link; silent=true }); $DoUpdate; + :set ExitOK true; + :error true; } :if ($SafeUpdatePatch = true && $NumInstalledFeature = $NumLatestFeature) do={ @@ -97,6 +107,8 @@ message=("Version " . $Update->"latest-version" . " is a patch update for " . $Update->"channel" . \ ", updating on " . $Identity . "..."); link=$Link; silent=true }); $DoUpdate; + :set ExitOK true; + :error true; } :if ($SafeUpdateNeighbor = true) do={ @@ -111,6 +123,8 @@ message=("Seen a neighbor (" . $Neighbor . ") running version " . $Update->"latest-version" . \ " from " . $Update->"channel" . ", updating on " . $Identity . "..."); link=$Link; silent=true }); $DoUpdate; + :set ExitOK true; + :error true; } } @@ -131,6 +145,8 @@ message=("Version " . $Update->"latest-version" . " is considered safe for " . $Update->"channel" . \ ", updating on " . $Identity . "..."); link=$Link; silent=true }); $DoUpdate; + :set ExitOK true; + :error true; } } @@ -140,6 +156,7 @@ :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ /system/package/update/set channel=stable; $LogPrint info $ScriptName ("Switched to channel 'stable', please re-run!"); + :set ExitOK true; :error true; } } @@ -147,6 +164,8 @@ :put ("Do you want to install RouterOS version " . $Update->"latest-version" . "? [y/N]"); :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ $DoUpdate; + :set ExitOK true; + :error true; } else={ :put "Canceled..."; } @@ -155,6 +174,7 @@ :if ($SentRouterosUpdateNotification = $Update->"latest-version") do={ $LogPrint info $ScriptName ("Already sent the RouterOS update notification for version " . \ $Update->"latest-version" . "."); + :set ExitOK true; :error true; } @@ -170,6 +190,7 @@ :if ($SentRouterosUpdateNotification = $Update->"latest-version") do={ $LogPrint info $ScriptName ("Already sent the RouterOS downgrade notification for version " . \ $Update->"latest-version" . "."); + :set ExitOK true; :error true; } @@ -182,4 +203,6 @@ " is available for downgrade."); :set SentRouterosUpdateNotification ($Update->"latest-version"); } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From bf322781d17629c3254520766ae540fb3ae846be Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:51 +0100 Subject: [PATCH 653/908] collect-wireless-mac: use $ExitError to indicate unintentional error --- collect-wireless-mac.capsman.rsc | 6 +++++- collect-wireless-mac.local.rsc | 6 +++++- collect-wireless-mac.template.rsc | 6 +++++- collect-wireless-mac.wifi.rsc | 6 +++++- 4 files changed, 20 insertions(+), 4 deletions(-) diff --git a/collect-wireless-mac.capsman.rsc b/collect-wireless-mac.capsman.rsc index 9efa9ef..77fd6e3 100644 --- a/collect-wireless-mac.capsman.rsc +++ b/collect-wireless-mac.capsman.rsc @@ -14,6 +14,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -29,6 +30,7 @@ :global SymbolForNotification; :if ([ $ScriptLock $ScriptName 10 ] = false) do={ + :set ExitOK true; :error false; } @@ -93,4 +95,6 @@ $LogPrint debug $ScriptName ("No mac address available... Ignoring."); } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} diff --git a/collect-wireless-mac.local.rsc b/collect-wireless-mac.local.rsc index 27c9d1c..dc7be19 100644 --- a/collect-wireless-mac.local.rsc +++ b/collect-wireless-mac.local.rsc @@ -14,6 +14,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -29,6 +30,7 @@ :global SymbolForNotification; :if ([ $ScriptLock $ScriptName 10 ] = false) do={ + :set ExitOK true; :error false; } @@ -94,4 +96,6 @@ $LogPrint debug $ScriptName ("No mac address available... Ignoring."); } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} diff --git a/collect-wireless-mac.template.rsc b/collect-wireless-mac.template.rsc index d41c17d..34b1695 100644 --- a/collect-wireless-mac.template.rsc +++ b/collect-wireless-mac.template.rsc @@ -15,6 +15,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -30,6 +31,7 @@ :global SymbolForNotification; :if ([ $ScriptLock $ScriptName 10 ] = false) do={ + :set ExitOK true; :error false; } @@ -111,4 +113,6 @@ $LogPrint debug $ScriptName ("No mac address available... Ignoring."); } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} diff --git a/collect-wireless-mac.wifi.rsc b/collect-wireless-mac.wifi.rsc index 0075320..23c93b0 100644 --- a/collect-wireless-mac.wifi.rsc +++ b/collect-wireless-mac.wifi.rsc @@ -14,6 +14,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -29,6 +30,7 @@ :global SymbolForNotification; :if ([ $ScriptLock $ScriptName 10 ] = false) do={ + :set ExitOK true; :error false; } @@ -93,4 +95,6 @@ $LogPrint debug $ScriptName ("No mac address available... Ignoring."); } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From f9a6916827b3954637f52ac726d937e04a471e3e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:51 +0100 Subject: [PATCH 654/908] daily-psk.capsman: use $ExitError to indicate unintentional error --- daily-psk.capsman.rsc | 6 +++++- daily-psk.local.rsc | 6 +++++- daily-psk.template.rsc | 6 +++++- daily-psk.wifi.rsc | 6 +++++- 4 files changed, 20 insertions(+), 4 deletions(-) diff --git a/daily-psk.capsman.rsc b/daily-psk.capsman.rsc index 0562e39..263f6e5 100644 --- a/daily-psk.capsman.rsc +++ b/daily-psk.capsman.rsc @@ -14,6 +14,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -31,6 +32,7 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } $WaitFullyConnected; @@ -89,4 +91,6 @@ } } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} diff --git a/daily-psk.local.rsc b/daily-psk.local.rsc index 0bef0e9..f0757e1 100644 --- a/daily-psk.local.rsc +++ b/daily-psk.local.rsc @@ -14,6 +14,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -31,6 +32,7 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } $WaitFullyConnected; @@ -88,4 +90,6 @@ } } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} diff --git a/daily-psk.template.rsc b/daily-psk.template.rsc index 9d71958..7e36b5a 100644 --- a/daily-psk.template.rsc +++ b/daily-psk.template.rsc @@ -15,6 +15,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -32,6 +33,7 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } $WaitFullyConnected; @@ -104,4 +106,6 @@ } } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} diff --git a/daily-psk.wifi.rsc b/daily-psk.wifi.rsc index 83a896c..293f0e4 100644 --- a/daily-psk.wifi.rsc +++ b/daily-psk.wifi.rsc @@ -14,6 +14,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -31,6 +32,7 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } $WaitFullyConnected; @@ -89,4 +91,6 @@ } } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 87cde2cc2fe8604457f9fd4826abac1409d88a0d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:52 +0100 Subject: [PATCH 655/908] dhcp-lease-comment: use $ExitError to indicate unintentional error --- dhcp-lease-comment.capsman.rsc | 6 +++++- dhcp-lease-comment.local.rsc | 6 +++++- dhcp-lease-comment.template.rsc | 6 +++++- dhcp-lease-comment.wifi.rsc | 6 +++++- 4 files changed, 20 insertions(+), 4 deletions(-) diff --git a/dhcp-lease-comment.capsman.rsc b/dhcp-lease-comment.capsman.rsc index c435ec3..5ac0009 100644 --- a/dhcp-lease-comment.capsman.rsc +++ b/dhcp-lease-comment.capsman.rsc @@ -14,6 +14,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -21,6 +22,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } @@ -36,4 +38,6 @@ /ip/dhcp-server/lease/set comment=$NewComment $Lease; } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} diff --git a/dhcp-lease-comment.local.rsc b/dhcp-lease-comment.local.rsc index 27e6605..1b74d93 100644 --- a/dhcp-lease-comment.local.rsc +++ b/dhcp-lease-comment.local.rsc @@ -14,6 +14,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -21,6 +22,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } @@ -36,4 +38,6 @@ /ip/dhcp-server/lease/set comment=$NewComment $Lease; } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} diff --git a/dhcp-lease-comment.template.rsc b/dhcp-lease-comment.template.rsc index c562ca2..8f1ad47 100644 --- a/dhcp-lease-comment.template.rsc +++ b/dhcp-lease-comment.template.rsc @@ -15,6 +15,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -22,6 +23,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } @@ -41,4 +43,6 @@ /ip/dhcp-server/lease/set comment=$NewComment $Lease; } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} diff --git a/dhcp-lease-comment.wifi.rsc b/dhcp-lease-comment.wifi.rsc index ba617d7..d3741c5 100644 --- a/dhcp-lease-comment.wifi.rsc +++ b/dhcp-lease-comment.wifi.rsc @@ -14,6 +14,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -21,6 +22,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } @@ -36,4 +38,6 @@ /ip/dhcp-server/lease/set comment=$NewComment $Lease; } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From c8d423c7d59a9051914d5dd676bcd997d7e9854b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:52 +0100 Subject: [PATCH 656/908] dhcp-to-dns: use $ExitError to indicate unintentional error --- dhcp-to-dns.rsc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/dhcp-to-dns.rsc b/dhcp-to-dns.rsc index 9bf506f..ad55c4d 100644 --- a/dhcp-to-dns.rsc +++ b/dhcp-to-dns.rsc @@ -12,6 +12,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -27,6 +28,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName 10 ] = false) do={ + :set ExitOK true; :error false; } @@ -123,4 +125,6 @@ $LogPrint debug $ScriptName ("No address available... Ignoring."); } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 590030d391d523bc555c192c5f84f9cdb6504abd Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:52 +0100 Subject: [PATCH 657/908] firmware-upgrade-reboot: use $ExitError to indicate unintentional error --- firmware-upgrade-reboot.rsc | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/firmware-upgrade-reboot.rsc b/firmware-upgrade-reboot.rsc index 74847ac..9655903 100644 --- a/firmware-upgrade-reboot.rsc +++ b/firmware-upgrade-reboot.rsc @@ -11,6 +11,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -19,6 +20,7 @@ :global VersionToNum; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } @@ -26,10 +28,12 @@ :if ($RouterBoard->"current-firmware" = $RouterBoard->"upgrade-firmware") do={ $LogPrint info $ScriptName ("Current and upgrade firmware match with version " . \ $RouterBoard->"current-firmware" . "."); + :set ExitOK true; :error true; } :if ([ $VersionToNum ($RouterBoard->"current-firmware") ] > [ $VersionToNum ($RouterBoard->"upgrade-firmware") ]) do={ $LogPrint info $ScriptName ("Different firmware version is available, but it is a downgrade. Ignoring."); + :set ExitOK true; :error true; } @@ -51,4 +55,6 @@ $LogPrint info $ScriptName ("Firmware upgrade successful, rebooting."); /system/reboot; -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 923a6385bf8fcb770a70650318d96f0571d7297e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:52 +0100 Subject: [PATCH 658/908] fw-addr-lists: use $ExitError to indicate unintentional error --- fw-addr-lists.rsc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 34b2fcc..6682f4a 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -11,6 +11,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -36,6 +37,7 @@ } :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } $WaitFullyConnected; @@ -184,4 +186,6 @@ " - renewed: " . [ $HumanReadableNum $CntRenew 1000 ] . \ " - removed: " . [ $HumanReadableNum $CntRemove 1000 ]); } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 90cfa83d95baf440544a331fd60f9903afa1fead Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:52 +0100 Subject: [PATCH 659/908] gps-track: use $ExitError to indicate unintentional error --- gps-track.rsc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/gps-track.rsc b/gps-track.rsc index a2ea9ff..c0ecac4 100644 --- a/gps-track.rsc +++ b/gps-track.rsc @@ -11,6 +11,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -23,6 +24,7 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } $WaitFullyConnected; @@ -45,4 +47,6 @@ } else={ $LogPrint debug $ScriptName ("GPS data not valid."); } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From f7b96aa3e93f98b7a8dd076e34b7c302fe436f50 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:52 +0100 Subject: [PATCH 660/908] hotspot-to-wpa-cleanup: use $ExitError to indicate unintentional error --- hotspot-to-wpa-cleanup.capsman.rsc | 6 +++++- hotspot-to-wpa-cleanup.template.rsc | 6 +++++- hotspot-to-wpa-cleanup.wifi.rsc | 6 +++++- 3 files changed, 15 insertions(+), 3 deletions(-) diff --git a/hotspot-to-wpa-cleanup.capsman.rsc b/hotspot-to-wpa-cleanup.capsman.rsc index e935850..8a38213 100644 --- a/hotspot-to-wpa-cleanup.capsman.rsc +++ b/hotspot-to-wpa-cleanup.capsman.rsc @@ -14,6 +14,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -23,6 +24,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName 10 ] = false) do={ + :set ExitOK true; :error false; } @@ -72,4 +74,6 @@ /ip/dhcp-server/lease/remove $Lease; } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc index fa99b5d..e8d2dfb 100644 --- a/hotspot-to-wpa-cleanup.template.rsc +++ b/hotspot-to-wpa-cleanup.template.rsc @@ -15,6 +15,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -24,6 +25,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName 10 ] = false) do={ + :set ExitOK true; :error false; } @@ -79,4 +81,6 @@ /ip/dhcp-server/lease/remove $Lease; } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} diff --git a/hotspot-to-wpa-cleanup.wifi.rsc b/hotspot-to-wpa-cleanup.wifi.rsc index d3f859e..e2ef1fd 100644 --- a/hotspot-to-wpa-cleanup.wifi.rsc +++ b/hotspot-to-wpa-cleanup.wifi.rsc @@ -14,6 +14,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -23,6 +24,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName 10 ] = false) do={ + :set ExitOK true; :error false; } @@ -72,4 +74,6 @@ /ip/dhcp-server/lease/remove $Lease; } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From ff00c27f990b851b9d14f708aecae6087fedc011 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 9 Dec 2024 09:55:12 +0100 Subject: [PATCH 661/908] global-functions: $ExitError: give matching message for functions --- global-functions.rsc | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 8941994..6c74c2f 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -428,13 +428,15 @@ # simple macro to print error message on unintentional error :set ExitError do={ - :local ExitOK [ :tostr $1 ]; - :local ScriptName [ :tostr $2 ]; + :local ExitOK [ :tostr $1 ]; + :local Name [ :tostr $2 ]; + :global IfThenElse; :global LogPrint; :if ($ExitOK = "false") do={ - $LogPrint error $ScriptName ("Script '" . $ScriptName . "' exited with error."); + $LogPrint error $Name ([ $IfThenElse ([ :pick $Name 0 1 ] = "\$") \ + "Function" "Script" ] . " '" . $Name . "' exited with error."); } } From 8e12453058ae848a6d61c104ab6aa22902205d98 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:52 +0100 Subject: [PATCH 662/908] hotspot-to-wpa: use $ExitError to indicate unintentional error --- hotspot-to-wpa.capsman.rsc | 8 +++++++- hotspot-to-wpa.template.rsc | 8 +++++++- hotspot-to-wpa.wifi.rsc | 8 +++++++- 3 files changed, 21 insertions(+), 3 deletions(-) diff --git a/hotspot-to-wpa.capsman.rsc b/hotspot-to-wpa.capsman.rsc index b85c591..e57d327 100644 --- a/hotspot-to-wpa.capsman.rsc +++ b/hotspot-to-wpa.capsman.rsc @@ -13,6 +13,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -25,11 +26,13 @@ :local UserName $username; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } :if ([ :typeof $MacAddress ] = "nothing" || [ :typeof $UserName ] = "nothing") do={ $LogPrint error $ScriptName ("This script is supposed to run from hotspot on login."); + :set ExitOK true; :error false; } @@ -57,6 +60,7 @@ :if ($Template->"action" = "reject") do={ $LogPrint info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'."); + :set ExitOK true; :error true; } @@ -95,4 +99,6 @@ :delay 2s; /caps-man/access-list/set $Entry action=accept; -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} diff --git a/hotspot-to-wpa.template.rsc b/hotspot-to-wpa.template.rsc index 44607cc..efe37d0 100644 --- a/hotspot-to-wpa.template.rsc +++ b/hotspot-to-wpa.template.rsc @@ -14,6 +14,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -26,11 +27,13 @@ :local UserName $username; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } :if ([ :typeof $MacAddress ] = "nothing" || [ :typeof $UserName ] = "nothing") do={ $LogPrint error $ScriptName ("This script is supposed to run from hotspot on login."); + :set ExitOK true; :error false; } @@ -64,6 +67,7 @@ :if ($Template->"action" = "reject") do={ $LogPrint info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'."); + :set ExitOK true; :error true; } @@ -115,4 +119,6 @@ :delay 2s; /caps-man/access-list/set $Entry action=accept; /interface/wifi/access-list/set $Entry action=accept; -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} diff --git a/hotspot-to-wpa.wifi.rsc b/hotspot-to-wpa.wifi.rsc index 25933c6..6242d04 100644 --- a/hotspot-to-wpa.wifi.rsc +++ b/hotspot-to-wpa.wifi.rsc @@ -13,6 +13,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -25,11 +26,13 @@ :local UserName $username; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } :if ([ :typeof $MacAddress ] = "nothing" || [ :typeof $UserName ] = "nothing") do={ $LogPrint error $ScriptName ("This script is supposed to run from hotspot on login."); + :set ExitOK true; :error false; } @@ -57,6 +60,7 @@ :if ($Template->"action" = "reject") do={ $LogPrint info $ScriptName ("Ignoring login for hotspot '" . $Hotspot . "'."); + :set ExitOK true; :error true; } @@ -92,4 +96,6 @@ :delay 2s; /interface/wifi/access-list/set $Entry action=accept; -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 8c5bd8f5e2a5943e720e6086c1aec74ddb81eaf1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 9 Dec 2024 09:02:04 +0100 Subject: [PATCH 663/908] global-functions: $ScriptInstallUpdate: use $ExitError to indicate unintentional error --- global-functions.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 6c74c2f..743c50e 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1018,7 +1018,7 @@ } # install new scripts, update existing scripts -:set ScriptInstallUpdate do={ +:set ScriptInstallUpdate do={ :do { :local Scripts [ :toarray $1 ]; :local NewComment [ :tostr $2 ]; @@ -1237,7 +1237,9 @@ :set GlobalConfigChanges; :set GlobalConfigMigration; } -} +} on-error={ + :global ExitError; $ExitError false $0; +} } # lock script against multiple invocation :set ScriptLock do={ From a6fd6bd80cf827a417549c5d433630efcbf1b8b6 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:52 +0100 Subject: [PATCH 664/908] ipsec-to-dns: use $ExitError to indicate unintentional error --- ipsec-to-dns.rsc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/ipsec-to-dns.rsc b/ipsec-to-dns.rsc index bd74a8f..47676ca 100644 --- a/ipsec-to-dns.rsc +++ b/ipsec-to-dns.rsc @@ -11,6 +11,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -26,6 +27,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } @@ -76,4 +78,6 @@ /ip/dns/static/add name=$Fqdn address=($PeerVal->"dynamic-address") ttl=$Ttl comment=$Comment place-before=$PlaceBefore; } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 5b9031ccca75e7e1ba8479af1ae180ae8422ac74 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 9 Dec 2024 11:06:38 +0100 Subject: [PATCH 665/908] global-functions: $SendNotification: use $ExitError to indicate unintentional error --- global-functions.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 743c50e..625f8cd 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1374,11 +1374,13 @@ } # send notification via NotificationFunctions - expects at least two string arguments -:set SendNotification do={ +:set SendNotification do={ :do { :global SendNotification2; $SendNotification2 ({ origin=$0; subject=$1; message=$2; link=$3; silent=$4 }); -} +} on-error={ + :global ExitError; $ExitError false $0; +} } # send notification via NotificationFunctions - expects one array argument :set SendNotification2 do={ From 82de8bd935c5a2ccdaf3bfb9db732bdec0ce7d96 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:52 +0100 Subject: [PATCH 666/908] ipv6-update: use $ExitError to indicate unintentional error --- ipv6-update.rsc | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/ipv6-update.rsc b/ipv6-update.rsc index ccc0eb9..ea1d444 100644 --- a/ipv6-update.rsc +++ b/ipv6-update.rsc @@ -11,6 +11,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -22,16 +23,19 @@ :local PdPrefix $"pd-prefix"; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } :if ([ :typeof $NaAddress ] = "str") do={ $LogPrint info $ScriptName ("An address (" . $NaAddress . ") was acquired, not a prefix. Ignoring."); + :set ExitOK true; :error false; } :if ([ :typeof $PdPrefix ] = "nothing") do={ $LogPrint error $ScriptName ("This script is supposed to run from ipv6 dhcp-client."); + :set ExitOK true; :error false; } @@ -90,4 +94,6 @@ } } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 1fe90a6e9aeaba7350f13f52cc9a196a0bc8ca1c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 9 Dec 2024 09:03:41 +0100 Subject: [PATCH 667/908] mode-button: $ModeButtonScheduler: use $ExitError to indicate unintentional error --- mode-button.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mode-button.rsc b/mode-button.rsc index 2d428ed..90fe80e 100644 --- a/mode-button.rsc +++ b/mode-button.rsc @@ -25,7 +25,7 @@ :if ([ :len $Scheduler ] = 0) do={ $LogPrint info $ScriptName ("Creating scheduler _ModeButtonScheduler, counting presses..."); - :global ModeButtonScheduler do={ + :global ModeButtonScheduler do={ :do { :local FuncName $0; :global ModeButton; @@ -81,7 +81,9 @@ } else={ $LogPrint info $FuncName ("No action defined for " . $Count . " mode-button presses."); } - } + } on-error={ + :global ExitError; $ExitError false $0; + } } /system/scheduler/add name="_ModeButtonScheduler" \ on-event=":global ModeButtonScheduler; \$ModeButtonScheduler;" interval=3s; } else={ From 177a1e798a09115ecc9241f5f39065a2583bcfac Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:52 +0100 Subject: [PATCH 668/908] lease-script: use $ExitError to indicate unintentional error --- lease-script.rsc | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/lease-script.rsc b/lease-script.rsc index f484414..995c7e4 100644 --- a/lease-script.rsc +++ b/lease-script.rsc @@ -11,6 +11,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -25,6 +26,7 @@ [ :typeof $leaseServerName ] = "nothing" || \ [ :typeof $leaseBound ] = "nothing") do={ $LogPrint error $ScriptName ("This script is supposed to run from ip dhcp-server."); + :set ExitOK true; :error false; } @@ -32,11 +34,13 @@ "de" "" ] . "assigned lease " . $leaseActIP . " to " . $leaseActMAC); :if ([ $ScriptLock $ScriptName 10 ] = false) do={ + :set ExitOK true; :error false; } :if ([ :len [ /system/script/job/find where script=$ScriptName ] ] > 1) do={ $LogPrint debug $ScriptName ("More invocations are waiting, exiting early."); + :set ExitOK true; :error true; } @@ -56,4 +60,6 @@ $LogPrint warning $ScriptName ("Running script '" . $Script . "' failed!"); } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 5db686a15ccd21ed3a190cd4c9eea0bcc6e56abd Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 9 Dec 2024 09:09:05 +0100 Subject: [PATCH 669/908] mod/bridge-port-to: $BridgePortTo: use $ExitError to indicate unintentional error --- mod/bridge-port-to.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mod/bridge-port-to.rsc b/mod/bridge-port-to.rsc index 7dae679..9e7b911 100644 --- a/mod/bridge-port-to.rsc +++ b/mod/bridge-port-to.rsc @@ -10,7 +10,7 @@ :global BridgePortTo; -:set BridgePortTo do={ +:set BridgePortTo do={ :do { :local BridgePortTo [ :tostr $1 ]; :global IfThenElse; @@ -65,4 +65,6 @@ $LogPrint info $0 ("Re-enabling interfaces..."); /interface/ethernet/enable $InterfaceReEnable; } -} +} on-error={ + :global ExitError; $ExitError false $0; +} } From da7a031081bcbb4c563bb8b56f7ee150c32b54c0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:52 +0100 Subject: [PATCH 670/908] log-forward: use $ExitError to indicate unintentional error --- log-forward.rsc | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/log-forward.rsc b/log-forward.rsc index e0d8f35..8e660fc 100644 --- a/log-forward.rsc +++ b/log-forward.rsc @@ -11,6 +11,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -33,6 +34,7 @@ :global SymbolForNotification; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } @@ -43,6 +45,7 @@ :if ($LogForwardRateLimit > 30) do={ :set LogForwardRateLimit ($LogForwardRateLimit - 1); $LogPrint info $ScriptName ("Rate limit in action, not forwarding logs, if any!"); + :set ExitOK true; :error false; } @@ -100,4 +103,6 @@ :local LogAll [ /log/find ]; :set LogForwardLast ($LogAll->([ :len $LogAll ] - 1) ); -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 495232b299bafadc4d21551f094c3c42fa090f57 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 9 Dec 2024 09:09:48 +0100 Subject: [PATCH 671/908] mod/bridge-port-vlan: $BridgePortVlan: use $ExitError to indicate unintentional error --- mod/bridge-port-vlan.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mod/bridge-port-vlan.rsc b/mod/bridge-port-vlan.rsc index c9f55ae..18fa2db 100644 --- a/mod/bridge-port-vlan.rsc +++ b/mod/bridge-port-vlan.rsc @@ -10,7 +10,7 @@ :global BridgePortVlan; -:global BridgePortVlan do={ +:global BridgePortVlan do={ :do { :local ConfigTo [ :tostr $1 ]; :global IfThenElse; @@ -74,4 +74,6 @@ $LogPrint info $0 ("Re-enabling interfaces..."); /interface/ethernet/enable $InterfaceReEnable; } -} +} on-error={ + :global ExitError; $ExitError false $0; +} } From b7ce6aee71733a1e84b911a21c8868b8d2279c10 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:52 +0100 Subject: [PATCH 672/908] mode-button: use $ExitError to indicate unintentional error --- mode-button.rsc | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/mode-button.rsc b/mode-button.rsc index 3bd922b..24de453 100644 --- a/mode-button.rsc +++ b/mode-button.rsc @@ -11,6 +11,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -83,4 +84,6 @@ $LogPrint debug $ScriptName ("Updating scheduler _ModeButtonScheduler..."); /system/scheduler/set $Scheduler start-time=[ /system/clock/get time ]; } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 05cb87f475ffc3f9fdc1fa6988925e79a3dacd38 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 9 Dec 2024 09:10:08 +0100 Subject: [PATCH 673/908] mod/inspectvar: $InspectVar: use $ExitError to indicate unintentional error --- mod/inspectvar.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mod/inspectvar.rsc b/mod/inspectvar.rsc index 73205b2..0209214 100644 --- a/mod/inspectvar.rsc +++ b/mod/inspectvar.rsc @@ -12,11 +12,13 @@ :global InspectVarReturn; # inspect variable and print on terminal -:set InspectVar do={ +:set InspectVar do={ :do { :global InspectVarReturn; :put [ :tocrlf [ $InspectVarReturn $1 ] ]; -} +} on-error={ + :global ExitError; $ExitError false $0; +} } # inspect variable and return formatted string :set InspectVarReturn do={ From d89a3694850a76e487b139eebf24572344a5502e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:08:36 +0100 Subject: [PATCH 674/908] netwatch-dns: use $ExitError to indicate unintentional error --- netwatch-dns.rsc | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/netwatch-dns.rsc b/netwatch-dns.rsc index 6fbfc89..a704c84 100644 --- a/netwatch-dns.rsc +++ b/netwatch-dns.rsc @@ -11,6 +11,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -24,12 +25,14 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } :local SettleTime (5m30s - [ /system/resource/get uptime ]); :if ($SettleTime > 0s) do={ $LogPrint info $ScriptName ("System just booted, giving netwatch " . $SettleTime . " to settle."); + :set ExitOK true; :error true; } @@ -92,6 +95,7 @@ :if ($DohCurrent = $HostInfo->"doh-url") do={ $LogPrint debug $ScriptName ("Current DoH server is still up: " . $DohCurrent); + :set ExitOK true; :error true; } @@ -132,6 +136,7 @@ } /ip/dns/cache/flush; $LogPrint info $ScriptName ("Setting DoH server: " . ($DohServer->"doh-url")); + :set ExitOK true; :error true; } else={ $LogPrint warning $ScriptName ("Received unexpected response from DoH server: " . \ @@ -139,4 +144,6 @@ } } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 34172e4c78cc5a6d0fe99df279e42a8794f84c94 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 9 Dec 2024 09:10:27 +0100 Subject: [PATCH 675/908] mod/ipcalc: $IPCalc: use $ExitError to indicate unintentional error --- mod/ipcalc.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mod/ipcalc.rsc b/mod/ipcalc.rsc index 003bdc3..021cd30 100644 --- a/mod/ipcalc.rsc +++ b/mod/ipcalc.rsc @@ -12,7 +12,7 @@ :global IPCalcReturn; # print netmask, network, min host, max host and broadcast -:set IPCalc do={ +:set IPCalc do={ :do { :local Input [ :tostr $1 ]; :global FormatLine; @@ -27,7 +27,9 @@ [ $FormatLine "HostMin" ($Values->"hostmin") ] . "\n" . \ [ $FormatLine "HostMax" ($Values->"hostmax") ] . "\n" . \ [ $FormatLine "Broadcast" ($Values->"broadcast") ]) ]; -} +} on-error={ + :global ExitError; $ExitError false $0; +} } # calculate and return netmask, network, min host, max host and broadcast :set IPCalcReturn do={ From bdc15eaefb51b40b3d414f0e94bfa22233b0f2a4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:52 +0100 Subject: [PATCH 676/908] netwatch-notify: use $ExitError to indicate unintentional error --- netwatch-notify.rsc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index a49d0cd..f1e87bd 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -11,6 +11,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -75,6 +76,7 @@ } :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } @@ -218,4 +220,6 @@ "since"=($Metric->"since") }; } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 5450618723dabf9d42857047ea906c9fc87886dd Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 9 Dec 2024 08:51:50 +0100 Subject: [PATCH 677/908] mod/notification-email: $FlushEmailQueue: use $ExitError to indicate unintentional error --- mod/notification-email.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index 3d62ddf..ff4188c 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -34,7 +34,7 @@ } # flush e-mail queue -:set FlushEmailQueue do={ +:set FlushEmailQueue do={ :do { :global EmailQueue; :global EitherOr; @@ -113,7 +113,9 @@ } else={ /system/scheduler/set interval=1m comment="Waiting for retry..." $Scheduler; } -} +} on-error={ + :global ExitError; $ExitError false $0; +} } # generate filter for log-forward :set LogForwardFilterLogForwarding do={ From eeb76c227cbc04c410e7062daef4cda9cb3d5bf3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:52 +0100 Subject: [PATCH 678/908] ospf-to-leds: use $ExitError to indicate unintentional error --- ospf-to-leds.rsc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/ospf-to-leds.rsc b/ospf-to-leds.rsc index b78faa4..d96e763 100644 --- a/ospf-to-leds.rsc +++ b/ospf-to-leds.rsc @@ -11,6 +11,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -19,6 +20,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } @@ -42,4 +44,6 @@ /system/leds/set type=off [ find where leds=$LED ]; } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 1927dc505a88ef5ecb86d1d925cf44a5225b4b7c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 9 Dec 2024 11:09:44 +0100 Subject: [PATCH 679/908] mod/notification-email: $SendEMail: use $ExitError to indicate unintentional error --- mod/notification-email.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index ff4188c..e51779b 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -226,11 +226,13 @@ } # send notification via e-mail - expects at least two string arguments -:set SendEMail do={ +:set SendEMail do={ :do { :global SendEMail2; $SendEMail2 ({ origin=$0; subject=$1; message=$2; link=$3 }); -} +} on-error={ + :global ExitError; $ExitError false $0; +} } # send notification via e-mail - expects one array argument :set SendEMail2 do={ From 81f59f9894cfd9b29a2366e8a13e124b358dadde Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:52 +0100 Subject: [PATCH 680/908] packages-update: use $ExitError to indicate unintentional error --- packages-update.rsc | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/packages-update.rsc b/packages-update.rsc index b08a48d..924a5d9 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -11,6 +11,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -45,6 +46,7 @@ } :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } @@ -52,11 +54,13 @@ :if ([ :typeof ($Update->"latest-version") ] = "nothing") do={ $LogPrint warning $ScriptName ("Latest version is not known."); + :set ExitOK true; :error false; } :if ($Update->"installed-version" = $Update->"latest-version") do={ $LogPrint info $ScriptName ("Version " . $Update->"latest-version" . " is already installed."); + :set ExitOK true; :error true; } @@ -85,10 +89,12 @@ $LogPrint info $ScriptName ("User requested to continue anyway."); } else={ $LogPrint info $ScriptName ("Canceled update..."); + :set ExitOK true; :error false; } } else={ $LogPrint warning $ScriptName ("Canceled non-interactive update."); + :set ExitOK true; :error false; } } @@ -108,6 +114,7 @@ } } else={ $LogPrint warning $ScriptName ("Not installing downgrade automatically."); + :set ExitOK true; :error false; } } @@ -116,6 +123,7 @@ :local PkgName [ /system/package/get $Package name ]; :if ([ $DownloadPackage $PkgName ($Update->"latest-version") ] = false) do={ $LogPrint error $ScriptName ("Download for package " . $PkgName . " failed, update aborted."); + :set ExitOK true; :error false; } } @@ -130,11 +138,13 @@ :put "Do you want to (s)chedule reboot or (r)eboot now? [s/R]"; :if (([ /terminal/inkey timeout=60 ] % 32) = 19) do={ $Schedule $ScriptName; + :set ExitOK true; :error true; } } else={ :if ($PackagesUpdateDeferReboot = true) do={ $Schedule $ScriptName; + :set ExitOK true; :error true; } } @@ -142,4 +152,6 @@ $LogPrint info $ScriptName ("Rebooting for update."); :delay 1s; /system/reboot; -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 1994b23e462c02ee71d5cb9db21d0e6075010c3c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 9 Dec 2024 08:56:35 +0100 Subject: [PATCH 681/908] mod/notification-matrix: $FlushMatrixQueue: use $ExitError to indicate unintentional error --- mod/notification-matrix.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mod/notification-matrix.rsc b/mod/notification-matrix.rsc index 3adc1df..751967c 100644 --- a/mod/notification-matrix.rsc +++ b/mod/notification-matrix.rsc @@ -18,7 +18,7 @@ :global SetupMatrixJoinRoom; # flush Matrix queue -:set FlushMatrixQueue do={ +:set FlushMatrixQueue do={ :do { :global MatrixQueue; :global IsFullyConnected; @@ -57,7 +57,9 @@ /system/scheduler/remove [ find where name="_FlushMatrixQueue" ]; :set MatrixQueue; } -} +} on-error={ + :global ExitError; $ExitError false $0; +} } # send notification via Matrix - expects one array argument :set ($NotificationFunctions->"matrix") do={ From be0548007184bae80dd40b4a6390ababeeb39617 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:52 +0100 Subject: [PATCH 682/908] ppp-on-up: use $ExitError to indicate unintentional error --- ppp-on-up.rsc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/ppp-on-up.rsc b/ppp-on-up.rsc index 337b32d..13b42c7 100644 --- a/ppp-on-up.rsc +++ b/ppp-on-up.rsc @@ -11,6 +11,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -20,6 +21,7 @@ :if ([ :typeof $Interface ] = "nothing") do={ $LogPrint error $ScriptName ("This script is supposed to run from ppp on-up script hook."); + :set ExitOK true; :error false; } @@ -37,4 +39,6 @@ $LogPrint warning $ScriptName ("Running script '" . $ScriptName . "' failed!"); } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From de9dee83bea855a893594e0d58ca609872f75072 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 9 Dec 2024 11:10:03 +0100 Subject: [PATCH 683/908] mod/notification-matrix: $SendMatrix: use $ExitError to indicate unintentional error --- mod/notification-matrix.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mod/notification-matrix.rsc b/mod/notification-matrix.rsc index 751967c..14f369d 100644 --- a/mod/notification-matrix.rsc +++ b/mod/notification-matrix.rsc @@ -166,11 +166,13 @@ } # send notification via Matrix - expects at least two string arguments -:set SendMatrix do={ +:set SendMatrix do={ :do { :global SendMatrix2; $SendMatrix2 ({ origin=$0; subject=$1; message=$2; link=$3 }); -} +} on-error={ + :global ExitError; $ExitError false $0; +} } # send notification via Matrix - expects one array argument :set SendMatrix2 do={ From ede351f47e8311fe00bada723e69ab90dc1332d0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:52 +0100 Subject: [PATCH 684/908] sms-action: use $ExitError to indicate unintentional error --- sms-action.rsc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/sms-action.rsc b/sms-action.rsc index c896659..fd3096c 100644 --- a/sms-action.rsc +++ b/sms-action.rsc @@ -11,6 +11,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -23,6 +24,7 @@ :if ([ :typeof $Action ] = "nothing") do={ $LogPrint error $ScriptName ("This script is supposed to run from SMS hook with action=..."); + :set ExitOK true; :error false; } @@ -34,4 +36,6 @@ } else={ $LogPrint warning $ScriptName ("The code for action '" . $Action . "' failed syntax validation!"); } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From aac723e2a1eede3649c5f3b4bbe67af0e951063a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 9 Dec 2024 08:57:01 +0100 Subject: [PATCH 685/908] mod/notification-ntfy: $FlushNtfyQueue: use $ExitError to indicate unintentional error --- mod/notification-ntfy.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mod/notification-ntfy.rsc b/mod/notification-ntfy.rsc index b2bb280..5fdeedf 100644 --- a/mod/notification-ntfy.rsc +++ b/mod/notification-ntfy.rsc @@ -15,7 +15,7 @@ :global SendNtfy2; # flush ntfy queue -:set FlushNtfyQueue do={ +:set FlushNtfyQueue do={ :do { :global NtfyQueue; :global NtfyMessageIDs; @@ -52,7 +52,9 @@ /system/scheduler/remove [ find where name="_FlushNtfyQueue" ]; :set NtfyQueue; } -} +} on-error={ + :global ExitError; $ExitError false $0; +} } # send notification via ntfy - expects one array argument :set ($NotificationFunctions->"ntfy") do={ From a78fe98fd0746dd88429413d9c81123866d880bd Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:52 +0100 Subject: [PATCH 686/908] sms-forward: use $ExitError to indicate unintentional error --- sms-forward.rsc | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/sms-forward.rsc b/sms-forward.rsc index 0d493b6..8334d5f 100644 --- a/sms-forward.rsc +++ b/sms-forward.rsc @@ -12,6 +12,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -28,11 +29,13 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } :if ([ /tool/sms/get receive-enabled ] = false) do={ $LogPrintOnce warning $ScriptName ("Receiving of SMS is not enabled."); + :set ExitOK true; :error false; } @@ -42,6 +45,7 @@ :if ([ /interface/lte/get ($Settings->"port") running ] != true) do={ $LogPrint info $ScriptName ("The LTE interface is not in running state, skipping."); + :set ExitOK true; :error true; } @@ -92,4 +96,6 @@ } } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From e76ae11b029169e971f7313b17d5c43589fa8170 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 9 Dec 2024 11:10:24 +0100 Subject: [PATCH 687/908] mod/notification-ntfy: $SendNtfy: use $ExitError to indicate unintentional error --- mod/notification-ntfy.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mod/notification-ntfy.rsc b/mod/notification-ntfy.rsc index 5fdeedf..7e0234b 100644 --- a/mod/notification-ntfy.rsc +++ b/mod/notification-ntfy.rsc @@ -134,11 +134,13 @@ } # send notification via ntfy - expects at least two string arguments -:set SendNtfy do={ +:set SendNtfy do={ :do { :global SendNtfy2; $SendNtfy2 ({ origin=$0; subject=$1; message=$2; link=$3; silent=$4 }); -} +} on-error={ + :global ExitError; $ExitError false $0; +} } # send notification via ntfy - expects one array argument :set SendNtfy2 do={ From adbefca0e48bda15d90cc53c52c3982230f8864c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:52 +0100 Subject: [PATCH 688/908] telegram-chat: use $ExitError to indicate unintentional error --- telegram-chat.rsc | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/telegram-chat.rsc b/telegram-chat.rsc index f2750f5..8589aab 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -11,6 +11,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -43,6 +44,7 @@ :global WaitFullyConnected; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } @@ -57,6 +59,7 @@ :if ([ $CertificateAvailable "Go Daddy Root Certificate Authority - G2" ] = false) do={ $LogPrint warning $ScriptName ("Downloading required certificate failed."); + :set ExitOK true; :error false; } @@ -82,6 +85,7 @@ :if ($Data = false) do={ $LogPrint warning $ScriptName ("Failed getting updates."); + :set ExitOK true; :error false; } @@ -130,6 +134,7 @@ :local File ("tmpfs/telegram-chat/" . [ $GetRandom20CharAlNum 6 ]); :if ([ $MkDir "tmpfs/telegram-chat" ] = false) do={ $LogPrint error $ScriptName ("Failed creating directory!"); + :set ExitOK true; :error false; } $LogPrint info $ScriptName ("Running command from update " . $UpdateID . ": " . $Command); @@ -176,4 +181,6 @@ } :set TelegramChatOffset ([ :pick $TelegramChatOffset 1 3 ], \ [ $IfThenElse ($UpdateID >= $TelegramChatOffset->2) ($UpdateID + 1) ($TelegramChatOffset->2) ]); -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From e89867be1533cd561bf61b65f3019946e2ceeee1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 9 Dec 2024 08:57:20 +0100 Subject: [PATCH 689/908] mod/notification-telegram: $FlushTelegramQueue: use $ExitError to indicate unintentional error --- mod/notification-telegram.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index 671bd1c..993782d 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -15,7 +15,7 @@ :global SendTelegram2; # flush telegram queue -:set FlushTelegramQueue do={ +:set FlushTelegramQueue do={ :do { :global TelegramQueue; :global TelegramMessageIDs; @@ -56,7 +56,9 @@ /system/scheduler/remove [ find where name="_FlushTelegramQueue" ]; :set TelegramQueue; } -} +} on-error={ + :global ExitError; $ExitError false $0; +} } # send notification via telegram - expects one array argument :set ($NotificationFunctions->"telegram") do={ From d4ea0e18a710c5a68c7dabaa5c1c5a40568c965b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:52 +0100 Subject: [PATCH 690/908] update-gre-address: use $ExitError to indicate unintentional error --- update-gre-address.rsc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/update-gre-address.rsc b/update-gre-address.rsc index 6dd829d..87762d6 100644 --- a/update-gre-address.rsc +++ b/update-gre-address.rsc @@ -12,6 +12,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -20,6 +21,7 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } @@ -39,4 +41,6 @@ } } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 4968b79fc1142c9bfdbfe93c8f917cfdd7f51790 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 9 Dec 2024 11:10:43 +0100 Subject: [PATCH 691/908] mod/notification-telegram: $SendTelegram: use $ExitError to indicate unintentional error --- mod/notification-telegram.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index 993782d..7d75b8b 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -182,11 +182,13 @@ } # send notification via telegram - expects at least two string arguments -:set SendTelegram do={ +:set SendTelegram do={ :do { :global SendTelegram2; $SendTelegram2 ({ origin=$0; subject=$1; message=$2; link=$3; silent=$4 }); -} +} on-error={ + :global ExitError; $ExitError false $0; +} } # send notification via telegram - expects one array argument :set SendTelegram2 do={ From ee030740cba5bd0c8b0c9c3e77551dd460abe48b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 6 Dec 2024 10:31:52 +0100 Subject: [PATCH 692/908] update-tunnelbroker: use $ExitError to indicate unintentional error --- update-tunnelbroker.rsc | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/update-tunnelbroker.rsc b/update-tunnelbroker.rsc index 67a5d30..dd43c64 100644 --- a/update-tunnelbroker.rsc +++ b/update-tunnelbroker.rsc @@ -13,6 +13,7 @@ :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } +:local ExitOK false; :do { :local ScriptName [ :jobname ]; @@ -22,11 +23,13 @@ :global ScriptLock; :if ([ $ScriptLock $ScriptName ] = false) do={ + :set ExitOK true; :error false; } :if ([ $CertificateAvailable "Starfield Root Certificate Authority - G2" ] = false) do={ $LogPrint error $ScriptName ("Downloading required certificate failed."); + :set ExitOK true; :error false; } @@ -50,6 +53,7 @@ :if (!($Data ~ "^(good|nochg) ")) do={ $LogPrint error $ScriptName ("Failed sending the local address to tunnelbroker or unexpected response!"); + :set ExitOK true; :error false; } @@ -64,4 +68,6 @@ /interface/6to4/set $Interface local-address=$PublicAddress; } } -} on-error={ } +} on-error={ + :global ExitError; $ExitError $ExitOK [ :jobname ]; +} From 48bcf8ee6e92445b01f792f1c52af012ba05b7b4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 9 Dec 2024 09:45:30 +0100 Subject: [PATCH 693/908] =?UTF-8?q?global-functions:=20$FetchHuge:=20passi?= =?UTF-8?q?ng=20boolean=20to=20function=20is=20still=20broken...=20?= =?UTF-8?q?=F0=9F=A4=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- global-functions.rsc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 47a69c4..6fec6dd 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -427,9 +427,9 @@ # fetch huge data to file, read in chunks :set FetchHuge do={ - :local ScriptName [ :tostr $1 ]; - :local Url [ :tostr $2 ]; - :local CheckCert [ :tobool $3 ]; + :local ScriptName [ :tostr $1 ]; + :local Url [ :tostr $2 ]; + :local CheckCert [ :tostr $3 ]; :global CleanName; :global FetchUserAgentStr; @@ -439,7 +439,7 @@ :global MkDir; :global WaitForFile; - :set CheckCert [ $IfThenElse ($CheckCert = false) "no" "yes-without-crl" ]; + :set CheckCert [ $IfThenElse ($CheckCert = "false") "no" "yes-without-crl" ]; :local DirName ("tmpfs/" . [ $CleanName $ScriptName ]); :if ([ $MkDir $DirName ] = false) do={ From 73e0ac75f10019794a2692371ca08a46bea69eb9 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 9 Dec 2024 09:10:44 +0100 Subject: [PATCH 694/908] mod/scriptrunonce: $ScriptRunOnce: use $ExitError to indicate unintentional error --- mod/scriptrunonce.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mod/scriptrunonce.rsc b/mod/scriptrunonce.rsc index 3d5dce9..c8dcf26 100644 --- a/mod/scriptrunonce.rsc +++ b/mod/scriptrunonce.rsc @@ -11,7 +11,7 @@ :global ScriptRunOnce; # fetch and run script(s) once -:set ScriptRunOnce do={ +:set ScriptRunOnce do={ :do { :local Scripts [ :toarray $1 ]; :global ScriptRunOnceBaseUrl; @@ -49,4 +49,6 @@ } } } -} +} on-error={ + :global ExitError; $ExitError false $0; +} } From 1788c0599865ee9cb7e5015e260d7e4a49abf581 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 9 Dec 2024 09:11:39 +0100 Subject: [PATCH 695/908] mod/ssh-keys-import: $SSHKeysImport: use $ExitError to indicate unintentional error --- mod/ssh-keys-import.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mod/ssh-keys-import.rsc b/mod/ssh-keys-import.rsc index c7b2788..b2f1d20 100644 --- a/mod/ssh-keys-import.rsc +++ b/mod/ssh-keys-import.rsc @@ -12,7 +12,7 @@ :global SSHKeysImportFile; # import single key passed as string -:set SSHKeysImport do={ +:set SSHKeysImport do={ :do { :local Key [ :tostr $1 ]; :local User [ :tostr $2 ]; @@ -64,7 +64,9 @@ /file/remove "tmpfs/ssh-keys-import"; :return false; } -} +} on-error={ + :global ExitError; $ExitError false $0; +} } # import keys from a file :set SSHKeysImportFile do={ From f8a55860afaf8817e52cb89add227fa9a84435f0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Sun, 8 Dec 2024 22:19:01 +0100 Subject: [PATCH 696/908] check-routeros-update: pass script name to local function --- check-routeros-update.rsc | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index 510acd9..a2e39b6 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -35,6 +35,8 @@ :global WaitFullyConnected; :local DoUpdate do={ + :local ScriptName [ :tostr $1 ]; + :global LogPrint; :if ([ :len [ /system/script/find where name="packages-update" ] ] > 0) do={ @@ -42,7 +44,7 @@ } else={ /system/package/update/install without-paging; } - $LogPrint info $0 ("Waiting for system to reboot."); + $LogPrint info $ScriptName ("Waiting for system to reboot."); } :if ([ $ScriptLock $ScriptName ] = false) do={ @@ -95,7 +97,7 @@ subject=([ $SymbolForNotification "sparkles" ] . "RouterOS update: " . $Update->"latest-version"); \ message=("Installing ALL versions automatically, including " . $Update->"latest-version" . \ "... Updating on " . $Identity . "..."); link=$Link; silent=true }); - $DoUpdate; + $DoUpdate $ScriptName; :set ExitOK true; :error true; } @@ -106,7 +108,7 @@ subject=([ $SymbolForNotification "sparkles" ] . "RouterOS update: " . $Update->"latest-version"); \ message=("Version " . $Update->"latest-version" . " is a patch update for " . $Update->"channel" . \ ", updating on " . $Identity . "..."); link=$Link; silent=true }); - $DoUpdate; + $DoUpdate $ScriptName; :set ExitOK true; :error true; } @@ -122,7 +124,7 @@ subject=([ $SymbolForNotification "sparkles" ] . "RouterOS update: " . $Update->"latest-version"); \ message=("Seen a neighbor (" . $Neighbor . ") running version " . $Update->"latest-version" . \ " from " . $Update->"channel" . ", updating on " . $Identity . "..."); link=$Link; silent=true }); - $DoUpdate; + $DoUpdate $ScriptName; :set ExitOK true; :error true; } @@ -144,7 +146,7 @@ subject=([ $SymbolForNotification "sparkles" ] . "RouterOS update: " . $Update->"latest-version"); \ message=("Version " . $Update->"latest-version" . " is considered safe for " . $Update->"channel" . \ ", updating on " . $Identity . "..."); link=$Link; silent=true }); - $DoUpdate; + $DoUpdate $ScriptName; :set ExitOK true; :error true; } @@ -163,7 +165,7 @@ :put ("Do you want to install RouterOS version " . $Update->"latest-version" . "? [y/N]"); :if (([ /terminal/inkey timeout=60 ] % 32) = 25) do={ - $DoUpdate; + $DoUpdate $ScriptName; :set ExitOK true; :error true; } else={ From 210ef26b93364f4b69cde9ff34139d51572357ee Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 9 Dec 2024 09:11:56 +0100 Subject: [PATCH 697/908] mod/ssh-keys-import: $SSHKeysImportFile: use $ExitError to indicate unintentional error --- mod/ssh-keys-import.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mod/ssh-keys-import.rsc b/mod/ssh-keys-import.rsc index b2f1d20..583e827 100644 --- a/mod/ssh-keys-import.rsc +++ b/mod/ssh-keys-import.rsc @@ -69,7 +69,7 @@ } } # import keys from a file -:set SSHKeysImportFile do={ +:set SSHKeysImportFile do={ :do { :local FileName [ :tostr $1 ]; :local User [ :tostr $2 ]; @@ -108,4 +108,6 @@ $LogPrint warning $0 ("SSH key of type '" . $KeyVal->0 . "' is not supported."); } } -} +} on-error={ + :global ExitError; $ExitError false $0; +} } From e51191035b21c529efb4387dfe59976c3112f561 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Sun, 8 Dec 2024 22:22:18 +0100 Subject: [PATCH 698/908] mode-button: $ModeButtonScheduler: explicitly name the variable --- mode-button.rsc | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/mode-button.rsc b/mode-button.rsc index 24de453..2d428ed 100644 --- a/mode-button.rsc +++ b/mode-button.rsc @@ -26,6 +26,8 @@ :if ([ :len $Scheduler ] = 0) do={ $LogPrint info $ScriptName ("Creating scheduler _ModeButtonScheduler, counting presses..."); :global ModeButtonScheduler do={ + :local FuncName $0; + :global ModeButton; :global LogPrint; @@ -54,7 +56,7 @@ :if ([ :len $Code ] > 0) do={ :if ([ $ValidateSyntax $Code ] = true) do={ - $LogPrint info $0 ("Acting on " . $Count . " mode-button presses: " . $Code); + $LogPrint info $FuncName ("Acting on " . $Count . " mode-button presses: " . $Code); :for I from=1 to=$Count do={ $LEDInvert; @@ -69,13 +71,15 @@ :do { [ :parse $Code ]; } on-error={ - $LogPrint warning $0 ("The code for " . $Count . " mode-button presses failed with runtime error!"); + $LogPrint warning $FuncName \ + ("The code for " . $Count . " mode-button presses failed with runtime error!"); } } else={ - $LogPrint warning $0 ("The code for " . $Count . " mode-button presses failed syntax validation!"); + $LogPrint warning $FuncName \ + ("The code for " . $Count . " mode-button presses failed syntax validation!"); } } else={ - $LogPrint info $0 ("No action defined for " . $Count . " mode-button presses."); + $LogPrint info $FuncName ("No action defined for " . $Count . " mode-button presses."); } } /system/scheduler/add name="_ModeButtonScheduler" \ From bceabebf9c6c30e2b1057448d74a5de006ef5d1e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 10 Dec 2024 17:05:12 +0100 Subject: [PATCH 699/908] mod/notification-email: drop useless safeguard Guess it was useful back in the day. Now the function exits early if the queue is empty... So this can never be zero. --- mod/notification-email.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index e51779b..dd90923 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -71,7 +71,7 @@ $LogPrint warning $0 ("Flushing E-Mail messages from scheduler, but queue is empty."); } - /system/scheduler/set interval=([ $EitherOr $QueueLen 1 ] . "m") comment="Sending..." $Scheduler; + /system/scheduler/set interval=($QueueLen . "m") comment="Sending..." $Scheduler; :foreach Id,Message in=$EmailQueue do={ :if ([ :typeof $Message ] = "array" ) do={ From 42bcc63d29c85a7fcdb175b3ea725654d2db7039 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 10 Dec 2024 17:12:24 +0100 Subject: [PATCH 700/908] mod/notification-email: increase retry interval on failure --- mod/notification-email.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index dd90923..b109bf4 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -46,8 +46,9 @@ :local AllDone true; :local QueueLen [ :len $EmailQueue ]; :local Scheduler [ /system/scheduler/find where name="_FlushEmailQueue" ]; + :local SchedVal [ /system/scheduler/get $Scheduler ]; - :if ([ :len $Scheduler ] > 0 && [ /system/scheduler/get $Scheduler interval ] < 1m) do={ + :if ([ :len $Scheduler ] > 0 && ($SchedVal->"interval") < 1m) do={ /system/scheduler/set interval=1m comment="Doing initial checks..." $Scheduler; } @@ -111,7 +112,8 @@ /system/scheduler/remove $Scheduler; :set EmailQueue; } else={ - /system/scheduler/set interval=1m comment="Waiting for retry..." $Scheduler; + /system/scheduler/set interval=(($SchedVal->"run-count") . "m") \ + comment="Waiting for retry..." $Scheduler; } } on-error={ :global ExitError; $ExitError false $0; From c311e58d998fabc7568acd77f0a8bd42468f50b0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 10 Dec 2024 20:23:26 +0100 Subject: [PATCH 701/908] leds-toggle-mode: toggle in one call... ... and drop the condition. --- leds-toggle-mode.rsc | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/leds-toggle-mode.rsc b/leds-toggle-mode.rsc index 136c9d1..07e12ae 100644 --- a/leds-toggle-mode.rsc +++ b/leds-toggle-mode.rsc @@ -6,8 +6,4 @@ # toggle LEDs mode # https://git.eworm.de/cgit/routeros-scripts/about/doc/leds-mode.md -:if ([ /system/leds/settings/get all-leds-off ] = "never") do={ - /system/leds/settings/set all-leds-off=immediate; -} else={ - /system/leds/settings/set all-leds-off=never; -} +/system/leds/settings/set all-leds-off=(({ "never"="immediate"; "immediate"="never" })->[ get all-leds-off ]); From d70efe910ae3a9bef3ee6b62c0fd6d591bab89e3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 10 Dec 2024 20:32:50 +0100 Subject: [PATCH 702/908] mode-button: support led toggle without extra script --- global-config.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/global-config.rsc b/global-config.rsc index 2ed67f3..5292853 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -186,7 +186,7 @@ # Run different commands with multiple mode-button presses. :global ModeButton { - 1="/system/script/run leds-toggle-mode;"; + 1="/system/leds/settings/set all-leds-off=(({ \"never\"=\"immediate\"; \"immediate\"=\"never\" })->[ get all-leds-off ]);"; 2=":global Identity; :global SendNotification; :global SymbolForNotification; \$SendNotification ([ \$SymbolForNotification \"earth\" ] . \"Hello...\") (\"Hello world, \" . \$Identity . \" calling!\");"; 3="/system/shutdown;"; 4="/system/reboot;"; From 8231c3e833ee83a118f4d8395c097e6a9f312c2f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 11 Dec 2024 10:40:06 +0100 Subject: [PATCH 703/908] global-functions: $WaitForFile: delay until "complete"... MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Well, turns out that waiting for existence of a file is not sufficient. Chances are that a file is available just partly, so wait until the size no longer changes... Let's hope that works as expected. 🤞 --- global-functions.rsc | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 625f8cd..e5e5d50 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1577,6 +1577,16 @@ :delay $Delay; :set I ($I + 1); } + + :local File [ /file/find where name=$FileName ]; + :local SizeA 0; + :local SizeB 1; + :while ($SizeA < $SizeB) do={ + :set SizeA $SizeB; + :delay $Delay; + :set SizeB [ /file/get $File size ]; + } + :return true; } From 009a6bd76204083f4b1971b285d90e916c0fbc29 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 11 Dec 2024 10:55:23 +0100 Subject: [PATCH 704/908] mod/notification-email: $FlushEmailQueue: return on success --- mod/notification-email.rsc | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index b109bf4..1d9a0a1 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -111,10 +111,11 @@ :if ($AllDone = true && $QueueLen = [ :len $EmailQueue ]) do={ /system/scheduler/remove $Scheduler; :set EmailQueue; - } else={ - /system/scheduler/set interval=(($SchedVal->"run-count") . "m") \ - comment="Waiting for retry..." $Scheduler; + :return true; } + + /system/scheduler/set interval=(($SchedVal->"run-count") . "m") \ + comment="Waiting for retry..." $Scheduler; } on-error={ :global ExitError; $ExitError false $0; } } From 53106731528adc607ee40336b79c516fac594a17 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 11 Dec 2024 10:59:37 +0100 Subject: [PATCH 705/908] mod/notification-email: $FlushEmailQueue: return on purge --- mod/notification-email.rsc | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index 1d9a0a1..60c1e9b 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -114,6 +114,12 @@ :return true; } + :if ([ :len [ /system/scheduler/find where name="_FlushEmailQueue" ] ] = 0 && \ + [ :typeof $EmailQueue ] = "nothing") do={ + $LogPrint info $0 ("Queue was purged? Exiting."); + :return false; + } + /system/scheduler/set interval=(($SchedVal->"run-count") . "m") \ comment="Waiting for retry..." $Scheduler; } on-error={ From 1e2ca3d21441ac7881b7c556c8d73c70bb92edc6 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 11 Dec 2024 11:28:12 +0100 Subject: [PATCH 706/908] mod/notification-email: $FlushEmailQueue: create scheduler if missing... ... as it is required to be modified several times below. --- mod/notification-email.rsc | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index 60c1e9b..c474750 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -46,9 +46,15 @@ :local AllDone true; :local QueueLen [ :len $EmailQueue ]; :local Scheduler [ /system/scheduler/find where name="_FlushEmailQueue" ]; - :local SchedVal [ /system/scheduler/get $Scheduler ]; - :if ([ :len $Scheduler ] > 0 && ($SchedVal->"interval") < 1m) do={ + :if ([ :len $Scheduler ] < 0) do={ + /system/scheduler/add name="_FlushEmailQueue" interval=1m start-time=startup \ + comment="Doing initial checks..." on-event=(":global FlushEmailQueue; \$FlushEmailQueue;"); + :set Scheduler [ /system/scheduler/find where name="_FlushEmailQueue" ]; + } + + :local SchedVal [ /system/scheduler/get $Scheduler ]; + :if (($SchedVal->"interval") < 1m) do={ /system/scheduler/set interval=1m comment="Doing initial checks..." $Scheduler; } From 8c8c75ca66d59d9368fe3f4fe7f1124a425f41b3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 11 Dec 2024 11:51:17 +0100 Subject: [PATCH 707/908] mod/notification-email: $FlushEmailQueue: move the check up... MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ... as this needs to be done before creating a scheduler. 😜 Also remove the scheduler and return. --- mod/notification-email.rsc | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index c474750..bbce6d0 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -47,6 +47,12 @@ :local QueueLen [ :len $EmailQueue ]; :local Scheduler [ /system/scheduler/find where name="_FlushEmailQueue" ]; + :if ([ :len $Scheduler ] > 0 && $QueueLen = 0) do={ + $LogPrint warning $0 ("Flushing E-Mail messages from scheduler, but queue is empty."); + /system/scheduler/remove $Scheduler; + :return false; + } + :if ([ :len $Scheduler ] < 0) do={ /system/scheduler/add name="_FlushEmailQueue" interval=1m start-time=startup \ comment="Doing initial checks..." on-event=(":global FlushEmailQueue; \$FlushEmailQueue;"); @@ -74,10 +80,6 @@ :return false; } - :if ([ :len $Scheduler ] > 0 && $QueueLen = 0) do={ - $LogPrint warning $0 ("Flushing E-Mail messages from scheduler, but queue is empty."); - } - /system/scheduler/set interval=($QueueLen . "m") comment="Sending..." $Scheduler; :foreach Id,Message in=$EmailQueue do={ From b66332eb464884d69eef56aa5ecb7ae74d1914cc Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 11 Dec 2024 11:58:41 +0100 Subject: [PATCH 708/908] mod/notification-email: $FlushEmailQueue: just return on empty queue --- mod/notification-email.rsc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index bbce6d0..a3291d9 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -53,6 +53,10 @@ :return false; } + :if ($QueueLen = 0) do={ + :return true; + } + :if ([ :len $Scheduler ] < 0) do={ /system/scheduler/add name="_FlushEmailQueue" interval=1m start-time=startup \ comment="Doing initial checks..." on-event=(":global FlushEmailQueue; \$FlushEmailQueue;"); From a7878d664f51ed77a574a5d360c9c53863d0d488 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 11 Dec 2024 12:11:15 +0100 Subject: [PATCH 709/908] fw-addr-lists: do not fail on invalid json data --- fw-addr-lists.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 6682f4a..a195c89 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -92,7 +92,9 @@ :set Line ($Line->0); :local Address; :if ([ :pick $Line 0 1 ] = "{") do={ - :set Address [ :tostr ([ :deserialize from=json $Line ]->"cidr") ]; + :do { + :set Address [ :tostr ([ :deserialize from=json $Line ]->"cidr") ]; + } on-error={ } } else={ :set Address ([ :pick $Line 0 [ $FindDelim $Line ] ] . ($List->"cidr")); } From d1b9b1b410933e0510845c245f742a7df172dc61 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 13 Dec 2024 17:40:49 +0100 Subject: [PATCH 710/908] mod/notification-ntfy: support authentication with bearer token Closes: https://github.com/eworm-de/routeros-scripts/issues/86 --- doc/mod/notification-ntfy.md | 2 ++ global-config.rsc | 1 + mod/notification-ntfy.rsc | 6 ++++++ 3 files changed, 9 insertions(+) diff --git a/doc/mod/notification-ntfy.md b/doc/mod/notification-ntfy.md index 5393d44..04dee35 100644 --- a/doc/mod/notification-ntfy.md +++ b/doc/mod/notification-ntfy.md @@ -52,6 +52,8 @@ basic authentication. Configure `NtfyServerUser` and `NtfyServerPass` for this. Even authentication via access token is possible, adding it as password with a blank username. +Also available is `NtfyServerToken` to add a bearer token for authentication. + For a custom service installing an additional certificate may be required. You may want to install that certificate manually, after finding the [certificate name from browser](../../CERTIFICATES.md). diff --git a/global-config.rsc b/global-config.rsc index 5292853..0c8f738 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -58,6 +58,7 @@ :global NtfyServer "ntfy.sh"; :global NtfyServerUser []; :global NtfyServerPass []; +:global NtfyServerToken []; :global NtfyTopic ""; # It is possible to override e-mail, Telegram, Matrix and Ntfy setting diff --git a/mod/notification-ntfy.rsc b/mod/notification-ntfy.rsc index 7e0234b..7e4eaf0 100644 --- a/mod/notification-ntfy.rsc +++ b/mod/notification-ntfy.rsc @@ -67,6 +67,8 @@ :global NtfyServerOverride; :global NtfyServerPass; :global NtfyServerPassOverride; + :global NtfyServerToken; + :global NtfyServerTokenOverride; :global NtfyServerUser; :global NtfyServerUserOverride; :global NtfyTopic; @@ -83,6 +85,7 @@ :local Server [ $EitherOr ($NtfyServerOverride->($Notification->"origin")) $NtfyServer ]; :local User [ $EitherOr ($NtfyServerUserOverride->($Notification->"origin")) $NtfyServerUser ]; :local Pass [ $EitherOr ($NtfyServerPassOverride->($Notification->"origin")) $NtfyServerPass ]; + :local Token [ $EitherOr ($NtfyServerTokenOverride->($Notification->"origin")) $NtfyServerToken ]; :local Topic [ $EitherOr ($NtfyTopicOverride->($Notification->"origin")) $NtfyTopic ]; :if ([ :len $Topic ] = 0) do={ @@ -93,6 +96,9 @@ :local Headers ({ [ $FetchUserAgentStr ($Notification->"origin") ]; \ ("Priority: " . [ $IfThenElse ($Notification->"silent") "low" "default" ]); \ ("Title: " . "[" . $IdentityExtra . $Identity . "] " . ($Notification->"subject")) }); + :if ([ :len $Token ] > 0) do={ + :set Headers ($Headers, ("Authorization: Bearer " . $Token)); + } :local Text (($Notification->"message") . "\n"); :if ([ :len ($Notification->"link") ] > 0) do={ :set Text ($Text . "\n" . [ $SymbolForNotification "link" ] . ($Notification->"link")); From 6bee4675509e874d2f2ed8ee960f251b5667a451 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 13 Dec 2024 17:48:49 +0100 Subject: [PATCH 711/908] mod/notification-ntfy: add basic authentication in headers This makes it a bit easier and straight forward as we pass the headers anyway. --- mod/notification-ntfy.rsc | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/mod/notification-ntfy.rsc b/mod/notification-ntfy.rsc index 7e4eaf0..f8351fd 100644 --- a/mod/notification-ntfy.rsc +++ b/mod/notification-ntfy.rsc @@ -39,7 +39,7 @@ :do { /tool/fetch check-certificate=yes-without-crl output=none http-method=post \ http-header-field=($Message->"headers") http-data=($Message->"text") \ - ($Message->"url") user=($Message->"user") password=($Message->"pass") as-value; + ($Message->"url") as-value; :set ($NtfyQueue->$Id); } on-error={ $LogPrint debug $0 ("Sending queued Ntfy message failed."); @@ -96,6 +96,9 @@ :local Headers ({ [ $FetchUserAgentStr ($Notification->"origin") ]; \ ("Priority: " . [ $IfThenElse ($Notification->"silent") "low" "default" ]); \ ("Title: " . "[" . $IdentityExtra . $Identity . "] " . ($Notification->"subject")) }); + :if ([ :len $User ] > 0 || [ :len $Pass ] > 0) do={ + :set Headers ($Headers, ("Authorization: Basic " . [ :convert to=base64 ($User . ":" . $Pass) ])); + } :if ([ :len $Token ] > 0) do={ :set Headers ($Headers, ("Authorization: Bearer " . $Token)); } @@ -112,7 +115,7 @@ } } /tool/fetch check-certificate=yes-without-crl output=none http-method=post \ - http-header-field=$Headers http-data=$Text $Url user=$User password=$Pass as-value; + http-header-field=$Headers http-data=$Text $Url as-value; } on-error={ $LogPrint info $0 ("Failed sending ntfy notification! Queuing..."); @@ -123,7 +126,7 @@ "This message was queued since " . [ /system/clock/get date ] . " " . \ [ /system/clock/get time ] . " and may be obsolete."); :set ($NtfyQueue->[ :len $NtfyQueue ]) \ - { url=$Url; user=$User; pass=$Pass; headers=$Headers; text=$Text }; + { url=$Url; headers=$Headers; text=$Text }; :if ([ :len [ /system/scheduler/find where name="_FlushNtfyQueue" ] ] = 0) do={ /system/scheduler/add name="_FlushNtfyQueue" interval=1m start-time=startup \ on-event=(":global FlushNtfyQueue; \$FlushNtfyQueue;"); From ba39c29648282159082dfa999ec40c7fc84b0e3c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 25 Dec 2024 21:47:23 +0100 Subject: [PATCH 712/908] global-functions: $ParseKeyValueStore: split key and value... ... into separate variables. --- global-functions.rsc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index e5e5d50..b212d3a 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -925,8 +925,9 @@ :local Result ({}); :foreach KeyValue in=[ :toarray $Source ] do={ :if ([ :find $KeyValue "=" ]) do={ - :set ($Result->[ :pick $KeyValue 0 [ :find $KeyValue "=" ] ]) \ - [ :pick $KeyValue ([ :find $KeyValue "=" ] + 1) [ :len $KeyValue ] ]; + :local Key [ :pick $KeyValue 0 [ :find $KeyValue "=" ] ]; + :local Value [ :pick $KeyValue ([ :find $KeyValue "=" ] + 1) [ :len $KeyValue ] ]; + :set ($Result->$Key) $Value; } else={ :set ($Result->$KeyValue) true; } From 8212bd6c95935f02335d7d774bd3115a2c071fb1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 25 Dec 2024 21:56:45 +0100 Subject: [PATCH 713/908] global-functions: $ParseKeyValueStore: properly return boolean values --- global-functions.rsc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index b212d3a..766e8a2 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -927,6 +927,8 @@ :if ([ :find $KeyValue "=" ]) do={ :local Key [ :pick $KeyValue 0 [ :find $KeyValue "=" ] ]; :local Value [ :pick $KeyValue ([ :find $KeyValue "=" ] + 1) [ :len $KeyValue ] ]; + :if ($Value="true") do={ :set Value true; } + :if ($Value="false") do={ :set Value false; } :set ($Result->$Key) $Value; } else={ :set ($Result->$KeyValue) true; From ef3ce7cc6c43b28e6a80345d9861775767ba86f4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 25 Dec 2024 22:22:30 +0100 Subject: [PATCH 714/908] global-functions: $ParseKeyValueStore: support JSON as input This used to require a key=value store, separated with commas. An example for `netwatch-notify` is: /tool/netwatch/add comment="notify, name=example.com" host=93.184.215.14; Now JSON is supported as well, so you could use: /tool/netwatch/add comment="{\"notify\":true,\"name\":\"example.com\"}" host=93.184.215.14; Looks more clumsy here, but may be of help in more complex setups... --- global-functions.rsc | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 766e8a2..85818b4 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -919,6 +919,13 @@ # parse key value store :set ParseKeyValueStore do={ :local Source $1; + + :if ([ :pick $Source 0 1 ] = "{") do={ + :do { + :return [ :deserialize from=json $Source ]; + } on-error={ } + } + :if ([ :typeof $Source ] != "array") do={ :set Source [ :tostr $1 ]; } From 3ada3055fff08e655864f4e8e07f060b73077394 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 30 Dec 2024 19:51:42 +0100 Subject: [PATCH 715/908] fw-addr-lists: spamhaus.org returned to 'ISRG Root X1' This reverts commit 4d8dce97691ad090091574a790449a7bd564023c. --- certs/Makefile | 2 +- global-config.rsc | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/certs/Makefile b/certs/Makefile index 870cb54..9ce8dd4 100644 --- a/certs/Makefile +++ b/certs/Makefile @@ -22,7 +22,7 @@ DOMAINS = \ sslbl.abuse.ch/GlobalSign \ upgrade.mikrotik.com/ISRG-Root-X1 \ www.dshield.org/ISRG-Root-X1 \ - www.spamhaus.org/GTS-Root-R4 + www.spamhaus.org/ISRG-Root-X1 .PHONY: $(DOMAINS) diff --git a/global-config.rsc b/global-config.rsc index 0c8f738..cd41a9c 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -107,9 +107,9 @@ { url="https://lists.blocklist.de/lists/strongips.txt"; cert="Certum Trusted Network CA" }; # { url="https://www.spamhaus.org/drop/drop_v4.json"; -# cert="GTS Root R4" }; +# cert="ISRG Root X1" }; # { url="https://www.spamhaus.org/drop/drop_v6.json"; -# cert="GTS Root R4" }; +# cert="ISRG Root X1" }; }; # "mikrotik"={ # { url="https://git.eworm.de/cgit/routeros-scripts/plain/fw-addr-lists.d/mikrotik"; From 191cc1b952b469c474b0181ebdee0ccfd47ae75b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 30 Dec 2024 20:09:46 +0100 Subject: [PATCH 716/908] global-functions: $FetchHuge: another workaround for complete file MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Turns out the workaround in $WaitForFile (commit 8231c3e833ee83a118f4d8395c097e6a9f312c2f) is not sufficient. It helps sometimes, but not always. Possibly depends on CPU speed and bandwidth of internet connection... Who knows!? 🤪 But! Reading the file goes beyond the known file size. That's suspicious and indicates this exact issue. So add a delay, and keep reading until sizes are equal. --- global-functions.rsc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 85818b4..a59eca1 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -479,9 +479,13 @@ :local FileSize [ /file/get $FileName size ]; :local Return ""; :local VarSize 0; - :while ($VarSize < $FileSize) do={ + :while ($VarSize != $FileSize) do={ :set Return ($Return . ([ /file/read offset=$VarSize chunk-size=32768 file=$FileName as-value ]->"data")); + :set FileSize [ /file/get $FileName size ]; :set VarSize [ :len $Return ]; + :if ($VarSize > $FileSize) do={ + :delay 100ms; + } } /file/remove $DirName; :return $Return; From b98b2457140701261b299af0a2d742bf6aa2b9bc Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 30 Dec 2024 20:22:51 +0100 Subject: [PATCH 717/908] global-functions: $WaitForFile: drop the first workaround This reverts commit 8231c3e833ee83a118f4d8395c097e6a9f312c2f. Truned out this workaround was not sufficient, see the follow-up in commit 191cc1b952b469c474b0181ebdee0ccfd47ae75b for details. But possibly the second one does it on its own? Reverting this for a test run. --- global-functions.rsc | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index a59eca1..d5df5e7 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1591,16 +1591,6 @@ :delay $Delay; :set I ($I + 1); } - - :local File [ /file/find where name=$FileName ]; - :local SizeA 0; - :local SizeB 1; - :while ($SizeA < $SizeB) do={ - :set SizeA $SizeB; - :delay $Delay; - :set SizeB [ /file/get $File size ]; - } - :return true; } From 9e3729c27990a7ecbdc73694319b924ee00ba867 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 2 Jan 2025 00:04:06 +0100 Subject: [PATCH 718/908] update copyright for 2025 --- accesslist-duplicates.capsman.rsc | 2 +- accesslist-duplicates.local.rsc | 2 +- accesslist-duplicates.template.rsc | 2 +- accesslist-duplicates.wifi.rsc | 2 +- backup-cloud.rsc | 2 +- backup-email.rsc | 2 +- backup-partition.rsc | 2 +- backup-upload.rsc | 2 +- capsman-download-packages.capsman.rsc | 2 +- capsman-download-packages.template.rsc | 2 +- capsman-download-packages.wifi.rsc | 2 +- capsman-rolling-upgrade.capsman.rsc | 2 +- capsman-rolling-upgrade.template.rsc | 2 +- capsman-rolling-upgrade.wifi.rsc | 2 +- certificate-renew-issued.rsc | 2 +- check-certificates.rsc | 2 +- check-health.rsc | 2 +- check-lte-firmware-upgrade.rsc | 2 +- check-routeros-update.rsc | 2 +- collect-wireless-mac.capsman.rsc | 2 +- collect-wireless-mac.local.rsc | 2 +- collect-wireless-mac.template.rsc | 2 +- collect-wireless-mac.wifi.rsc | 2 +- daily-psk.capsman.rsc | 2 +- daily-psk.local.rsc | 2 +- daily-psk.template.rsc | 2 +- daily-psk.wifi.rsc | 2 +- dhcp-lease-comment.capsman.rsc | 2 +- dhcp-lease-comment.local.rsc | 2 +- dhcp-lease-comment.template.rsc | 2 +- dhcp-lease-comment.wifi.rsc | 2 +- dhcp-to-dns.rsc | 2 +- firmware-upgrade-reboot.rsc | 2 +- fw-addr-lists.rsc | 2 +- global-config-overlay.rsc | 2 +- global-config.rsc | 2 +- global-functions.rsc | 2 +- global-wait.rsc | 2 +- gps-track.rsc | 2 +- hotspot-to-wpa-cleanup.capsman.rsc | 2 +- hotspot-to-wpa-cleanup.template.rsc | 2 +- hotspot-to-wpa-cleanup.wifi.rsc | 2 +- hotspot-to-wpa.capsman.rsc | 2 +- hotspot-to-wpa.template.rsc | 2 +- hotspot-to-wpa.wifi.rsc | 2 +- ip-addr-bridge.rsc | 2 +- ipsec-to-dns.rsc | 2 +- ipv6-update.rsc | 2 +- lease-script.rsc | 2 +- leds-day-mode.rsc | 2 +- leds-night-mode.rsc | 2 +- leds-toggle-mode.rsc | 2 +- log-forward.rsc | 2 +- mod/bridge-port-to.rsc | 2 +- mod/bridge-port-vlan.rsc | 2 +- mod/inspectvar.rsc | 2 +- mod/ipcalc.rsc | 2 +- mod/notification-email.rsc | 2 +- mod/notification-matrix.rsc | 2 +- mod/notification-ntfy.rsc | 2 +- mod/notification-telegram.rsc | 2 +- mod/scriptrunonce.rsc | 2 +- mod/ssh-keys-import.rsc | 2 +- mode-button.rsc | 2 +- netwatch-dns.rsc | 2 +- netwatch-notify.rsc | 2 +- news-and-changes.rsc | 2 +- ospf-to-leds.rsc | 2 +- packages-update.rsc | 2 +- ppp-on-up.rsc | 2 +- sms-action.rsc | 2 +- sms-forward.rsc | 2 +- super-mario-theme.rsc | 2 +- telegram-chat.rsc | 2 +- unattended-lte-firmware-upgrade.rsc | 2 +- update-gre-address.rsc | 2 +- update-tunnelbroker.rsc | 2 +- 77 files changed, 77 insertions(+), 77 deletions(-) diff --git a/accesslist-duplicates.capsman.rsc b/accesslist-duplicates.capsman.rsc index ce0ce11..b611917 100644 --- a/accesslist-duplicates.capsman.rsc +++ b/accesslist-duplicates.capsman.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: accesslist-duplicates.capsman -# Copyright (c) 2018-2024 Christian Hesse +# Copyright (c) 2018-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/accesslist-duplicates.local.rsc b/accesslist-duplicates.local.rsc index aa78fe8..ef0cf32 100644 --- a/accesslist-duplicates.local.rsc +++ b/accesslist-duplicates.local.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: accesslist-duplicates.local -# Copyright (c) 2018-2024 Christian Hesse +# Copyright (c) 2018-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/accesslist-duplicates.template.rsc b/accesslist-duplicates.template.rsc index d0c282d..ab5b671 100644 --- a/accesslist-duplicates.template.rsc +++ b/accesslist-duplicates.template.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: accesslist-duplicates%TEMPL% -# Copyright (c) 2018-2024 Christian Hesse +# Copyright (c) 2018-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/accesslist-duplicates.wifi.rsc b/accesslist-duplicates.wifi.rsc index b1444e3..0205598 100644 --- a/accesslist-duplicates.wifi.rsc +++ b/accesslist-duplicates.wifi.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: accesslist-duplicates.wifi -# Copyright (c) 2018-2024 Christian Hesse +# Copyright (c) 2018-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/backup-cloud.rsc b/backup-cloud.rsc index 4cc7a58..37ca92f 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: backup-cloud -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: backup-script, order=40 diff --git a/backup-email.rsc b/backup-email.rsc index e1d44ea..489927b 100644 --- a/backup-email.rsc +++ b/backup-email.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: backup-email -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: backup-script, order=20 diff --git a/backup-partition.rsc b/backup-partition.rsc index f1e1c17..b2b75ac 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: backup-partition -# Copyright (c) 2022-2024 Christian Hesse +# Copyright (c) 2022-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: backup-script, order=70 diff --git a/backup-upload.rsc b/backup-upload.rsc index 12698e9..e050140 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: backup-upload -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: backup-script, order=50 diff --git a/capsman-download-packages.capsman.rsc b/capsman-download-packages.capsman.rsc index 1802884..4609498 100644 --- a/capsman-download-packages.capsman.rsc +++ b/capsman-download-packages.capsman.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: capsman-download-packages.capsman -# Copyright (c) 2018-2024 Christian Hesse +# Copyright (c) 2018-2025 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index 72edaa9..642a068 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: capsman-download-packages%TEMPL% -# Copyright (c) 2018-2024 Christian Hesse +# Copyright (c) 2018-2025 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/capsman-download-packages.wifi.rsc b/capsman-download-packages.wifi.rsc index 74a5d9d..1ea9b79 100644 --- a/capsman-download-packages.wifi.rsc +++ b/capsman-download-packages.wifi.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: capsman-download-packages.wifi -# Copyright (c) 2018-2024 Christian Hesse +# Copyright (c) 2018-2025 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/capsman-rolling-upgrade.capsman.rsc b/capsman-rolling-upgrade.capsman.rsc index d0f9fb8..7a5ed81 100644 --- a/capsman-rolling-upgrade.capsman.rsc +++ b/capsman-rolling-upgrade.capsman.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: capsman-rolling-upgrade.capsman -# Copyright (c) 2018-2024 Christian Hesse +# Copyright (c) 2018-2025 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/capsman-rolling-upgrade.template.rsc b/capsman-rolling-upgrade.template.rsc index 1bd5f2a..fd7e31f 100644 --- a/capsman-rolling-upgrade.template.rsc +++ b/capsman-rolling-upgrade.template.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: capsman-rolling-upgrade%TEMPL% -# Copyright (c) 2018-2024 Christian Hesse +# Copyright (c) 2018-2025 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/capsman-rolling-upgrade.wifi.rsc b/capsman-rolling-upgrade.wifi.rsc index c9e6622..3fb99b8 100644 --- a/capsman-rolling-upgrade.wifi.rsc +++ b/capsman-rolling-upgrade.wifi.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: capsman-rolling-upgrade.wifi -# Copyright (c) 2018-2024 Christian Hesse +# Copyright (c) 2018-2025 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/certificate-renew-issued.rsc b/certificate-renew-issued.rsc index ce61f7d..32c3267 100644 --- a/certificate-renew-issued.rsc +++ b/certificate-renew-issued.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: certificate-renew-issued -# Copyright (c) 2019-2024 Christian Hesse +# Copyright (c) 2019-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/check-certificates.rsc b/check-certificates.rsc index 52cfc5e..226364b 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: check-certificates -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/check-health.rsc b/check-health.rsc index 495b450..d3586db 100644 --- a/check-health.rsc +++ b/check-health.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: check-health -# Copyright (c) 2019-2024 Christian Hesse +# Copyright (c) 2019-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/check-lte-firmware-upgrade.rsc b/check-lte-firmware-upgrade.rsc index 898d6f1..cd9f979 100644 --- a/check-lte-firmware-upgrade.rsc +++ b/check-lte-firmware-upgrade.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: check-lte-firmware-upgrade -# Copyright (c) 2018-2024 Christian Hesse +# Copyright (c) 2018-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index a2e39b6..c3d2625 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: check-routeros-update -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/collect-wireless-mac.capsman.rsc b/collect-wireless-mac.capsman.rsc index 77fd6e3..05e4b89 100644 --- a/collect-wireless-mac.capsman.rsc +++ b/collect-wireless-mac.capsman.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: collect-wireless-mac.capsman -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=40 diff --git a/collect-wireless-mac.local.rsc b/collect-wireless-mac.local.rsc index dc7be19..67c1a98 100644 --- a/collect-wireless-mac.local.rsc +++ b/collect-wireless-mac.local.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: collect-wireless-mac.local -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=40 diff --git a/collect-wireless-mac.template.rsc b/collect-wireless-mac.template.rsc index 34b1695..84a9667 100644 --- a/collect-wireless-mac.template.rsc +++ b/collect-wireless-mac.template.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: collect-wireless-mac%TEMPL% -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=40 diff --git a/collect-wireless-mac.wifi.rsc b/collect-wireless-mac.wifi.rsc index 23c93b0..fa4953b 100644 --- a/collect-wireless-mac.wifi.rsc +++ b/collect-wireless-mac.wifi.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: collect-wireless-mac.wifi -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=40 diff --git a/daily-psk.capsman.rsc b/daily-psk.capsman.rsc index 263f6e5..f41da29 100644 --- a/daily-psk.capsman.rsc +++ b/daily-psk.capsman.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: daily-psk.capsman -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/daily-psk.local.rsc b/daily-psk.local.rsc index f0757e1..2920cb5 100644 --- a/daily-psk.local.rsc +++ b/daily-psk.local.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: daily-psk.local -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/daily-psk.template.rsc b/daily-psk.template.rsc index 7e36b5a..05c376e 100644 --- a/daily-psk.template.rsc +++ b/daily-psk.template.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: daily-psk%TEMPL% -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/daily-psk.wifi.rsc b/daily-psk.wifi.rsc index 293f0e4..4182ab8 100644 --- a/daily-psk.wifi.rsc +++ b/daily-psk.wifi.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: daily-psk.wifi -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/dhcp-lease-comment.capsman.rsc b/dhcp-lease-comment.capsman.rsc index 5ac0009..947181b 100644 --- a/dhcp-lease-comment.capsman.rsc +++ b/dhcp-lease-comment.capsman.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: dhcp-lease-comment.capsman -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=60 diff --git a/dhcp-lease-comment.local.rsc b/dhcp-lease-comment.local.rsc index 1b74d93..27306dd 100644 --- a/dhcp-lease-comment.local.rsc +++ b/dhcp-lease-comment.local.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: dhcp-lease-comment.local -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=60 diff --git a/dhcp-lease-comment.template.rsc b/dhcp-lease-comment.template.rsc index 8f1ad47..8552b26 100644 --- a/dhcp-lease-comment.template.rsc +++ b/dhcp-lease-comment.template.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: dhcp-lease-comment%TEMPL% -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=60 diff --git a/dhcp-lease-comment.wifi.rsc b/dhcp-lease-comment.wifi.rsc index d3741c5..bf67bd0 100644 --- a/dhcp-lease-comment.wifi.rsc +++ b/dhcp-lease-comment.wifi.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: dhcp-lease-comment.wifi -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=60 diff --git a/dhcp-to-dns.rsc b/dhcp-to-dns.rsc index ad55c4d..1eb832a 100644 --- a/dhcp-to-dns.rsc +++ b/dhcp-to-dns.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: dhcp-to-dns -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=20 diff --git a/firmware-upgrade-reboot.rsc b/firmware-upgrade-reboot.rsc index 9655903..f9e557c 100644 --- a/firmware-upgrade-reboot.rsc +++ b/firmware-upgrade-reboot.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: firmware-upgrade-reboot -# Copyright (c) 2022-2024 Christian Hesse +# Copyright (c) 2022-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index a195c89..e98a610 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: fw-addr-lists -# Copyright (c) 2023-2024 Christian Hesse +# Copyright (c) 2023-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.16 diff --git a/global-config-overlay.rsc b/global-config-overlay.rsc index 9ffd90c..227ae5a 100644 --- a/global-config-overlay.rsc +++ b/global-config-overlay.rsc @@ -1,5 +1,5 @@ # Overlay for global configuration by RouterOS Scripts -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # global configuration, custom overlay diff --git a/global-config.rsc b/global-config.rsc index cd41a9c..1f4e9ca 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: global-config -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # global configuration diff --git a/global-functions.rsc b/global-functions.rsc index d5df5e7..a2dd279 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: global-functions -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/global-wait.rsc b/global-wait.rsc index f0631e2..529dbd7 100644 --- a/global-wait.rsc +++ b/global-wait.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: global-wait -# Copyright (c) 2020-2024 Christian Hesse +# Copyright (c) 2020-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/gps-track.rsc b/gps-track.rsc index c0ecac4..1bd976a 100644 --- a/gps-track.rsc +++ b/gps-track.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: gps-track -# Copyright (c) 2018-2024 Christian Hesse +# Copyright (c) 2018-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/hotspot-to-wpa-cleanup.capsman.rsc b/hotspot-to-wpa-cleanup.capsman.rsc index 8a38213..1d27faf 100644 --- a/hotspot-to-wpa-cleanup.capsman.rsc +++ b/hotspot-to-wpa-cleanup.capsman.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: hotspot-to-wpa-cleanup.capsman -# Copyright (c) 2021-2024 Christian Hesse +# Copyright (c) 2021-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=80 diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc index e8d2dfb..f92dbe5 100644 --- a/hotspot-to-wpa-cleanup.template.rsc +++ b/hotspot-to-wpa-cleanup.template.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: hotspot-to-wpa-cleanup%TEMPL% -# Copyright (c) 2021-2024 Christian Hesse +# Copyright (c) 2021-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=80 diff --git a/hotspot-to-wpa-cleanup.wifi.rsc b/hotspot-to-wpa-cleanup.wifi.rsc index e2ef1fd..cd21593 100644 --- a/hotspot-to-wpa-cleanup.wifi.rsc +++ b/hotspot-to-wpa-cleanup.wifi.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: hotspot-to-wpa-cleanup.wifi -# Copyright (c) 2021-2024 Christian Hesse +# Copyright (c) 2021-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # provides: lease-script, order=80 diff --git a/hotspot-to-wpa.capsman.rsc b/hotspot-to-wpa.capsman.rsc index e57d327..d962ba7 100644 --- a/hotspot-to-wpa.capsman.rsc +++ b/hotspot-to-wpa.capsman.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: hotspot-to-wpa.capsman -# Copyright (c) 2019-2024 Christian Hesse +# Copyright (c) 2019-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/hotspot-to-wpa.template.rsc b/hotspot-to-wpa.template.rsc index efe37d0..3438be7 100644 --- a/hotspot-to-wpa.template.rsc +++ b/hotspot-to-wpa.template.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: hotspot-to-wpa%TEMPL% -# Copyright (c) 2019-2024 Christian Hesse +# Copyright (c) 2019-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/hotspot-to-wpa.wifi.rsc b/hotspot-to-wpa.wifi.rsc index 6242d04..a2bb3ca 100644 --- a/hotspot-to-wpa.wifi.rsc +++ b/hotspot-to-wpa.wifi.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: hotspot-to-wpa.wifi -# Copyright (c) 2019-2024 Christian Hesse +# Copyright (c) 2019-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/ip-addr-bridge.rsc b/ip-addr-bridge.rsc index 758cd46..00b45a3 100644 --- a/ip-addr-bridge.rsc +++ b/ip-addr-bridge.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: ip-addr-bridge -# Copyright (c) 2018-2024 Christian Hesse +# Copyright (c) 2018-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # enable or disable ip addresses based on bridge port state diff --git a/ipsec-to-dns.rsc b/ipsec-to-dns.rsc index 47676ca..39b21d5 100644 --- a/ipsec-to-dns.rsc +++ b/ipsec-to-dns.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: ipsec-to-dns -# Copyright (c) 2021-2024 Christian Hesse +# Copyright (c) 2021-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/ipv6-update.rsc b/ipv6-update.rsc index ea1d444..a2fb831 100644 --- a/ipv6-update.rsc +++ b/ipv6-update.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: ipv6-update -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/lease-script.rsc b/lease-script.rsc index 995c7e4..3d0fc72 100644 --- a/lease-script.rsc +++ b/lease-script.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: lease-script -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/leds-day-mode.rsc b/leds-day-mode.rsc index b7c6b5b..e0f08d6 100644 --- a/leds-day-mode.rsc +++ b/leds-day-mode.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: leds-day-mode -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # enable LEDs diff --git a/leds-night-mode.rsc b/leds-night-mode.rsc index fb7c7a2..1f50dfd 100644 --- a/leds-night-mode.rsc +++ b/leds-night-mode.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: leds-night-mode -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # disable LEDs diff --git a/leds-toggle-mode.rsc b/leds-toggle-mode.rsc index 07e12ae..55d5b82 100644 --- a/leds-toggle-mode.rsc +++ b/leds-toggle-mode.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: leds-toggle-mode -# Copyright (c) 2018-2024 Christian Hesse +# Copyright (c) 2018-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # toggle LEDs mode diff --git a/log-forward.rsc b/log-forward.rsc index 8e660fc..8c2ebc0 100644 --- a/log-forward.rsc +++ b/log-forward.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: log-forward -# Copyright (c) 2020-2024 Christian Hesse +# Copyright (c) 2020-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/mod/bridge-port-to.rsc b/mod/bridge-port-to.rsc index 9e7b911..ec6f612 100644 --- a/mod/bridge-port-to.rsc +++ b/mod/bridge-port-to.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: mod/bridge-port-to -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/mod/bridge-port-vlan.rsc b/mod/bridge-port-vlan.rsc index 18fa2db..6221646 100644 --- a/mod/bridge-port-vlan.rsc +++ b/mod/bridge-port-vlan.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: mod/bridge-port-vlan -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/mod/inspectvar.rsc b/mod/inspectvar.rsc index 0209214..01724bb 100644 --- a/mod/inspectvar.rsc +++ b/mod/inspectvar.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: mod/inspectvar -# Copyright (c) 2020-2024 Christian Hesse +# Copyright (c) 2020-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/mod/ipcalc.rsc b/mod/ipcalc.rsc index 021cd30..69dec8b 100644 --- a/mod/ipcalc.rsc +++ b/mod/ipcalc.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: mod/ipcalc -# Copyright (c) 2020-2024 Christian Hesse +# Copyright (c) 2020-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index a3291d9..6d700f5 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: mod/notification-email -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/mod/notification-matrix.rsc b/mod/notification-matrix.rsc index 14f369d..aad8b42 100644 --- a/mod/notification-matrix.rsc +++ b/mod/notification-matrix.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: mod/notification-matrix -# Copyright (c) 2013-2024 Michael Gisbers +# Copyright (c) 2013-2025 Michael Gisbers # Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/mod/notification-ntfy.rsc b/mod/notification-ntfy.rsc index f8351fd..53ba9b4 100644 --- a/mod/notification-ntfy.rsc +++ b/mod/notification-ntfy.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: mod/notification-ntfy -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index 7d75b8b..f9700cf 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: mod/notification-telegram -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/mod/scriptrunonce.rsc b/mod/scriptrunonce.rsc index c8dcf26..7e01e72 100644 --- a/mod/scriptrunonce.rsc +++ b/mod/scriptrunonce.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: mod/scriptrunonece -# Copyright (c) 2020-2024 Christian Hesse +# Copyright (c) 2020-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/mod/ssh-keys-import.rsc b/mod/ssh-keys-import.rsc index 583e827..ad3a81e 100644 --- a/mod/ssh-keys-import.rsc +++ b/mod/ssh-keys-import.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: mod/ssh-keys-import -# Copyright (c) 2020-2024 Christian Hesse +# Copyright (c) 2020-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.16 diff --git a/mode-button.rsc b/mode-button.rsc index 90fe80e..f8bd7b8 100644 --- a/mode-button.rsc +++ b/mode-button.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: mode-button -# Copyright (c) 2018-2024 Christian Hesse +# Copyright (c) 2018-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/netwatch-dns.rsc b/netwatch-dns.rsc index a704c84..81f9d95 100644 --- a/netwatch-dns.rsc +++ b/netwatch-dns.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: netwatch-dns -# Copyright (c) 2022-2024 Christian Hesse +# Copyright (c) 2022-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.16 diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index f1e87bd..e79977e 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: netwatch-notify -# Copyright (c) 2020-2024 Christian Hesse +# Copyright (c) 2020-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.15 diff --git a/news-and-changes.rsc b/news-and-changes.rsc index 9ab811d..545a0c9 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -1,5 +1,5 @@ # News, changes and migration by RouterOS Scripts -# Copyright (c) 2019-2024 Christian Hesse +# Copyright (c) 2019-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md :global IDonate; diff --git a/ospf-to-leds.rsc b/ospf-to-leds.rsc index d96e763..3400e7f 100644 --- a/ospf-to-leds.rsc +++ b/ospf-to-leds.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: ospf-to-leds -# Copyright (c) 2020-2024 Christian Hesse +# Copyright (c) 2020-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/packages-update.rsc b/packages-update.rsc index 924a5d9..a79946d 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: packages-update -# Copyright (c) 2019-2024 Christian Hesse +# Copyright (c) 2019-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/ppp-on-up.rsc b/ppp-on-up.rsc index 13b42c7..a776ce2 100644 --- a/ppp-on-up.rsc +++ b/ppp-on-up.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: ppp-on-up -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/sms-action.rsc b/sms-action.rsc index fd3096c..f22a0bb 100644 --- a/sms-action.rsc +++ b/sms-action.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: sms-action -# Copyright (c) 2018-2024 Christian Hesse +# Copyright (c) 2018-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/sms-forward.rsc b/sms-forward.rsc index 8334d5f..efebb75 100644 --- a/sms-forward.rsc +++ b/sms-forward.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: sms-forward -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # Anatoly Bubenkov # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # diff --git a/super-mario-theme.rsc b/super-mario-theme.rsc index 63308b0..fc868c8 100644 --- a/super-mario-theme.rsc +++ b/super-mario-theme.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: super-mario-theme -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # play Super Mario theme diff --git a/telegram-chat.rsc b/telegram-chat.rsc index 8589aab..eebb617 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: telegram-chat -# Copyright (c) 2023-2024 Christian Hesse +# Copyright (c) 2023-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.15 diff --git a/unattended-lte-firmware-upgrade.rsc b/unattended-lte-firmware-upgrade.rsc index 7ce4028..f1bc552 100644 --- a/unattended-lte-firmware-upgrade.rsc +++ b/unattended-lte-firmware-upgrade.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: unattended-lte-firmware-upgrade -# Copyright (c) 2018-2024 Christian Hesse +# Copyright (c) 2018-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # schedule unattended lte firmware upgrade diff --git a/update-gre-address.rsc b/update-gre-address.rsc index 87762d6..4ac311a 100644 --- a/update-gre-address.rsc +++ b/update-gre-address.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: update-gre-address -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # # requires RouterOS, version=7.14 diff --git a/update-tunnelbroker.rsc b/update-tunnelbroker.rsc index dd43c64..589544c 100644 --- a/update-tunnelbroker.rsc +++ b/update-tunnelbroker.rsc @@ -1,6 +1,6 @@ #!rsc by RouterOS # RouterOS script: update-tunnelbroker -# Copyright (c) 2013-2024 Christian Hesse +# Copyright (c) 2013-2025 Christian Hesse # Michael Gisbers # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # From db508ddcd1a4bb78af95e5d96a4f626173d29557 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 6 Jan 2025 09:30:05 +0100 Subject: [PATCH 719/908] backup-cloud: refuse when running from backup partition --- backup-cloud.rsc | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/backup-cloud.rsc b/backup-cloud.rsc index 37ca92f..f32a04d 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -38,6 +38,14 @@ :set ExitOK true; :error false; } + + :if ([ :len [ /system/scheduler/find where name="running-from-backup-partition" ] ] > 0) do={ + $LogPrint warning $ScriptName ("Running from backup partition, refusing to act."); + :set PackagesUpdateBackupFailure true; + :set ExitOK true; + :error false; + } + $WaitFullyConnected; :if ([ $ScriptFromTerminal $ScriptName ] = false && $BackupRandomDelay > 0) do={ From 303c39390068ebf0ab5cba3bbb967d6079fbdeb2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 6 Jan 2025 09:30:20 +0100 Subject: [PATCH 720/908] backup-email: refuse when running from backup partition --- backup-email.rsc | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/backup-email.rsc b/backup-email.rsc index 489927b..731fb95 100644 --- a/backup-email.rsc +++ b/backup-email.rsc @@ -56,6 +56,14 @@ :set ExitOK true; :error false; } + + :if ([ :len [ /system/scheduler/find where name="running-from-backup-partition" ] ] > 0) do={ + $LogPrint warning $ScriptName ("Running from backup partition, refusing to act."); + :set PackagesUpdateBackupFailure true; + :set ExitOK true; + :error false; + } + $WaitFullyConnected; :if ([ $ScriptFromTerminal $ScriptName ] = false && $BackupRandomDelay > 0) do={ From 6c990079a6c6f92c748f98a5128e7438e05caefb Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 6 Jan 2025 09:26:44 +0100 Subject: [PATCH 721/908] backup-partition: refuse when running from backup partition --- backup-partition.rsc | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/backup-partition.rsc b/backup-partition.rsc index b2b75ac..2298225 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -47,6 +47,13 @@ :error false; } + :if ([ :len [ /system/scheduler/find where name="running-from-backup-partition" ] ] > 0) do={ + $LogPrint warning $ScriptName ("Running from backup partition, refusing to act."); + :set PackagesUpdateBackupFailure true; + :set ExitOK true; + :error false; + } + :if ([ :len [ /partitions/find ] ] < 2) do={ $LogPrint error $ScriptName ("Device does not have a fallback partition."); :set PackagesUpdateBackupFailure true; From d9693f4d5f783935cd2e47479889cc035b294934 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 6 Jan 2025 09:30:38 +0100 Subject: [PATCH 722/908] backup-upload: refuse when running from backup partition --- backup-upload.rsc | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/backup-upload.rsc b/backup-upload.rsc index e050140..e035415 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -53,6 +53,14 @@ :set ExitOK true; :error false; } + + :if ([ :len [ /system/scheduler/find where name="running-from-backup-partition" ] ] > 0) do={ + $LogPrint warning $ScriptName ("Running from backup partition, refusing to act."); + :set PackagesUpdateBackupFailure true; + :set ExitOK true; + :error false; + } + $WaitFullyConnected; :if ([ $ScriptFromTerminal $ScriptName ] = false && $BackupRandomDelay > 0) do={ From 665516b33de8d4d58d18274e05a0180cf6978af0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 6 Jan 2025 09:30:59 +0100 Subject: [PATCH 723/908] check-routeros-update: refuse when running from backup partition --- check-routeros-update.rsc | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index c3d2625..19abebf 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -51,6 +51,13 @@ :set ExitOK true; :error false; } + + :if ([ :len [ /system/scheduler/find where name="running-from-backup-partition" ] ] > 0) do={ + $LogPrint warning $ScriptName ("Running from backup partition, refusing to act."); + :set ExitOK true; + :error false; + } + $WaitFullyConnected; :if ([ :len [ /system/scheduler/find where name="_RebootForUpdate" ] ] > 0) do={ From ce2d090e998d51b92376f3470b829f598f3ce5bd Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 6 Jan 2025 09:31:13 +0100 Subject: [PATCH 724/908] packages-update: refuse when running from backup partition --- packages-update.rsc | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/packages-update.rsc b/packages-update.rsc index a79946d..7644219 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -50,6 +50,12 @@ :error false; } + :if ([ :len [ /system/scheduler/find where name="running-from-backup-partition" ] ] > 0) do={ + $LogPrint warning $ScriptName ("Running from backup partition, refusing to act."); + :set ExitOK true; + :error false; + } + :local Update [ /system/package/update/get ]; :if ([ :typeof ($Update->"latest-version") ] = "nothing") do={ From 98791f48fdb684f946fb94e8735b1073942cd731 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 9 Jan 2025 13:20:45 +0100 Subject: [PATCH 725/908] ppp-on-up: release only bound ipv6 dhcp clients --- ppp-on-up.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ppp-on-up.rsc b/ppp-on-up.rsc index a776ce2..ba9d0aa 100644 --- a/ppp-on-up.rsc +++ b/ppp-on-up.rsc @@ -28,7 +28,7 @@ :local IntName [ /interface/get $Interface name ]; $LogPrint info $ScriptName ("PPP interface " . $IntName . " is up."); - /ipv6/dhcp-client/release [ find where interface=$IntName !disabled ]; + /ipv6/dhcp-client/release [ find where interface=$IntName !disabled bound ]; :foreach Script in=[ /system/script/find where source~("\n# provides: ppp-on-up\r?\n") ] do={ :local ScriptName [ /system/script/get $Script name ]; From e8b1e19b284af74032e1edcbb08665752dbe508a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 22 Nov 2024 14:06:22 +0100 Subject: [PATCH 726/908] fw-addr-lists: spamhaus.org returned to 'GTS Root R4' --- certs/Makefile | 2 +- global-config.rsc | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/certs/Makefile b/certs/Makefile index 9ce8dd4..870cb54 100644 --- a/certs/Makefile +++ b/certs/Makefile @@ -22,7 +22,7 @@ DOMAINS = \ sslbl.abuse.ch/GlobalSign \ upgrade.mikrotik.com/ISRG-Root-X1 \ www.dshield.org/ISRG-Root-X1 \ - www.spamhaus.org/ISRG-Root-X1 + www.spamhaus.org/GTS-Root-R4 .PHONY: $(DOMAINS) diff --git a/global-config.rsc b/global-config.rsc index 1f4e9ca..c63283d 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -107,9 +107,9 @@ { url="https://lists.blocklist.de/lists/strongips.txt"; cert="Certum Trusted Network CA" }; # { url="https://www.spamhaus.org/drop/drop_v4.json"; -# cert="ISRG Root X1" }; +# cert="GTS Root R4" }; # { url="https://www.spamhaus.org/drop/drop_v6.json"; -# cert="ISRG Root X1" }; +# cert="GTS Root R4" }; }; # "mikrotik"={ # { url="https://git.eworm.de/cgit/routeros-scripts/plain/fw-addr-lists.d/mikrotik"; From ccf17a438cd10f77f0f0c0cd83f6f6729b6479c7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 23 Jan 2025 23:07:38 +0100 Subject: [PATCH 727/908] global-config: download scripts from rsc.eworm.de MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Currently AI bots are crawling website all around the world. For a website hosting git content this adds a lot of extra load and traffic: The site has lots of sections, repositories have a lot of files, branches, tags, commit ids, etc... Multiply that and you have a nearly unlimited number of unique urls. The bots try to get each and every of these. To speed up the learing process on their side a swarm of hundreds, thousands or more ip addresses is active at the same time, ultimately DDOS'ing the websites, making it inaccessible. 😳🤬 Well, there is one single file all of these AI bots are not interested in: robots.txt 🤬🤬 On top some use random user agent strings, making filtering impossible. 🤬🤬🤬 For a short term sulution I deploy the repository content as static files, hopefully making these accessible at least. We will see. --- global-config.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/global-config.rsc b/global-config.rsc index c63283d..3e17320 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -217,14 +217,16 @@ :global GpsTrackUrl "https://example.com/index.php"; # This is the base url to fetch scripts from. -:global ScriptUpdatesBaseUrl "https://git.eworm.de/cgit/routeros-scripts/plain/"; +:global ScriptUpdatesBaseUrl "https://rsc.eworm.de/main/"; # alternative urls - main: stable code - next: currently in development +#:global ScriptUpdatesBaseUrl "https://rsc.eworm.de/next/"; +#:global ScriptUpdatesBaseUrl "https://git.eworm.de/cgit/routeros-scripts/plain/"; #:global ScriptUpdatesBaseUrl "https://raw.githubusercontent.com/eworm-de/routeros-scripts/main/"; #:global ScriptUpdatesBaseUrl "https://raw.githubusercontent.com/eworm-de/routeros-scripts/next/"; #:global ScriptUpdatesBaseUrl "https://gitlab.com/eworm-de/routeros-scripts/raw/main/"; #:global ScriptUpdatesBaseUrl "https://gitlab.com/eworm-de/routeros-scripts/raw/next/"; :global ScriptUpdatesUrlSuffix ""; -# use next branch with default url (git.eworm.de) +# use next branch with my git url (git.eworm.de) #:global ScriptUpdatesUrlSuffix "?h=next"; # Use this for defaults with $ScriptRunOnce From d4acc5aa59e30c5e430b553fb2142c7e7e004822 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 11:03:50 +0100 Subject: [PATCH 728/908] BRANCHES: adopt new default url --- BRANCHES.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/BRANCHES.md b/BRANCHES.md index 2bacf8e..5d94077 100644 --- a/BRANCHES.md +++ b/BRANCHES.md @@ -22,13 +22,13 @@ for testing. To install a single script from `next` branch: - $ScriptInstallUpdate script-name "url-suffix=?h=next"; + $ScriptInstallUpdate script-name "base-url=https://rsc.eworm.de/next/"; ## Switch existing script Alternatively switch an existing script to update from `next` branch: - /system/script/set comment="url-suffix=?h=next" script-name; + /system/script/set comment="base-url=https://rsc.eworm.de/next/" script-name; $ScriptInstallUpdate; ## Switch installation @@ -36,7 +36,7 @@ Alternatively switch an existing script to update from `next` branch: Last but not least - to switch the complete installation to the `next` branch edit `global-config-overlay` and add: - :global ScriptUpdatesUrlSuffix "?h=next"; + :global ScriptUpdatesBaseUrl "https://rsc.eworm.de/next/"; ... then reload the configuration and update: From a446f31262118d59d6ec938a022b2f7d99fb5a70 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 23 Jan 2025 23:56:18 +0100 Subject: [PATCH 729/908] fw-addr-lists: use my static mirror --- global-config.rsc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/global-config.rsc b/global-config.rsc index 3e17320..c8b2c2e 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -92,11 +92,11 @@ # This defines the settings for firewall address-lists (fw-addr-lists). :global FwAddrLists { # "allow"={ -# { url="https://git.eworm.de/cgit/routeros-scripts/plain/fw-addr-lists.d/allow"; +# { url="https://rsc.eworm.de/main/fw-addr-lists.d/allow"; # cert="ISRG Root X2"; timeout=1w }; # }; "block"={ -# { url="https://git.eworm.de/cgit/routeros-scripts/plain/fw-addr-lists.d/block"; +# { url="https://rsc.eworm.de/main/fw-addr-lists.d/block"; # cert="ISRG Root X2" }; { url="https://feodotracker.abuse.ch/downloads/ipblocklist_recommended.txt"; cert="GlobalSign" }; @@ -112,7 +112,7 @@ # cert="GTS Root R4" }; }; # "mikrotik"={ -# { url="https://git.eworm.de/cgit/routeros-scripts/plain/fw-addr-lists.d/mikrotik"; +# { url="https://rsc.eworm.de/main/fw-addr-lists.d/mikrotik"; # cert="ISRG Root X2"; timeout=1w }; # }; }; From 500054535c44f7682bf82712dc37e299299b09dd Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 10:30:01 +0100 Subject: [PATCH 730/908] unattended-lte-firmware-upgrade: require RouterOS --- unattended-lte-firmware-upgrade.rsc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/unattended-lte-firmware-upgrade.rsc b/unattended-lte-firmware-upgrade.rsc index f1bc552..ea18edf 100644 --- a/unattended-lte-firmware-upgrade.rsc +++ b/unattended-lte-firmware-upgrade.rsc @@ -3,6 +3,8 @@ # Copyright (c) 2018-2025 Christian Hesse # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md # +# requires RouterOS, version=7.14 +# # schedule unattended lte firmware upgrade # https://git.eworm.de/cgit/routeros-scripts/about/doc/unattended-lte-firmware-upgrade.md From 1dda59034e366c6cb6e2b78fa820ece1407f93e5 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:12 +0100 Subject: [PATCH 731/908] accesslist-duplicates: use short url rsc.eworm.de --- accesslist-duplicates.capsman.rsc | 4 ++-- accesslist-duplicates.local.rsc | 4 ++-- accesslist-duplicates.template.rsc | 4 ++-- accesslist-duplicates.wifi.rsc | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/accesslist-duplicates.capsman.rsc b/accesslist-duplicates.capsman.rsc index b611917..0c4eaaf 100644 --- a/accesslist-duplicates.capsman.rsc +++ b/accesslist-duplicates.capsman.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: accesslist-duplicates.capsman # Copyright (c) 2018-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # print duplicate antries in wireless access list -# https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md +# https://rsc.eworm.de/doc/accesslist-duplicates.md # # !! Do not edit this file, it is generated from template! diff --git a/accesslist-duplicates.local.rsc b/accesslist-duplicates.local.rsc index ef0cf32..353fe1f 100644 --- a/accesslist-duplicates.local.rsc +++ b/accesslist-duplicates.local.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: accesslist-duplicates.local # Copyright (c) 2018-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # print duplicate antries in wireless access list -# https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md +# https://rsc.eworm.de/doc/accesslist-duplicates.md # # !! Do not edit this file, it is generated from template! diff --git a/accesslist-duplicates.template.rsc b/accesslist-duplicates.template.rsc index ab5b671..4219014 100644 --- a/accesslist-duplicates.template.rsc +++ b/accesslist-duplicates.template.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: accesslist-duplicates%TEMPL% # Copyright (c) 2018-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # print duplicate antries in wireless access list -# https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md +# https://rsc.eworm.de/doc/accesslist-duplicates.md # # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. diff --git a/accesslist-duplicates.wifi.rsc b/accesslist-duplicates.wifi.rsc index 0205598..3ee53d8 100644 --- a/accesslist-duplicates.wifi.rsc +++ b/accesslist-duplicates.wifi.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: accesslist-duplicates.wifi # Copyright (c) 2018-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # print duplicate antries in wireless access list -# https://git.eworm.de/cgit/routeros-scripts/about/doc/accesslist-duplicates.md +# https://rsc.eworm.de/doc/accesslist-duplicates.md # # !! Do not edit this file, it is generated from template! From 5281b4ba02a721af189ad70244c95cb175c6af06 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:12 +0100 Subject: [PATCH 732/908] backup-cloud: use short url rsc.eworm.de --- backup-cloud.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backup-cloud.rsc b/backup-cloud.rsc index f32a04d..efae055 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -1,13 +1,13 @@ #!rsc by RouterOS # RouterOS script: backup-cloud # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # provides: backup-script, order=40 # requires RouterOS, version=7.14 # # upload backup to MikroTik cloud -# https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-cloud.md +# https://rsc.eworm.de/doc/backup-cloud.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 08ff07d037d88e7aba7356ba0f744a4e92d597ea Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 733/908] backup-email: use short url rsc.eworm.de --- backup-email.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backup-email.rsc b/backup-email.rsc index 731fb95..f6ebad0 100644 --- a/backup-email.rsc +++ b/backup-email.rsc @@ -1,13 +1,13 @@ #!rsc by RouterOS # RouterOS script: backup-email # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # provides: backup-script, order=20 # requires RouterOS, version=7.14 # # create and email backup and config file -# https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-email.md +# https://rsc.eworm.de/doc/backup-email.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From c70b6a8eb304641df205c1d18f12670d183a9385 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 734/908] backup-partition: use short url rsc.eworm.de --- backup-partition.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backup-partition.rsc b/backup-partition.rsc index 2298225..b8bf7b1 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -1,13 +1,13 @@ #!rsc by RouterOS # RouterOS script: backup-partition # Copyright (c) 2022-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # provides: backup-script, order=70 # requires RouterOS, version=7.14 # # save configuration to fallback partition -# https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-partition.md +# https://rsc.eworm.de/doc/backup-partition.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 38b5fbab9cdc9fd755c04a2f7debd2d62ae05aab Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 735/908] backup-upload: use short url rsc.eworm.de --- backup-upload.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backup-upload.rsc b/backup-upload.rsc index e035415..011c502 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -1,13 +1,13 @@ #!rsc by RouterOS # RouterOS script: backup-upload # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # provides: backup-script, order=50 # requires RouterOS, version=7.14 # # create and upload backup and config file -# https://git.eworm.de/cgit/routeros-scripts/about/doc/backup-upload.md +# https://rsc.eworm.de/doc/backup-upload.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From b938847030e90c8c3b8decb55e6625aa2e537798 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 736/908] capsman-download-packages: use short url rsc.eworm.de --- capsman-download-packages.capsman.rsc | 4 ++-- capsman-download-packages.template.rsc | 4 ++-- capsman-download-packages.wifi.rsc | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/capsman-download-packages.capsman.rsc b/capsman-download-packages.capsman.rsc index 4609498..fa76ff5 100644 --- a/capsman-download-packages.capsman.rsc +++ b/capsman-download-packages.capsman.rsc @@ -2,12 +2,12 @@ # RouterOS script: capsman-download-packages.capsman # Copyright (c) 2018-2025 Christian Hesse # Michael Gisbers -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # download and cleanup packages for CAP installation from CAPsMAN -# https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-download-packages.md +# https://rsc.eworm.de/doc/capsman-download-packages.md # # !! Do not edit this file, it is generated from template! diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index 642a068..912e279 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -2,12 +2,12 @@ # RouterOS script: capsman-download-packages%TEMPL% # Copyright (c) 2018-2025 Christian Hesse # Michael Gisbers -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # download and cleanup packages for CAP installation from CAPsMAN -# https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-download-packages.md +# https://rsc.eworm.de/doc/capsman-download-packages.md # # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. diff --git a/capsman-download-packages.wifi.rsc b/capsman-download-packages.wifi.rsc index 1ea9b79..3a5e7d1 100644 --- a/capsman-download-packages.wifi.rsc +++ b/capsman-download-packages.wifi.rsc @@ -2,12 +2,12 @@ # RouterOS script: capsman-download-packages.wifi # Copyright (c) 2018-2025 Christian Hesse # Michael Gisbers -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # download and cleanup packages for CAP installation from CAPsMAN -# https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-download-packages.md +# https://rsc.eworm.de/doc/capsman-download-packages.md # # !! Do not edit this file, it is generated from template! From 26dbf5805a83a2670e678ec93d02796f7c3233cd Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 737/908] capsman-rolling-upgrade: use short url rsc.eworm.de --- capsman-rolling-upgrade.capsman.rsc | 4 ++-- capsman-rolling-upgrade.template.rsc | 4 ++-- capsman-rolling-upgrade.wifi.rsc | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/capsman-rolling-upgrade.capsman.rsc b/capsman-rolling-upgrade.capsman.rsc index 7a5ed81..abe066e 100644 --- a/capsman-rolling-upgrade.capsman.rsc +++ b/capsman-rolling-upgrade.capsman.rsc @@ -2,13 +2,13 @@ # RouterOS script: capsman-rolling-upgrade.capsman # Copyright (c) 2018-2025 Christian Hesse # Michael Gisbers -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # provides: capsman-rolling-upgrade.capsman # requires RouterOS, version=7.14 # # upgrade CAPs one after another -# https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-rolling-upgrade.md +# https://rsc.eworm.de/doc/capsman-rolling-upgrade.md # # !! Do not edit this file, it is generated from template! diff --git a/capsman-rolling-upgrade.template.rsc b/capsman-rolling-upgrade.template.rsc index fd7e31f..c1c7ff1 100644 --- a/capsman-rolling-upgrade.template.rsc +++ b/capsman-rolling-upgrade.template.rsc @@ -2,13 +2,13 @@ # RouterOS script: capsman-rolling-upgrade%TEMPL% # Copyright (c) 2018-2025 Christian Hesse # Michael Gisbers -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # provides: capsman-rolling-upgrade%TEMPL% # requires RouterOS, version=7.14 # # upgrade CAPs one after another -# https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-rolling-upgrade.md +# https://rsc.eworm.de/doc/capsman-rolling-upgrade.md # # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. diff --git a/capsman-rolling-upgrade.wifi.rsc b/capsman-rolling-upgrade.wifi.rsc index 3fb99b8..44c99db 100644 --- a/capsman-rolling-upgrade.wifi.rsc +++ b/capsman-rolling-upgrade.wifi.rsc @@ -2,13 +2,13 @@ # RouterOS script: capsman-rolling-upgrade.wifi # Copyright (c) 2018-2025 Christian Hesse # Michael Gisbers -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # provides: capsman-rolling-upgrade.wifi # requires RouterOS, version=7.14 # # upgrade CAPs one after another -# https://git.eworm.de/cgit/routeros-scripts/about/doc/capsman-rolling-upgrade.md +# https://rsc.eworm.de/doc/capsman-rolling-upgrade.md # # !! Do not edit this file, it is generated from template! From 1b7458ac955dc32ea12f19a779c985f27e0c6a28 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 738/908] certificate-renew-issued: use short url rsc.eworm.de --- certificate-renew-issued.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/certificate-renew-issued.rsc b/certificate-renew-issued.rsc index 32c3267..5a4043d 100644 --- a/certificate-renew-issued.rsc +++ b/certificate-renew-issued.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: certificate-renew-issued # Copyright (c) 2019-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # renew locally issued certificates -# https://git.eworm.de/cgit/routeros-scripts/about/doc/certificate-renew-issued.md +# https://rsc.eworm.de/doc/certificate-renew-issued.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 1239ac31044270036a8204cd7856776d8faee06e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 739/908] check-certificates: use short url rsc.eworm.de --- check-certificates.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index 226364b..02e3e52 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: check-certificates # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # check for certificate validity -# https://git.eworm.de/cgit/routeros-scripts/about/doc/check-certificates.md +# https://rsc.eworm.de/doc/check-certificates.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 231be730aea0bad7a914c387a719d7c46ecbb468 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 740/908] check-health: use short url rsc.eworm.de --- check-health.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/check-health.rsc b/check-health.rsc index d3586db..31bd6c2 100644 --- a/check-health.rsc +++ b/check-health.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: check-health # Copyright (c) 2019-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # check for RouterOS health state -# https://git.eworm.de/cgit/routeros-scripts/about/doc/check-health.md +# https://rsc.eworm.de/doc/check-health.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 7484663b92062ae6c120227de22d387df93123ad Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 741/908] check-lte-firmware-upgrade: use short url rsc.eworm.de --- check-lte-firmware-upgrade.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/check-lte-firmware-upgrade.rsc b/check-lte-firmware-upgrade.rsc index cd9f979..562b8fe 100644 --- a/check-lte-firmware-upgrade.rsc +++ b/check-lte-firmware-upgrade.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: check-lte-firmware-upgrade # Copyright (c) 2018-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # check for LTE firmware upgrade, send notification -# https://git.eworm.de/cgit/routeros-scripts/about/doc/check-lte-firmware-upgrade.md +# https://rsc.eworm.de/doc/check-lte-firmware-upgrade.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 36c87c91ea9b4bc5ef1153733d38e52ad0e3e291 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 742/908] check-routeros-update: use short url rsc.eworm.de --- check-routeros-update.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index 19abebf..9486d6c 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: check-routeros-update # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # check for RouterOS update, send notification and/or install -# https://git.eworm.de/cgit/routeros-scripts/about/doc/check-routeros-update.md +# https://rsc.eworm.de/doc/check-routeros-update.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From f8058eaf71c54fb722fb65c5e87c9f448927a36e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 743/908] collect-wireless-mac: use short url rsc.eworm.de --- collect-wireless-mac.capsman.rsc | 4 ++-- collect-wireless-mac.local.rsc | 4 ++-- collect-wireless-mac.template.rsc | 4 ++-- collect-wireless-mac.wifi.rsc | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/collect-wireless-mac.capsman.rsc b/collect-wireless-mac.capsman.rsc index 05e4b89..f718e0b 100644 --- a/collect-wireless-mac.capsman.rsc +++ b/collect-wireless-mac.capsman.rsc @@ -1,13 +1,13 @@ #!rsc by RouterOS # RouterOS script: collect-wireless-mac.capsman # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=40 # requires RouterOS, version=7.14 # # collect wireless mac adresses in access list -# https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md +# https://rsc.eworm.de/doc/collect-wireless-mac.md # # !! Do not edit this file, it is generated from template! diff --git a/collect-wireless-mac.local.rsc b/collect-wireless-mac.local.rsc index 67c1a98..0017875 100644 --- a/collect-wireless-mac.local.rsc +++ b/collect-wireless-mac.local.rsc @@ -1,13 +1,13 @@ #!rsc by RouterOS # RouterOS script: collect-wireless-mac.local # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=40 # requires RouterOS, version=7.14 # # collect wireless mac adresses in access list -# https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md +# https://rsc.eworm.de/doc/collect-wireless-mac.md # # !! Do not edit this file, it is generated from template! diff --git a/collect-wireless-mac.template.rsc b/collect-wireless-mac.template.rsc index 84a9667..527e985 100644 --- a/collect-wireless-mac.template.rsc +++ b/collect-wireless-mac.template.rsc @@ -1,13 +1,13 @@ #!rsc by RouterOS # RouterOS script: collect-wireless-mac%TEMPL% # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=40 # requires RouterOS, version=7.14 # # collect wireless mac adresses in access list -# https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md +# https://rsc.eworm.de/doc/collect-wireless-mac.md # # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. diff --git a/collect-wireless-mac.wifi.rsc b/collect-wireless-mac.wifi.rsc index fa4953b..5f9de7d 100644 --- a/collect-wireless-mac.wifi.rsc +++ b/collect-wireless-mac.wifi.rsc @@ -1,13 +1,13 @@ #!rsc by RouterOS # RouterOS script: collect-wireless-mac.wifi # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=40 # requires RouterOS, version=7.14 # # collect wireless mac adresses in access list -# https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md +# https://rsc.eworm.de/doc/collect-wireless-mac.md # # !! Do not edit this file, it is generated from template! From 96fa76f07dfe86d31f32c90e969cb824d727280a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 744/908] daily-psk.template: use short url rsc.eworm.de --- daily-psk.capsman.rsc | 4 ++-- daily-psk.local.rsc | 4 ++-- daily-psk.template.rsc | 4 ++-- daily-psk.wifi.rsc | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/daily-psk.capsman.rsc b/daily-psk.capsman.rsc index f41da29..5672931 100644 --- a/daily-psk.capsman.rsc +++ b/daily-psk.capsman.rsc @@ -2,12 +2,12 @@ # RouterOS script: daily-psk.capsman # Copyright (c) 2013-2025 Christian Hesse # Michael Gisbers -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.15 # # update daily PSK (pre shared key) -# https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md +# https://rsc.eworm.de/doc/daily-psk.md # # !! Do not edit this file, it is generated from template! diff --git a/daily-psk.local.rsc b/daily-psk.local.rsc index 2920cb5..9dea469 100644 --- a/daily-psk.local.rsc +++ b/daily-psk.local.rsc @@ -2,12 +2,12 @@ # RouterOS script: daily-psk.local # Copyright (c) 2013-2025 Christian Hesse # Michael Gisbers -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.15 # # update daily PSK (pre shared key) -# https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md +# https://rsc.eworm.de/doc/daily-psk.md # # !! Do not edit this file, it is generated from template! diff --git a/daily-psk.template.rsc b/daily-psk.template.rsc index 05c376e..8202eeb 100644 --- a/daily-psk.template.rsc +++ b/daily-psk.template.rsc @@ -2,12 +2,12 @@ # RouterOS script: daily-psk%TEMPL% # Copyright (c) 2013-2025 Christian Hesse # Michael Gisbers -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.15 # # update daily PSK (pre shared key) -# https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md +# https://rsc.eworm.de/doc/daily-psk.md # # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. diff --git a/daily-psk.wifi.rsc b/daily-psk.wifi.rsc index 4182ab8..3de3c5b 100644 --- a/daily-psk.wifi.rsc +++ b/daily-psk.wifi.rsc @@ -2,12 +2,12 @@ # RouterOS script: daily-psk.wifi # Copyright (c) 2013-2025 Christian Hesse # Michael Gisbers -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.15 # # update daily PSK (pre shared key) -# https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md +# https://rsc.eworm.de/doc/daily-psk.md # # !! Do not edit this file, it is generated from template! From 61dee2177634b6e464aab4b644eb686f914cb365 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 745/908] dhcp-lease-comment: use short url rsc.eworm.de --- dhcp-lease-comment.capsman.rsc | 4 ++-- dhcp-lease-comment.local.rsc | 4 ++-- dhcp-lease-comment.template.rsc | 4 ++-- dhcp-lease-comment.wifi.rsc | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/dhcp-lease-comment.capsman.rsc b/dhcp-lease-comment.capsman.rsc index 947181b..3803963 100644 --- a/dhcp-lease-comment.capsman.rsc +++ b/dhcp-lease-comment.capsman.rsc @@ -1,13 +1,13 @@ #!rsc by RouterOS # RouterOS script: dhcp-lease-comment.capsman # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=60 # requires RouterOS, version=7.14 # # update dhcp-server lease comment with infos from access-list -# https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md +# https://rsc.eworm.de/doc/dhcp-lease-comment.md # # !! Do not edit this file, it is generated from template! diff --git a/dhcp-lease-comment.local.rsc b/dhcp-lease-comment.local.rsc index 27306dd..d5f1461 100644 --- a/dhcp-lease-comment.local.rsc +++ b/dhcp-lease-comment.local.rsc @@ -1,13 +1,13 @@ #!rsc by RouterOS # RouterOS script: dhcp-lease-comment.local # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=60 # requires RouterOS, version=7.14 # # update dhcp-server lease comment with infos from access-list -# https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md +# https://rsc.eworm.de/doc/dhcp-lease-comment.md # # !! Do not edit this file, it is generated from template! diff --git a/dhcp-lease-comment.template.rsc b/dhcp-lease-comment.template.rsc index 8552b26..2bddc26 100644 --- a/dhcp-lease-comment.template.rsc +++ b/dhcp-lease-comment.template.rsc @@ -1,13 +1,13 @@ #!rsc by RouterOS # RouterOS script: dhcp-lease-comment%TEMPL% # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=60 # requires RouterOS, version=7.14 # # update dhcp-server lease comment with infos from access-list -# https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md +# https://rsc.eworm.de/doc/dhcp-lease-comment.md # # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. diff --git a/dhcp-lease-comment.wifi.rsc b/dhcp-lease-comment.wifi.rsc index bf67bd0..515b438 100644 --- a/dhcp-lease-comment.wifi.rsc +++ b/dhcp-lease-comment.wifi.rsc @@ -1,13 +1,13 @@ #!rsc by RouterOS # RouterOS script: dhcp-lease-comment.wifi # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=60 # requires RouterOS, version=7.14 # # update dhcp-server lease comment with infos from access-list -# https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-lease-comment.md +# https://rsc.eworm.de/doc/dhcp-lease-comment.md # # !! Do not edit this file, it is generated from template! From 632d294a988188eb9ea182316d28411b8c281ed2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 746/908] dhcp-to-dns: use short url rsc.eworm.de --- dhcp-to-dns.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dhcp-to-dns.rsc b/dhcp-to-dns.rsc index 1eb832a..9b94098 100644 --- a/dhcp-to-dns.rsc +++ b/dhcp-to-dns.rsc @@ -1,13 +1,13 @@ #!rsc by RouterOS # RouterOS script: dhcp-to-dns # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=20 # requires RouterOS, version=7.16 # # check DHCP leases and add/remove/update DNS entries -# https://git.eworm.de/cgit/routeros-scripts/about/doc/dhcp-to-dns.md +# https://rsc.eworm.de/doc/dhcp-to-dns.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 7b760d9fa408b12ef00328266c77707f835f0600 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 747/908] firmware-upgrade-reboot: use short url rsc.eworm.de --- firmware-upgrade-reboot.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/firmware-upgrade-reboot.rsc b/firmware-upgrade-reboot.rsc index f9e557c..e3d62de 100644 --- a/firmware-upgrade-reboot.rsc +++ b/firmware-upgrade-reboot.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: firmware-upgrade-reboot # Copyright (c) 2022-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # install firmware upgrade, and reboot -# https://git.eworm.de/cgit/routeros-scripts/about/doc/firmware-upgrade-reboot.md +# https://rsc.eworm.de/doc/firmware-upgrade-reboot.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 39c5aeda13e107f1dd91fc632cab536befeca6eb Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 748/908] fw-addr-lists: use short url rsc.eworm.de --- fw-addr-lists.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index e98a610..d41dc04 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: fw-addr-lists # Copyright (c) 2023-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.16 # # download, import and update firewall address-lists -# https://git.eworm.de/cgit/routeros-scripts/about/doc/fw-addr-lists.md +# https://rsc.eworm.de/doc/fw-addr-lists.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From ac62b8f24fc72aefbb9994abac3baa07bd3cfa93 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 749/908] global-config-overlay: use short url rsc.eworm.de --- global-config-overlay.rsc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/global-config-overlay.rsc b/global-config-overlay.rsc index 227ae5a..9afaceb 100644 --- a/global-config-overlay.rsc +++ b/global-config-overlay.rsc @@ -1,12 +1,12 @@ # Overlay for global configuration by RouterOS Scripts # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # global configuration, custom overlay -# https://git.eworm.de/cgit/routeros-scripts/about/#editing-configuration +# https://rsc.eworm.de/#editing-configuration # Copy relevant configuration from global-config, paste and modify it here. -# https://git.eworm.de/cgit/routeros-scripts/about/global-config.rsc +# https://rsc.eworm.de/global-config.rsc # End of global-config-overlay From b7923485bdac90458321989eda261517afc4986e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 750/908] global-config: use short url rsc.eworm.de --- global-config.rsc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/global-config.rsc b/global-config.rsc index c8b2c2e..df26ef9 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -1,10 +1,10 @@ #!rsc by RouterOS # RouterOS script: global-config # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # global configuration -# https://git.eworm.de/cgit/routeros-scripts/about/ +# https://rsc.eworm.de/ # Set this to 'true' to disable news and change notifications. :global NoNewsAndChangesNotification false; @@ -238,7 +238,7 @@ # This project is developed in private spare time and usage is free of charge # for you. If you like the scripts and think this is of value for you or your # business please consider a donation: -# https://git.eworm.de/cgit/routeros-scripts/about/#donate +# https://rsc.eworm.de/#donate # Enable this to silence donation hint. :global IDonate false; From 7be415d0ed8238564608c47b251f21f25e6f1d43 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 751/908] global-functions: use short url rsc.eworm.de --- global-functions.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index a2dd279..d5ac31c 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -2,12 +2,12 @@ # RouterOS script: global-functions # Copyright (c) 2013-2025 Christian Hesse # Michael Gisbers -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # global functions -# https://git.eworm.de/cgit/routeros-scripts/about/ +# https://rsc.eworm.de/ :local ScriptName [ :jobname ]; From 0431b02324877ae8585eb31effd789747f2aaf96 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 752/908] global-wait: use short url rsc.eworm.de --- global-wait.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global-wait.rsc b/global-wait.rsc index 529dbd7..bc98462 100644 --- a/global-wait.rsc +++ b/global-wait.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: global-wait # Copyright (c) 2020-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # wait for global-functions to finish -# https://git.eworm.de/cgit/routeros-scripts/about/doc/global-wait.md +# https://rsc.eworm.de/doc/global-wait.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 72db13c0ab7bc2ba71400bb74976391d7a78e925 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 753/908] gps-track: use short url rsc.eworm.de --- gps-track.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gps-track.rsc b/gps-track.rsc index 1bd976a..08873de 100644 --- a/gps-track.rsc +++ b/gps-track.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: gps-track # Copyright (c) 2018-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # track gps data by sending json data to http server -# https://git.eworm.de/cgit/routeros-scripts/about/doc/gps-track.md +# https://rsc.eworm.de/doc/gps-track.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 996602bfe9f0363edae13c51604c23f46546ac49 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 754/908] hotspot-to-wpa-cleanup: use short url rsc.eworm.de --- hotspot-to-wpa-cleanup.capsman.rsc | 4 ++-- hotspot-to-wpa-cleanup.template.rsc | 4 ++-- hotspot-to-wpa-cleanup.wifi.rsc | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/hotspot-to-wpa-cleanup.capsman.rsc b/hotspot-to-wpa-cleanup.capsman.rsc index 1d27faf..fde36f9 100644 --- a/hotspot-to-wpa-cleanup.capsman.rsc +++ b/hotspot-to-wpa-cleanup.capsman.rsc @@ -1,13 +1,13 @@ #!rsc by RouterOS # RouterOS script: hotspot-to-wpa-cleanup.capsman # Copyright (c) 2021-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=80 # requires RouterOS, version=7.14 # # manage and clean up private WPA passphrase after hotspot login -# https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md +# https://rsc.eworm.de/doc/hotspot-to-wpa.md # # !! Do not edit this file, it is generated from template! diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc index f92dbe5..3ddcbe0 100644 --- a/hotspot-to-wpa-cleanup.template.rsc +++ b/hotspot-to-wpa-cleanup.template.rsc @@ -1,13 +1,13 @@ #!rsc by RouterOS # RouterOS script: hotspot-to-wpa-cleanup%TEMPL% # Copyright (c) 2021-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=80 # requires RouterOS, version=7.14 # # manage and clean up private WPA passphrase after hotspot login -# https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md +# https://rsc.eworm.de/doc/hotspot-to-wpa.md # # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. diff --git a/hotspot-to-wpa-cleanup.wifi.rsc b/hotspot-to-wpa-cleanup.wifi.rsc index cd21593..034530b 100644 --- a/hotspot-to-wpa-cleanup.wifi.rsc +++ b/hotspot-to-wpa-cleanup.wifi.rsc @@ -1,13 +1,13 @@ #!rsc by RouterOS # RouterOS script: hotspot-to-wpa-cleanup.wifi # Copyright (c) 2021-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=80 # requires RouterOS, version=7.14 # # manage and clean up private WPA passphrase after hotspot login -# https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md +# https://rsc.eworm.de/doc/hotspot-to-wpa.md # # !! Do not edit this file, it is generated from template! From 9474102c62b4e9d36f908e40e14031da5a6fc116 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 755/908] hotspot-to-wpa: use short url rsc.eworm.de --- hotspot-to-wpa.capsman.rsc | 4 ++-- hotspot-to-wpa.template.rsc | 4 ++-- hotspot-to-wpa.wifi.rsc | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/hotspot-to-wpa.capsman.rsc b/hotspot-to-wpa.capsman.rsc index d962ba7..1c77de9 100644 --- a/hotspot-to-wpa.capsman.rsc +++ b/hotspot-to-wpa.capsman.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: hotspot-to-wpa.capsman # Copyright (c) 2019-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # add private WPA passphrase after hotspot login -# https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md +# https://rsc.eworm.de/doc/hotspot-to-wpa.md # # !! Do not edit this file, it is generated from template! diff --git a/hotspot-to-wpa.template.rsc b/hotspot-to-wpa.template.rsc index 3438be7..d8cd261 100644 --- a/hotspot-to-wpa.template.rsc +++ b/hotspot-to-wpa.template.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: hotspot-to-wpa%TEMPL% # Copyright (c) 2019-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # add private WPA passphrase after hotspot login -# https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md +# https://rsc.eworm.de/doc/hotspot-to-wpa.md # # !! This is just a template to generate the real script! # !! Pattern '%TEMPL%' is replaced, paths are filtered. diff --git a/hotspot-to-wpa.wifi.rsc b/hotspot-to-wpa.wifi.rsc index a2bb3ca..345087d 100644 --- a/hotspot-to-wpa.wifi.rsc +++ b/hotspot-to-wpa.wifi.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: hotspot-to-wpa.wifi # Copyright (c) 2019-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # add private WPA passphrase after hotspot login -# https://git.eworm.de/cgit/routeros-scripts/about/doc/hotspot-to-wpa.md +# https://rsc.eworm.de/doc/hotspot-to-wpa.md # # !! Do not edit this file, it is generated from template! From 453d80a121f7e92602466490b77b7d47ba3ef251 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 756/908] ip-addr-bridge: use short url rsc.eworm.de --- ip-addr-bridge.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ip-addr-bridge.rsc b/ip-addr-bridge.rsc index 00b45a3..68ff4a4 100644 --- a/ip-addr-bridge.rsc +++ b/ip-addr-bridge.rsc @@ -1,10 +1,10 @@ #!rsc by RouterOS # RouterOS script: ip-addr-bridge # Copyright (c) 2018-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # enable or disable ip addresses based on bridge port state -# https://git.eworm.de/cgit/routeros-scripts/about/doc/ip-addr-bridge.md +# https://rsc.eworm.de/doc/ip-addr-bridge.md :foreach Bridge in=[ /interface/bridge/find ] do={ :local BrName [ /interface/bridge/get $Bridge name ]; From 02cc581aff6c6a4191620450e5607c74aeaca203 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 757/908] ipsec-to-dns: use short url rsc.eworm.de --- ipsec-to-dns.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ipsec-to-dns.rsc b/ipsec-to-dns.rsc index 39b21d5..1af5809 100644 --- a/ipsec-to-dns.rsc +++ b/ipsec-to-dns.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: ipsec-to-dns # Copyright (c) 2021-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # and add/remove/update DNS entries from IPSec mode-config -# https://git.eworm.de/cgit/routeros-scripts/about/doc/ipsec-to-dns.md +# https://rsc.eworm.de/doc/ipsec-to-dns.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 71316f7377987124858d74a9f5f741a133047dec Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 758/908] ipv6-update: use short url rsc.eworm.de --- ipv6-update.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ipv6-update.rsc b/ipv6-update.rsc index a2fb831..7eb625b 100644 --- a/ipv6-update.rsc +++ b/ipv6-update.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: ipv6-update # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # update firewall and dns settings on IPv6 prefix change -# https://git.eworm.de/cgit/routeros-scripts/about/doc/ipv6-update.md +# https://rsc.eworm.de/doc/ipv6-update.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 5ead61cb6269ab5f2e6c145a4736765d938f6305 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 759/908] lease-script: use short url rsc.eworm.de --- lease-script.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lease-script.rsc b/lease-script.rsc index 3d0fc72..b6ceac9 100644 --- a/lease-script.rsc +++ b/lease-script.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: lease-script # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # run scripts on DHCP lease -# https://git.eworm.de/cgit/routeros-scripts/about/doc/lease-script.md +# https://rsc.eworm.de/doc/lease-script.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 5e60d2e1b7d1973a18737042e94d3e0ba262db14 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:12 +0100 Subject: [PATCH 760/908] leds-day-mode: use short url rsc.eworm.de --- leds-day-mode.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/leds-day-mode.rsc b/leds-day-mode.rsc index e0f08d6..7344fde 100644 --- a/leds-day-mode.rsc +++ b/leds-day-mode.rsc @@ -1,9 +1,9 @@ #!rsc by RouterOS # RouterOS script: leds-day-mode # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # enable LEDs -# https://git.eworm.de/cgit/routeros-scripts/about/doc/leds-mode.md +# https://rsc.eworm.de/doc/leds-mode.md /system/leds/settings/set all-leds-off=never; From bf11489d11058562a1a10b883dbdb1d06f8c1a8e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 761/908] leds-night-mode: use short url rsc.eworm.de --- leds-night-mode.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/leds-night-mode.rsc b/leds-night-mode.rsc index 1f50dfd..8bd028e 100644 --- a/leds-night-mode.rsc +++ b/leds-night-mode.rsc @@ -1,9 +1,9 @@ #!rsc by RouterOS # RouterOS script: leds-night-mode # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # disable LEDs -# https://git.eworm.de/cgit/routeros-scripts/about/doc/leds-mode.md +# https://rsc.eworm.de/doc/leds-mode.md /system/leds/settings/set all-leds-off=immediate; From b75a35417a4dc0793515275bdee8443248f5762c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 762/908] leds-toggle-mode: use short url rsc.eworm.de --- leds-toggle-mode.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/leds-toggle-mode.rsc b/leds-toggle-mode.rsc index 55d5b82..b55e351 100644 --- a/leds-toggle-mode.rsc +++ b/leds-toggle-mode.rsc @@ -1,9 +1,9 @@ #!rsc by RouterOS # RouterOS script: leds-toggle-mode # Copyright (c) 2018-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # toggle LEDs mode -# https://git.eworm.de/cgit/routeros-scripts/about/doc/leds-mode.md +# https://rsc.eworm.de/doc/leds-mode.md /system/leds/settings/set all-leds-off=(({ "never"="immediate"; "immediate"="never" })->[ get all-leds-off ]); From b8841a71356c6e25870913183d10ef9a8732a42d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 763/908] log-forward: use short url rsc.eworm.de --- log-forward.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/log-forward.rsc b/log-forward.rsc index 8c2ebc0..379fa54 100644 --- a/log-forward.rsc +++ b/log-forward.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: log-forward # Copyright (c) 2020-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # forward log messages via notification -# https://git.eworm.de/cgit/routeros-scripts/about/doc/log-forward.md +# https://rsc.eworm.de/doc/log-forward.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 6920842d1584a7c8b3a7208c1230a373d2932a8d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:12 +0100 Subject: [PATCH 764/908] mod/bridge-port-to: use short url rsc.eworm.de --- mod/bridge-port-to.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mod/bridge-port-to.rsc b/mod/bridge-port-to.rsc index ec6f612..f00e10b 100644 --- a/mod/bridge-port-to.rsc +++ b/mod/bridge-port-to.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: mod/bridge-port-to # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # reset bridge ports to default bridge -# https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/bridge-port-to.md +# https://rsc.eworm.de/doc/mod/bridge-port-to.md :global BridgePortTo; From d5a50d824f0343a70e1945127b42dde719d761d2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:12 +0100 Subject: [PATCH 765/908] mod/bridge-port-vlan: use short url rsc.eworm.de --- mod/bridge-port-vlan.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mod/bridge-port-vlan.rsc b/mod/bridge-port-vlan.rsc index 6221646..62e71e3 100644 --- a/mod/bridge-port-vlan.rsc +++ b/mod/bridge-port-vlan.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: mod/bridge-port-vlan # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # manage VLANs on bridge ports -# https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/bridge-port-vlan.md +# https://rsc.eworm.de/doc/mod/bridge-port-vlan.md :global BridgePortVlan; From 18fcecd21126b72c9ba1aef4375450bb8751feb3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 766/908] mode-button: use short url rsc.eworm.de --- mode-button.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mode-button.rsc b/mode-button.rsc index f8bd7b8..9339f1c 100644 --- a/mode-button.rsc +++ b/mode-button.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: mode-button # Copyright (c) 2018-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # act on multiple mode and reset button presses -# https://git.eworm.de/cgit/routeros-scripts/about/doc/mode-button.md +# https://rsc.eworm.de/doc/mode-button.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 078d5368fbfa195d1e6584b3789cfb3078babad7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:12 +0100 Subject: [PATCH 767/908] mod/inspectvar: use short url rsc.eworm.de --- mod/inspectvar.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mod/inspectvar.rsc b/mod/inspectvar.rsc index 01724bb..0f05da7 100644 --- a/mod/inspectvar.rsc +++ b/mod/inspectvar.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: mod/inspectvar # Copyright (c) 2020-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # inspect variables -# https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/inspectvar.md +# https://rsc.eworm.de/doc/mod/inspectvar.md :global InspectVar; :global InspectVarReturn; From 828f68be3c85a43e28884546f74dab3aca403eb9 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:12 +0100 Subject: [PATCH 768/908] mod/ipcalc: use short url rsc.eworm.de --- mod/ipcalc.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mod/ipcalc.rsc b/mod/ipcalc.rsc index 69dec8b..fbed74b 100644 --- a/mod/ipcalc.rsc +++ b/mod/ipcalc.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: mod/ipcalc # Copyright (c) 2020-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # ip address calculation -# https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/ipcalc.md +# https://rsc.eworm.de/doc/mod/ipcalc.md :global IPCalc; :global IPCalcReturn; From 631f63836b6b758c4ff3816ffdd5c76d95d31961 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:12 +0100 Subject: [PATCH 769/908] mod/notification-email: use short url rsc.eworm.de --- mod/notification-email.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index 6d700f5..ca23550 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: mod/notification-email # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # send notifications via e-mail -# https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/notification-email.md +# https://rsc.eworm.de/doc/mod/notification-email.md :global EMailGenerateFrom; :global FlushEmailQueue; From 6567a94a4f4e263308a0b01663448179e6554821 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:12 +0100 Subject: [PATCH 770/908] mod/notification-matrix: use short url rsc.eworm.de --- mod/notification-matrix.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mod/notification-matrix.rsc b/mod/notification-matrix.rsc index aad8b42..aee231d 100644 --- a/mod/notification-matrix.rsc +++ b/mod/notification-matrix.rsc @@ -2,12 +2,12 @@ # RouterOS script: mod/notification-matrix # Copyright (c) 2013-2025 Michael Gisbers # Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # send notifications via Matrix -# https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/notification-matrix.md +# https://rsc.eworm.de/doc/mod/notification-matrix.md :global FlushMatrixQueue; :global NotificationFunctions; From 6e7f311269a1694dbc243eb60a363f1db4d89cd8 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:12 +0100 Subject: [PATCH 771/908] mod/notification-ntfy: use short url rsc.eworm.de --- mod/notification-ntfy.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mod/notification-ntfy.rsc b/mod/notification-ntfy.rsc index 53ba9b4..df252bb 100644 --- a/mod/notification-ntfy.rsc +++ b/mod/notification-ntfy.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: mod/notification-ntfy # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # send notifications via Ntfy (ntfy.sh) -# https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/notification-ntfy.md +# https://rsc.eworm.de/doc/mod/notification-ntfy.md :global FlushNtfyQueue; :global NotificationFunctions; From 27144a428a03241a7e67859bfa6acfc37e62f6dc Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:12 +0100 Subject: [PATCH 772/908] mod/notification-telegram: use short url rsc.eworm.de --- mod/notification-telegram.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index f9700cf..a20367c 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: mod/notification-telegram # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # send notifications via Telegram -# https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/notification-telegram.md +# https://rsc.eworm.de/doc/mod/notification-telegram.md :global FlushTelegramQueue; :global NotificationFunctions; From 66ab2a85114165ca2b5f4f5a6e221eed4c560b45 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:12 +0100 Subject: [PATCH 773/908] mod/scriptrunonce: use short url rsc.eworm.de --- mod/scriptrunonce.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mod/scriptrunonce.rsc b/mod/scriptrunonce.rsc index 7e01e72..cae2b05 100644 --- a/mod/scriptrunonce.rsc +++ b/mod/scriptrunonce.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: mod/scriptrunonece # Copyright (c) 2020-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # download script and run it once -# https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/scriptrunonce.md +# https://rsc.eworm.de/doc/mod/scriptrunonce.md :global ScriptRunOnce; From ed184445783921343498f4f3589df858b2754cbd Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:12 +0100 Subject: [PATCH 774/908] mod/ssh-keys-import: use short url rsc.eworm.de --- mod/ssh-keys-import.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mod/ssh-keys-import.rsc b/mod/ssh-keys-import.rsc index ad3a81e..35aa7ec 100644 --- a/mod/ssh-keys-import.rsc +++ b/mod/ssh-keys-import.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: mod/ssh-keys-import # Copyright (c) 2020-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.16 # # import ssh keys for public key authentication -# https://git.eworm.de/cgit/routeros-scripts/about/doc/mod/ssh-keys-import.md +# https://rsc.eworm.de/doc/mod/ssh-keys-import.md :global SSHKeysImport; :global SSHKeysImportFile; From 299b34883ff508291dfa4acf04118695223c0cd3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 775/908] netwatch-dns: use short url rsc.eworm.de --- netwatch-dns.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/netwatch-dns.rsc b/netwatch-dns.rsc index 81f9d95..e05c3ac 100644 --- a/netwatch-dns.rsc +++ b/netwatch-dns.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: netwatch-dns # Copyright (c) 2022-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.16 # # monitor and manage dns/doh with netwatch -# https://git.eworm.de/cgit/routeros-scripts/about/doc/netwatch-dns.md +# https://rsc.eworm.de/doc/netwatch-dns.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 563aeb8f71da109060961a16541f56c7dc019e2b Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 776/908] netwatch-notify: use short url rsc.eworm.de --- netwatch-notify.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index e79977e..8b05c5e 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: netwatch-notify # Copyright (c) 2020-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.15 # # monitor netwatch and send notifications -# https://git.eworm.de/cgit/routeros-scripts/about/doc/netwatch-notify.md +# https://rsc.eworm.de/doc/netwatch-notify.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 719079c5c1298a4800ac482247ee9ac5a9502740 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 777/908] news-and-changes: use short url rsc.eworm.de --- news-and-changes.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/news-and-changes.rsc b/news-and-changes.rsc index 545a0c9..7508b43 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -1,6 +1,6 @@ # News, changes and migration by RouterOS Scripts # Copyright (c) 2019-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md :global IDonate; From 3b0ea3a2388c69914fa76204c6e940b60f6aee83 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:12 +0100 Subject: [PATCH 778/908] ospf-to-leds: use short url rsc.eworm.de --- ospf-to-leds.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ospf-to-leds.rsc b/ospf-to-leds.rsc index 3400e7f..9d822c1 100644 --- a/ospf-to-leds.rsc +++ b/ospf-to-leds.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: ospf-to-leds # Copyright (c) 2020-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # visualize ospf instance state via leds -# https://git.eworm.de/cgit/routeros-scripts/about/doc/ospf-to-leds.md +# https://rsc.eworm.de/doc/ospf-to-leds.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 90a148a9d86f069048974399feca29a7911e833d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:12 +0100 Subject: [PATCH 779/908] packages-update: use short url rsc.eworm.de --- packages-update.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages-update.rsc b/packages-update.rsc index 7644219..9971e47 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: packages-update # Copyright (c) 2019-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # download packages and reboot for installation -# https://git.eworm.de/cgit/routeros-scripts/about/doc/packages-update.md +# https://rsc.eworm.de/doc/packages-update.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 867e504c94faf9d87b8caa6e4d77cd5426af9f73 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:12 +0100 Subject: [PATCH 780/908] ppp-on-up: use short url rsc.eworm.de --- ppp-on-up.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ppp-on-up.rsc b/ppp-on-up.rsc index ba9d0aa..85e9689 100644 --- a/ppp-on-up.rsc +++ b/ppp-on-up.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: ppp-on-up # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # run scripts on ppp up -# https://git.eworm.de/cgit/routeros-scripts/about/doc/ppp-on-up.md +# https://rsc.eworm.de/doc/ppp-on-up.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 1f5aea9fca6ecd5706cb29c8226109281333510d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 781/908] sms-action: use short url rsc.eworm.de --- sms-action.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sms-action.rsc b/sms-action.rsc index f22a0bb..34d2127 100644 --- a/sms-action.rsc +++ b/sms-action.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: sms-action # Copyright (c) 2018-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # run action on received SMS -# https://git.eworm.de/cgit/routeros-scripts/about/doc/sms-action.md +# https://rsc.eworm.de/doc/sms-action.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 7addf2e53a73e230aeac962c9b86a1f1f7e2ddd4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:12 +0100 Subject: [PATCH 782/908] sms-forward: use short url rsc.eworm.de --- sms-forward.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sms-forward.rsc b/sms-forward.rsc index efebb75..654fd56 100644 --- a/sms-forward.rsc +++ b/sms-forward.rsc @@ -2,12 +2,12 @@ # RouterOS script: sms-forward # Copyright (c) 2013-2025 Christian Hesse # Anatoly Bubenkov -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # forward SMS to e-mail -# https://git.eworm.de/cgit/routeros-scripts/about/doc/sms-forward.md +# https://rsc.eworm.de/doc/sms-forward.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From dd2854e983685ae39465c4375bbdb7b4d27956e8 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 783/908] super-mario-theme: use short url rsc.eworm.de --- super-mario-theme.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/super-mario-theme.rsc b/super-mario-theme.rsc index fc868c8..726c526 100644 --- a/super-mario-theme.rsc +++ b/super-mario-theme.rsc @@ -1,10 +1,10 @@ #!rsc by RouterOS # RouterOS script: super-mario-theme # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # play Super Mario theme -# https://git.eworm.de/cgit/routeros-scripts/about/doc/super-mario-theme.md +# https://rsc.eworm.de/doc/super-mario-theme.md :local Beeps { { 660; 100 }; 150; { 660; 100 }; 300; { 660; 100 }; 300; From e3ca37ad9a6f49ae5990e0fb4630d40e77153439 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:12 +0100 Subject: [PATCH 784/908] telegram-chat: use short url rsc.eworm.de --- telegram-chat.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/telegram-chat.rsc b/telegram-chat.rsc index eebb617..dcdbefa 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: telegram-chat # Copyright (c) 2023-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.15 # # use Telegram to chat with your Router and send commands -# https://git.eworm.de/cgit/routeros-scripts/about/doc/telegram-chat.md +# https://rsc.eworm.de/doc/telegram-chat.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 32ac10e6efcd8967b998aef066220a75d4819e0c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 785/908] unattended-lte-firmware-upgrade: use short url rsc.eworm.de --- unattended-lte-firmware-upgrade.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/unattended-lte-firmware-upgrade.rsc b/unattended-lte-firmware-upgrade.rsc index ea18edf..c7df92f 100644 --- a/unattended-lte-firmware-upgrade.rsc +++ b/unattended-lte-firmware-upgrade.rsc @@ -1,12 +1,12 @@ #!rsc by RouterOS # RouterOS script: unattended-lte-firmware-upgrade # Copyright (c) 2018-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # schedule unattended lte firmware upgrade -# https://git.eworm.de/cgit/routeros-scripts/about/doc/unattended-lte-firmware-upgrade.md +# https://rsc.eworm.de/doc/unattended-lte-firmware-upgrade.md :foreach Interface in=[ /interface/lte/find where running ] do={ :local Firmware; From 49aef0606bb36ee1b0d2ed93e7ce6b63d38338da Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 786/908] update-gre-address: use short url rsc.eworm.de --- update-gre-address.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/update-gre-address.rsc b/update-gre-address.rsc index 4ac311a..6b169a0 100644 --- a/update-gre-address.rsc +++ b/update-gre-address.rsc @@ -1,13 +1,13 @@ #!rsc by RouterOS # RouterOS script: update-gre-address # Copyright (c) 2013-2025 Christian Hesse -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 # # update gre interface remote address with dynamic address from # ipsec remote peer -# https://git.eworm.de/cgit/routeros-scripts/about/doc/update-gre-address.md +# https://rsc.eworm.de/doc/update-gre-address.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From c04ee5aadf4880bcea019f1cdcc1bfca918cce2c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 24 Jan 2025 20:46:11 +0100 Subject: [PATCH 787/908] update-tunnelbroker: use short url rsc.eworm.de --- update-tunnelbroker.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/update-tunnelbroker.rsc b/update-tunnelbroker.rsc index 589544c..c47a45f 100644 --- a/update-tunnelbroker.rsc +++ b/update-tunnelbroker.rsc @@ -2,13 +2,13 @@ # RouterOS script: update-tunnelbroker # Copyright (c) 2013-2025 Christian Hesse # Michael Gisbers -# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md +# https://rsc.eworm.de/COPYING.md # # provides: ppp-on-up # requires RouterOS, version=7.14 # # update local address of tunnelbroker interface -# https://git.eworm.de/cgit/routeros-scripts/about/doc/update-tunnelbroker.md +# https://rsc.eworm.de/doc/update-tunnelbroker.md :global GlobalFunctionsReady; :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } From 106a9bddefd7577b4baf7ae1d78e1bbde09b281e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 09:18:48 +0100 Subject: [PATCH 788/908] README: give hint on device mode --- README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/README.md b/README.md index 98209bd..8594f58 100644 --- a/README.md +++ b/README.md @@ -34,6 +34,12 @@ Specific scripts may require even newer RouterOS version. > ℹ️ **Info**: The `main` branch is now RouterOS v7 only. If you are still > running RouterOS v6 switch to `routeros-v6` branch! +Starting with RouterOS 7.17 the +[device-mode](https://help.mikrotik.com/docs/spaces/ROS/pages/93749258/Device-mode) +has been extended to give more fine-grained control over what features are +available. You need to enable `scheduler` and `fetch` at least, specific +scripts may require additional features. + ### Hardware RouterOS packages increase in size with each release. This becomes a From b177e298d7b447c41854d840eed6f687b6cec8b6 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 09:45:25 +0100 Subject: [PATCH 789/908] global-functions: $ScriptInstallUpdate: support checking for device-mode features --- global-functions.rsc | 34 ++++++++++++++++++++++++---------- 1 file changed, 24 insertions(+), 10 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index d5ac31c..7d65f45 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -5,6 +5,7 @@ # https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 +# requires device-mode, fetch, scheduler # # global functions # https://rsc.eworm.de/ @@ -1071,6 +1072,7 @@ :local ExpectedConfigVersionBefore $ExpectedConfigVersion; :local ReloadGlobalFunctions false; :local ReloadGlobalConfig false; + :local DeviceMode [ /system/device-mode/get ]; :foreach Script in=[ /system/script/find where source~"^#!rsc by RouterOS\r?\n" ] do={ :local ScriptVal [ /system/script/get $Script ]; @@ -1113,19 +1115,31 @@ :if ([ :pick $SourceNew 0 18 ] = "#!rsc by RouterOS\n") do={ :local Required ([ $ParseKeyValueStore [ $Grep $SourceNew ("\23 requires RouterOS, ") ] ]->"version"); :if ([ $RequiredRouterOS $0 [ $EitherOr $Required "0.0" ] false ] = true) do={ - :if ([ $ValidateSyntax $SourceNew ] = true) do={ - $LogPrint info $0 ("Updating script: " . $ScriptVal->"name"); - /system/script/set owner=($ScriptVal->"name") \ - source=[ $IfThenElse ($ScriptUpdatesCRLF = true) $SourceCRLF $SourceNew ] $Script; - :if ($ScriptVal->"name" = "global-config") do={ - :set ReloadGlobalConfig true; + :local RequiredDM [ $ParseKeyValueStore [ $Grep $SourceNew ("\23 requires device-mode, ") ] ]; + :local MissingDM ({}); + :foreach Feature,Value in=$RequiredDM do={ + :if ([ :typeof ($DeviceMode->$Feature) ] = "bool" && ($DeviceMode->$Feature) = false) do={ + :set MissingDM ($MissingDM, $Feature); } - :if ($ScriptVal->"name" = "global-functions" || $ScriptVal->"name" ~ ("^mod/.")) do={ - :set ReloadGlobalFunctions true; + } + :if ([ :len $MissingDM ] = 0) do={ + :if ([ $ValidateSyntax $SourceNew ] = true) do={ + $LogPrint info $0 ("Updating script: " . $ScriptVal->"name"); + /system/script/set owner=($ScriptVal->"name") \ + source=[ $IfThenElse ($ScriptUpdatesCRLF = true) $SourceCRLF $SourceNew ] $Script; + :if ($ScriptVal->"name" = "global-config") do={ + :set ReloadGlobalConfig true; + } + :if ($ScriptVal->"name" = "global-functions" || $ScriptVal->"name" ~ ("^mod/.")) do={ + :set ReloadGlobalFunctions true; + } + } else={ + $LogPrint warning $0 ("Syntax validation for script '" . $ScriptVal->"name" . \ + "' failed! Ignoring!"); } } else={ - $LogPrint warning $0 ("Syntax validation for script '" . $ScriptVal->"name" . \ - "' failed! Ignoring!"); + $LogPrintOnce warning $0 ("The script '" . $ScriptVal->"name" . "' requires disabled " . \ + "device-mode features (" . [ :tostr $MissingDM ] . "). Ignoring!"); } } else={ $LogPrintOnce warning $0 ("The script '" . $ScriptVal->"name" . "' requires RouterOS " . \ From aebc4e37da1a8e9ed1b343a83c7d60ac50fab9d5 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 10:26:22 +0100 Subject: [PATCH 790/908] backup-partition: add dependencies on device-mode --- backup-partition.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/backup-partition.rsc b/backup-partition.rsc index b8bf7b1..bfa7765 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -5,6 +5,7 @@ # # provides: backup-script, order=70 # requires RouterOS, version=7.14 +# requires device-mode, scheduler # # save configuration to fallback partition # https://rsc.eworm.de/doc/backup-partition.md From d81a786e8288fea463c7188f1939c59713add31a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 10:20:26 +0100 Subject: [PATCH 791/908] backup-upload: add dependencies on device-mode --- backup-upload.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/backup-upload.rsc b/backup-upload.rsc index 011c502..dc5120f 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -5,6 +5,7 @@ # # provides: backup-script, order=50 # requires RouterOS, version=7.14 +# requires device-mode, fetch # # create and upload backup and config file # https://rsc.eworm.de/doc/backup-upload.md From 95b675f67ec9d7c5a9df01a54c1754834b02beee Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 10:21:12 +0100 Subject: [PATCH 792/908] check-certificates: add dependencies on device-mode --- check-certificates.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/check-certificates.rsc b/check-certificates.rsc index 02e3e52..4271e00 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -4,6 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 +# requires device-mode, fetch # # check for certificate validity # https://rsc.eworm.de/doc/check-certificates.md From 43f6c0b975bb4db73131f78014ca3d59123bd4a6 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 10:21:26 +0100 Subject: [PATCH 793/908] check-routeros-update: add dependencies on device-mode --- check-routeros-update.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index 9486d6c..5c9b392 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -4,6 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 +# requires device-mode, fetch, scheduler # # check for RouterOS update, send notification and/or install # https://rsc.eworm.de/doc/check-routeros-update.md From bc0227c49b99372ff46516e55175cf6ae1da31d3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 10:21:40 +0100 Subject: [PATCH 794/908] gps-track: add dependencies on device-mode --- gps-track.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/gps-track.rsc b/gps-track.rsc index 08873de..5e35f8d 100644 --- a/gps-track.rsc +++ b/gps-track.rsc @@ -4,6 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 +# requires device-mode, fetch # # track gps data by sending json data to http server # https://rsc.eworm.de/doc/gps-track.md From e29ef31eb85e9b9001536ed1bb63a0b479cf4cad Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 10:35:31 +0100 Subject: [PATCH 795/908] hotspot-to-wpa: add dependencies on device-mode --- hotspot-to-wpa.capsman.rsc | 1 + hotspot-to-wpa.template.rsc | 1 + hotspot-to-wpa.wifi.rsc | 1 + 3 files changed, 3 insertions(+) diff --git a/hotspot-to-wpa.capsman.rsc b/hotspot-to-wpa.capsman.rsc index 1c77de9..de9f9d9 100644 --- a/hotspot-to-wpa.capsman.rsc +++ b/hotspot-to-wpa.capsman.rsc @@ -4,6 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 +# requires device-mode, hotspot # # add private WPA passphrase after hotspot login # https://rsc.eworm.de/doc/hotspot-to-wpa.md diff --git a/hotspot-to-wpa.template.rsc b/hotspot-to-wpa.template.rsc index d8cd261..003b12e 100644 --- a/hotspot-to-wpa.template.rsc +++ b/hotspot-to-wpa.template.rsc @@ -4,6 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 +# requires device-mode, hotspot # # add private WPA passphrase after hotspot login # https://rsc.eworm.de/doc/hotspot-to-wpa.md diff --git a/hotspot-to-wpa.wifi.rsc b/hotspot-to-wpa.wifi.rsc index 345087d..0d6a7b9 100644 --- a/hotspot-to-wpa.wifi.rsc +++ b/hotspot-to-wpa.wifi.rsc @@ -4,6 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 +# requires device-mode, hotspot # # add private WPA passphrase after hotspot login # https://rsc.eworm.de/doc/hotspot-to-wpa.md From 1ad4d05be8a69490902308baa515b8c87095bb2d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 10:35:23 +0100 Subject: [PATCH 796/908] hotspot-to-wpa-cleanup: add dependencies on device-mode --- hotspot-to-wpa-cleanup.capsman.rsc | 1 + hotspot-to-wpa-cleanup.template.rsc | 1 + hotspot-to-wpa-cleanup.wifi.rsc | 1 + 3 files changed, 3 insertions(+) diff --git a/hotspot-to-wpa-cleanup.capsman.rsc b/hotspot-to-wpa-cleanup.capsman.rsc index fde36f9..c21ec3e 100644 --- a/hotspot-to-wpa-cleanup.capsman.rsc +++ b/hotspot-to-wpa-cleanup.capsman.rsc @@ -5,6 +5,7 @@ # # provides: lease-script, order=80 # requires RouterOS, version=7.14 +# requires device-mode, hotspot # # manage and clean up private WPA passphrase after hotspot login # https://rsc.eworm.de/doc/hotspot-to-wpa.md diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc index 3ddcbe0..1bd877e 100644 --- a/hotspot-to-wpa-cleanup.template.rsc +++ b/hotspot-to-wpa-cleanup.template.rsc @@ -5,6 +5,7 @@ # # provides: lease-script, order=80 # requires RouterOS, version=7.14 +# requires device-mode, hotspot # # manage and clean up private WPA passphrase after hotspot login # https://rsc.eworm.de/doc/hotspot-to-wpa.md diff --git a/hotspot-to-wpa-cleanup.wifi.rsc b/hotspot-to-wpa-cleanup.wifi.rsc index 034530b..8e36204 100644 --- a/hotspot-to-wpa-cleanup.wifi.rsc +++ b/hotspot-to-wpa-cleanup.wifi.rsc @@ -5,6 +5,7 @@ # # provides: lease-script, order=80 # requires RouterOS, version=7.14 +# requires device-mode, hotspot # # manage and clean up private WPA passphrase after hotspot login # https://rsc.eworm.de/doc/hotspot-to-wpa.md From 5f1cbe6de5466ccaaf1b5eb29f7087f04cf342c3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 10:25:15 +0100 Subject: [PATCH 797/908] ipsec-to-dns: add dependencies on device-mode --- ipsec-to-dns.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/ipsec-to-dns.rsc b/ipsec-to-dns.rsc index 1af5809..91f6b45 100644 --- a/ipsec-to-dns.rsc +++ b/ipsec-to-dns.rsc @@ -4,6 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 +# requires device-mode, ipsec # # and add/remove/update DNS entries from IPSec mode-config # https://rsc.eworm.de/doc/ipsec-to-dns.md From 56e74268b079fba7bda8803c0d88eeb67d0f4397 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 10:31:30 +0100 Subject: [PATCH 798/908] mode-button: add dependencies on device-mode --- mode-button.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/mode-button.rsc b/mode-button.rsc index 9339f1c..4cf5e75 100644 --- a/mode-button.rsc +++ b/mode-button.rsc @@ -4,6 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 +# requires device-mode, scheduler # # act on multiple mode and reset button presses # https://rsc.eworm.de/doc/mode-button.md From 370e81321fe485a94560b4debe2ce7044c99e86f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 10:15:49 +0100 Subject: [PATCH 799/908] mod/notification-email: add dependencies on device-mode --- mod/notification-email.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index ca23550..404e74d 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -4,6 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 +# requires device-mode, email, scheduler # # send notifications via e-mail # https://rsc.eworm.de/doc/mod/notification-email.md From 9a12934202c1bf8f46b326b37e7b06d84609c4ce Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 10:21:57 +0100 Subject: [PATCH 800/908] mod/notification-matrix: add dependencies on device-mode --- mod/notification-matrix.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/mod/notification-matrix.rsc b/mod/notification-matrix.rsc index aee231d..9b2b641 100644 --- a/mod/notification-matrix.rsc +++ b/mod/notification-matrix.rsc @@ -5,6 +5,7 @@ # https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 +# requires device-mode, fetch, scheduler # # send notifications via Matrix # https://rsc.eworm.de/doc/mod/notification-matrix.md From 9f2f54b4790659189c60e72918cc200625c22d25 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 10:22:08 +0100 Subject: [PATCH 801/908] mod/notification-ntfy: add dependencies on device-mode --- mod/notification-ntfy.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/mod/notification-ntfy.rsc b/mod/notification-ntfy.rsc index df252bb..212fde2 100644 --- a/mod/notification-ntfy.rsc +++ b/mod/notification-ntfy.rsc @@ -4,6 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 +# requires device-mode, fetch, scheduler # # send notifications via Ntfy (ntfy.sh) # https://rsc.eworm.de/doc/mod/notification-ntfy.md From 378a8978dfb86f1f690732cc0e513330282bcd98 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 10:22:22 +0100 Subject: [PATCH 802/908] mod/notification-telegram: add dependencies on device-mode --- mod/notification-telegram.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index a20367c..c3ef2dd 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -4,6 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 +# requires device-mode, fetch, scheduler # # send notifications via Telegram # https://rsc.eworm.de/doc/mod/notification-telegram.md From 59c9d0ce4bf97407a5f35d8556ecc9f4f03ca752 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 10:22:43 +0100 Subject: [PATCH 803/908] mod/scriptrunonce: add dependencies on device-mode --- mod/scriptrunonce.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/mod/scriptrunonce.rsc b/mod/scriptrunonce.rsc index cae2b05..e5368c4 100644 --- a/mod/scriptrunonce.rsc +++ b/mod/scriptrunonce.rsc @@ -4,6 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 +# requires device-mode, fetch # # download script and run it once # https://rsc.eworm.de/doc/mod/scriptrunonce.md From 3ef458860153ab858eec70e0899efa91a84236d4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 10:22:55 +0100 Subject: [PATCH 804/908] netwatch-dns: add dependencies on device-mode --- netwatch-dns.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/netwatch-dns.rsc b/netwatch-dns.rsc index e05c3ac..467d636 100644 --- a/netwatch-dns.rsc +++ b/netwatch-dns.rsc @@ -4,6 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.16 +# requires device-mode, fetch # # monitor and manage dns/doh with netwatch # https://rsc.eworm.de/doc/netwatch-dns.md From 8dc1e1ea6bdb815de28823dfa43d1cfeda67379f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 10:32:17 +0100 Subject: [PATCH 805/908] packages-update: add dependencies on device-mode --- packages-update.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/packages-update.rsc b/packages-update.rsc index 9971e47..ff47b2a 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -4,6 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 +# requires device-mode, scheduler # # download packages and reboot for installation # https://rsc.eworm.de/doc/packages-update.md From ef48b8d39ebacf2bd1c560c6dea33399a9a47b47 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 10:23:58 +0100 Subject: [PATCH 806/908] telegram-chat: add dependencies on device-mode --- telegram-chat.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/telegram-chat.rsc b/telegram-chat.rsc index dcdbefa..8f29d8c 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -4,6 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.15 +# requires device-mode, fetch # # use Telegram to chat with your Router and send commands # https://rsc.eworm.de/doc/telegram-chat.md From 9421566352041654e1f2ded815739b040eec1df4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 10:28:40 +0100 Subject: [PATCH 807/908] unattended-lte-firmware-upgrade: add dependencies on device-mode --- unattended-lte-firmware-upgrade.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/unattended-lte-firmware-upgrade.rsc b/unattended-lte-firmware-upgrade.rsc index c7df92f..74495d1 100644 --- a/unattended-lte-firmware-upgrade.rsc +++ b/unattended-lte-firmware-upgrade.rsc @@ -4,6 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.14 +# requires device-mode, scheduler # # schedule unattended lte firmware upgrade # https://rsc.eworm.de/doc/unattended-lte-firmware-upgrade.md From d921af9a6bda54da74f6b7520db1a8e5697c8c3e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 10:23:06 +0100 Subject: [PATCH 808/908] update-tunnelbroker: add dependencies on device-mode --- update-tunnelbroker.rsc | 1 + 1 file changed, 1 insertion(+) diff --git a/update-tunnelbroker.rsc b/update-tunnelbroker.rsc index c47a45f..a58589b 100644 --- a/update-tunnelbroker.rsc +++ b/update-tunnelbroker.rsc @@ -6,6 +6,7 @@ # # provides: ppp-on-up # requires RouterOS, version=7.14 +# requires device-mode, fetch # # update local address of tunnelbroker interface # https://rsc.eworm.de/doc/update-tunnelbroker.md From 8b19e74736693483faf533fd22fce458ae4fac9e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 21:58:47 +0100 Subject: [PATCH 809/908] global-functions: $ScriptInstallUpdate: resolve nested conditions... MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ... and check one after another in a do-block. This uses `:error` as poor man's continue. 🤪 --- global-functions.rsc | 97 ++++++++++++++++++++++++-------------------- 1 file changed, 52 insertions(+), 45 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 7d65f45..befe8f0 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1109,52 +1109,59 @@ } } - :if ([ :len $SourceNew ] > 0) do={ - :local SourceCRLF [ :tocrlf $SourceNew ]; - :if ($SourceNew != $ScriptVal->"source" && $SourceCRLF != $ScriptVal->"source") do={ - :if ([ :pick $SourceNew 0 18 ] = "#!rsc by RouterOS\n") do={ - :local Required ([ $ParseKeyValueStore [ $Grep $SourceNew ("\23 requires RouterOS, ") ] ]->"version"); - :if ([ $RequiredRouterOS $0 [ $EitherOr $Required "0.0" ] false ] = true) do={ - :local RequiredDM [ $ParseKeyValueStore [ $Grep $SourceNew ("\23 requires device-mode, ") ] ]; - :local MissingDM ({}); - :foreach Feature,Value in=$RequiredDM do={ - :if ([ :typeof ($DeviceMode->$Feature) ] = "bool" && ($DeviceMode->$Feature) = false) do={ - :set MissingDM ($MissingDM, $Feature); - } - } - :if ([ :len $MissingDM ] = 0) do={ - :if ([ $ValidateSyntax $SourceNew ] = true) do={ - $LogPrint info $0 ("Updating script: " . $ScriptVal->"name"); - /system/script/set owner=($ScriptVal->"name") \ - source=[ $IfThenElse ($ScriptUpdatesCRLF = true) $SourceCRLF $SourceNew ] $Script; - :if ($ScriptVal->"name" = "global-config") do={ - :set ReloadGlobalConfig true; - } - :if ($ScriptVal->"name" = "global-functions" || $ScriptVal->"name" ~ ("^mod/.")) do={ - :set ReloadGlobalFunctions true; - } - } else={ - $LogPrint warning $0 ("Syntax validation for script '" . $ScriptVal->"name" . \ - "' failed! Ignoring!"); - } - } else={ - $LogPrintOnce warning $0 ("The script '" . $ScriptVal->"name" . "' requires disabled " . \ - "device-mode features (" . [ :tostr $MissingDM ] . "). Ignoring!"); - } - } else={ - $LogPrintOnce warning $0 ("The script '" . $ScriptVal->"name" . "' requires RouterOS " . \ - $Required . ", which is not met by your installation. Ignoring!"); - } - } else={ - $LogPrint warning $0 ("Looks like new script '" . $ScriptVal->"name" . \ - "' is not valid (missing shebang). Ignoring!"); - } - } else={ - $LogPrint debug $0 ("Script '" . $ScriptVal->"name" . "' did not change."); + :do { + :if ([ :len $SourceNew ] = 0) do={ + $LogPrint debug $0 ("No update for script '" . $ScriptVal->"name" . "'."); + :error false; } - } else={ - $LogPrint debug $0 ("No update for script '" . $ScriptVal->"name" . "'."); - } + + :local SourceCRLF [ :tocrlf $SourceNew ]; + :if ($SourceNew = $ScriptVal->"source" || $SourceCRLF = $ScriptVal->"source") do={ + $LogPrint debug $0 ("Script '" . $ScriptVal->"name" . "' did not change."); + :error false; + } + + :if ([ :pick $SourceNew 0 18 ] != "#!rsc by RouterOS\n") do={ + $LogPrint warning $0 ("Looks like new script '" . $ScriptVal->"name" . \ + "' is not valid (missing shebang). Ignoring!"); + :error false; + } + + :local RequiredROS ([ $ParseKeyValueStore [ $Grep $SourceNew ("\23 requires RouterOS, ") ] ]->"version"); + :if ([ $RequiredRouterOS $0 [ $EitherOr $RequiredROS "0.0" ] false ] = false) do={ + $LogPrintOnce warning $0 ("The script '" . $ScriptVal->"name" . "' requires RouterOS " . \ + $RequiredROS . ", which is not met by your installation. Ignoring!"); + :error false; + } + + :local RequiredDM [ $ParseKeyValueStore [ $Grep $SourceNew ("\23 requires device-mode, ") ] ]; + :local MissingDM ({}); + :foreach Feature,Value in=$RequiredDM do={ + :if ([ :typeof ($DeviceMode->$Feature) ] = "bool" && ($DeviceMode->$Feature) = false) do={ + :set MissingDM ($MissingDM, $Feature); + } + } + :if ([ :len $MissingDM ] > 0) do={ + $LogPrintOnce warning $0 ("The script '" . $ScriptVal->"name" . "' requires disabled " . \ + "device-mode features (" . [ :tostr $MissingDM ] . "). Ignoring!"); + :error false; + } + + :if ([ $ValidateSyntax $SourceNew ] = false) do={ + $LogPrint warning $0 ("Syntax validation for script '" . $ScriptVal->"name" . "' failed! Ignoring!"); + :error false; + } + + $LogPrint info $0 ("Updating script: " . $ScriptVal->"name"); + /system/script/set owner=($ScriptVal->"name") \ + source=[ $IfThenElse ($ScriptUpdatesCRLF = true) $SourceCRLF $SourceNew ] $Script; + :if ($ScriptVal->"name" = "global-config") do={ + :set ReloadGlobalConfig true; + } + :if ($ScriptVal->"name" = "global-functions" || $ScriptVal->"name" ~ ("^mod/.")) do={ + :set ReloadGlobalFunctions true; + } + } on-error={ } } :if ($ReloadGlobalFunctions = true) do={ From 414c83ef814af82d53f5b4de3a8d6b5a004704c1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 29 Jan 2025 22:07:06 +0100 Subject: [PATCH 810/908] global-functions: $ScriptInstallUpdate: resolve more nested conditions Just like the previous one. --- global-functions.rsc | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index befe8f0..a2ec833 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1221,18 +1221,24 @@ :if ([ :len $GlobalConfigMigration ] > 0) do={ :for I from=($ExpectedConfigVersionBefore + 1) to=$ExpectedConfigVersion do={ :local Migration ($GlobalConfigMigration->[ :tostr $I ]); - :if ([ :typeof $Migration ] = "str") do={ - :if ([ $ValidateSyntax $Migration ] = true) do={ - $LogPrint info $0 ("Applying migration for change " . $I . ": " . $Migration); - :do { - [ :parse $Migration ]; - } on-error={ - $LogPrint warning $0 ("Migration code for change " . $I . " failed to run!"); - } - } else={ - $LogPrint warning $0 ("Migration code for change " . $I . " failed syntax validation!"); + :do { + :if ([ :typeof $Migration ] != "str") do={ + $LogPrint debug $0 ("Migration code for change " . $I . " is not available."); + :error false; } - } + + :if ([ $ValidateSyntax $Migration ] = false) do={ + $LogPrint warning $0 ("Migration code for change " . $I . " failed syntax validation!"); + :error false; + } + + $LogPrint info $0 ("Applying migration for change " . $I . ": " . $Migration); + :do { + [ :parse $Migration ]; + } on-error={ + $LogPrint warning $0 ("Migration code for change " . $I . " failed to run!"); + } + } on-error={ } } } From aa294b4c67d038eae1b4e785dfd934176a1fb704 Mon Sep 17 00:00:00 2001 From: Miquel Bonastre Date: Thu, 30 Jan 2025 20:27:14 +0100 Subject: [PATCH 811/908] certs: fix curl false positives... ... when default capath contains system certs If curl has a default capath (debian 12 capath=/etc/ssl/certs) it will add those certs and return ok to any valid https url, defeating the intended use of the cacert option in the Makefile that validates sites and certs. To avoid that, adding option "--capath /dev/null" overrides the default value, if any. Closes: https://github.com/eworm-de/routeros-scripts/pull/88 --- certs/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/certs/Makefile b/certs/Makefile index 870cb54..b5f6a92 100644 --- a/certs/Makefile +++ b/certs/Makefile @@ -29,4 +29,4 @@ DOMAINS = \ all: $(DOMAINS) $(DOMAINS): - curl --output /dev/null --silent --connect-timeout 5 --cacert $(notdir $@).pem https://$(dir $@) + curl --output /dev/null --silent --connect-timeout 5 --capath /dev/null --cacert $(notdir $@).pem https://$(dir $@) From fcb5347e3398dd8c77c44904a4bf0cefc57f3174 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 30 Jan 2025 22:16:49 +0100 Subject: [PATCH 812/908] certs: split checks for dual, ipv4 & ipv6... ... and check both if available. --- certs/Makefile | 48 ++++++++++++++++++++++++++++++++++-------------- 1 file changed, 34 insertions(+), 14 deletions(-) diff --git a/certs/Makefile b/certs/Makefile index b5f6a92..87b4feb 100644 --- a/certs/Makefile +++ b/certs/Makefile @@ -1,32 +1,52 @@ # Makefile to check certificates -DOMAINS = \ - 1.1.1.1/DigiCert-Global-Root-G2 \ - 8.8.8.8/GTS-Root-R1 \ - 9.9.9.9/DigiCert-Global-Root-G3 \ +CURL = curl \ + --capath /dev/null \ + --connect-timeout 5 \ + --output /dev/null \ + --silent + +DOMAINS_DUAL = \ api.macvendors.com/GTS-Root-R4 \ - api.mullvad.net/ISRG-Root-X1 \ api.telegram.org/Go-Daddy-Root-Certificate-Authority-G2 \ cloudflare-dns.com/DigiCert-Global-Root-G2 \ dns.google/GTS-Root-R1 \ dns.quad9.net/DigiCert-Global-Root-G3 \ - feodotracker.abuse.ch/GlobalSign \ git.eworm.de/ISRG-Root-X2 \ - ipv4.showipv6.de/ISRG-Root-X1 \ - ipv4.tunnelbroker.net/Starfield-Root-Certificate-Authority-G2 \ - ipv6.showipv6.de/ISRG-Root-X1 \ lists.blocklist.de/Certum-Trusted-Network-CA \ matrix.org/GTS-Root-R4 \ + raw.githubusercontent.com/DigiCert-Global-Root-G2 \ + rsc.eworm.de/ISRG-Root-X2 \ + upgrade.mikrotik.com/ISRG-Root-X1 +DOMAINS_IPV4 = \ + 1.1.1.1/DigiCert-Global-Root-G2 \ + 8.8.8.8/GTS-Root-R1 \ + 9.9.9.9/DigiCert-Global-Root-G3 \ + api.mullvad.net/ISRG-Root-X1 \ + feodotracker.abuse.ch/GlobalSign \ + ipv4.showipv6.de/ISRG-Root-X1 \ + ipv4.tunnelbroker.net/Starfield-Root-Certificate-Authority-G2 \ mkcert.org/ISRG-Root-X1 \ ntfy.sh/ISRG-Root-X1 \ sslbl.abuse.ch/GlobalSign \ - upgrade.mikrotik.com/ISRG-Root-X1 \ www.dshield.org/ISRG-Root-X1 \ www.spamhaus.org/GTS-Root-R4 +DOMAINS_IPV6 = \ + [2606\:4700\:4700\:\:1111]/DigiCert-Global-Root-G2 \ + [2001\:4860\:4860\:\:8888]/GTS-Root-R1 \ + [2620\:fe\:\:9]/DigiCert-Global-Root-G3 \ + ipv6.showipv6.de/ISRG-Root-X1 -.PHONY: $(DOMAINS) +.PHONY: $(DOMAINS_DUAL) $(DOMAINS_IPV4) $(DOMAINS_IPV6) -all: $(DOMAINS) +all: $(DOMAINS_DUAL) $(DOMAINS_IPV4) $(DOMAINS_IPV6) -$(DOMAINS): - curl --output /dev/null --silent --connect-timeout 5 --capath /dev/null --cacert $(notdir $@).pem https://$(dir $@) +$(DOMAINS_DUAL): + $(CURL) -4 --cacert $(notdir $@).pem https://$(dir $@) + $(CURL) -6 --cacert $(notdir $@).pem https://$(dir $@) + +$(DOMAINS_IPV4): + $(CURL) -4 --cacert $(notdir $@).pem https://$(dir $@) + +$(DOMAINS_IPV6): + $(CURL) -6 --cacert $(notdir $@).pem https://$(dir $@) From 87fb70534f8d86509505185f787118c64b3924ba Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 30 Jan 2025 22:25:55 +0100 Subject: [PATCH 813/908] certs: support checking ipv4 or ipv6 only Just run for IPv4 only: make NOIPV6=1 ... or for IPv6 only: make NOIPV4=1 --- certs/Makefile | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/certs/Makefile b/certs/Makefile index 87b4feb..5dfb0d1 100644 --- a/certs/Makefile +++ b/certs/Makefile @@ -42,11 +42,19 @@ DOMAINS_IPV6 = \ all: $(DOMAINS_DUAL) $(DOMAINS_IPV4) $(DOMAINS_IPV6) $(DOMAINS_DUAL): +ifndef NOIPV4 $(CURL) -4 --cacert $(notdir $@).pem https://$(dir $@) +endif +ifndef NOIPV6 $(CURL) -6 --cacert $(notdir $@).pem https://$(dir $@) +endif $(DOMAINS_IPV4): +ifndef NOIPV4 $(CURL) -4 --cacert $(notdir $@).pem https://$(dir $@) +endif $(DOMAINS_IPV6): +ifndef NOIPV6 $(CURL) -6 --cacert $(notdir $@).pem https://$(dir $@) +endif From 0eb91b6bfa8e22f24f0be8052ae2b93c0114ae59 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 30 Jan 2025 22:30:57 +0100 Subject: [PATCH 814/908] update list of contributors --- CONTRIBUTIONS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CONTRIBUTIONS.md b/CONTRIBUTIONS.md index ed1d6fa..ef1bd8b 100644 --- a/CONTRIBUTIONS.md +++ b/CONTRIBUTIONS.md @@ -22,6 +22,7 @@ for details! * [Daniel Ziegenberg](mailto:daniel@ziegenberg.at) (@ziegenberg) * [Ignacio Serrano](mailto:ignic@ignic.com) (@ignic) * [Michael Gisbers](mailto:michael@gisbers.de) (@mgisbers) +* [Miquel Bonastre](mailto:mbonastre@yahoo.com) (@mbonastre) * @netravnen * [netztrip](mailto:dave-tvg@netztrip.de) (@netztrip) * [Stefan Müller](mailto:stefan.mueller.83@gmail.com) (@PackElend) From 44d0c852f11cce04139a25613822f103e39e06b1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 31 Jan 2025 11:39:51 +0100 Subject: [PATCH 815/908] check-certificates: try with "star." for renewal with wildcards --- check-certificates.rsc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/check-certificates.rsc b/check-certificates.rsc index 4271e00..a61cf81 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -158,6 +158,10 @@ :if ($ImportSuccess = false) do={ :set LastName [ :pick $SAN ([ :find $SAN ":" ] + 1) [ :len $SAN ] ]; :set ImportSuccess [ $CheckCertificatesDownloadImport $ScriptName $LastName ]; + :if ($ImportSuccess = false && [ :pick $LastName 0 ] = "*") do={ + :set LastName ("star." . [ :pick $LastName 2 [ :len $LastName ] ]); + :set ImportSuccess [ $CheckCertificatesDownloadImport $ScriptName $LastName ]; + } } } :if ($ImportSuccess = false) do={ :error false; } From 75e5ddec527ac505540306ca5b26b7c40cdb1b5d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 31 Jan 2025 13:09:22 +0100 Subject: [PATCH 816/908] check-certificates: do not rename the wrong certificate --- check-certificates.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index a61cf81..2900a83 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -68,8 +68,10 @@ $LogPrint warning $ScriptName ("Decryption failed for certificate file '" . $CertFileName . "'."); } - :foreach CertInChain in=[ /certificate/find where name~("^" . [ $EscapeForRegEx $CertFileName ] . "_[0-9]+\$") \ - common-name!=$Name !(subject-alt-name~("(^|\\W)(DNS|IP):" . [ $EscapeForRegEx $Name ] . "(\\W|\$)")) !(common-name=[]) ] do={ + :foreach CertInChain in=[ /certificate/find where common-name!=$Name !private-key \ + name~("^" . [ $EscapeForRegEx $CertFileName ] . "_[0-9]+\$") \ + !(subject-alt-name~("(^|\\W)(DNS|IP):" . [ $EscapeForRegEx $Name ] . "(\\W|\$)")) \ + !(common-name=[]) ] do={ $CertificateNameByCN [ /certificate/get $CertInChain common-name ]; } From eabe3f6e951010ff9c112d82ee27bc39e3786960 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 31 Jan 2025 21:33:57 +0100 Subject: [PATCH 817/908] check-certificates: pass real and modified name into function --- check-certificates.rsc | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index 2900a83..b986179 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -34,7 +34,8 @@ :local CheckCertificatesDownloadImport do={ :local ScriptName [ :tostr $1 ]; - :local Name [ :tostr $2 ]; + :local CertName [ :tostr $2 ]; + :local FetchName [ :tostr $3 ]; :global CertRenewUrl; :global CertRenewPass; @@ -49,7 +50,7 @@ :local Return false; :foreach Type in={ ".pem"; ".p12" } do={ - :local CertFileName ([ $UrlEncode $Name ] . $Type); + :local CertFileName ([ $UrlEncode $FetchName ] . $Type); :do { /tool/fetch check-certificate=yes-without-crl http-header-field=({ [ $FetchUserAgentStr $ScriptName ] }) \ ($CertRenewUrl . $CertFileName) dst-path=$CertFileName as-value; @@ -68,9 +69,9 @@ $LogPrint warning $ScriptName ("Decryption failed for certificate file '" . $CertFileName . "'."); } - :foreach CertInChain in=[ /certificate/find where common-name!=$Name !private-key \ + :foreach CertInChain in=[ /certificate/find where common-name!=$CertName !private-key \ name~("^" . [ $EscapeForRegEx $CertFileName ] . "_[0-9]+\$") \ - !(subject-alt-name~("(^|\\W)(DNS|IP):" . [ $EscapeForRegEx $Name ] . "(\\W|\$)")) \ + !(subject-alt-name~("(^|\\W)(DNS|IP):" . [ $EscapeForRegEx $CertName ] . "(\\W|\$)")) \ !(common-name=[]) ] do={ $CertificateNameByCN [ /certificate/get $CertInChain common-name ]; } @@ -145,6 +146,7 @@ :foreach Cert in=[ /certificate/find where !revoked !ca !scep-url expires-after<$CertRenewTime ] do={ :local CertVal [ /certificate/get $Cert ]; :local LastName; + :local FetchName; :do { :if ([ :len $CertRenewUrl ] = 0) do={ @@ -155,14 +157,16 @@ :local ImportSuccess false; :set LastName ($CertVal->"common-name"); - :set ImportSuccess [ $CheckCertificatesDownloadImport $ScriptName $LastName ]; + :set FetchName $LastName; + :set ImportSuccess [ $CheckCertificatesDownloadImport $ScriptName $LastName $FetchName ]; :foreach SAN in=($CertVal->"subject-alt-name") do={ :if ($ImportSuccess = false) do={ :set LastName [ :pick $SAN ([ :find $SAN ":" ] + 1) [ :len $SAN ] ]; - :set ImportSuccess [ $CheckCertificatesDownloadImport $ScriptName $LastName ]; + :set FetchName $LastName; + :set ImportSuccess [ $CheckCertificatesDownloadImport $ScriptName $LastName $FetchName ]; :if ($ImportSuccess = false && [ :pick $LastName 0 ] = "*") do={ - :set LastName ("star." . [ :pick $LastName 2 [ :len $LastName ] ]); - :set ImportSuccess [ $CheckCertificatesDownloadImport $ScriptName $LastName ]; + :set FetchName ("star." . [ :pick $LastName 2 [ :len $LastName ] ]); + :set ImportSuccess [ $CheckCertificatesDownloadImport $ScriptName $LastName $FetchName ]; } } } @@ -174,7 +178,7 @@ } else={ $LogPrint debug $ScriptName ("Certificate '" . $CertVal->"name" . "' was not updated, but replaced."); - :local CertNew [ /certificate/find where name~("^" . [ $EscapeForRegEx [ $UrlEncode $LastName ] ] . "\\.(p12|pem)_[0-9]+\$") \ + :local CertNew [ /certificate/find where name~("^" . [ $EscapeForRegEx [ $UrlEncode $FetchName ] ] . "\\.(p12|pem)_[0-9]+\$") \ (common-name=($CertVal->"common-name") or subject-alt-name~("(^|\\W)(DNS|IP):" . [ $EscapeForRegEx $LastName ] . "(\\W|\$)")) \ fingerprint!=[ :tostr ($CertVal->"fingerprint") ] expires-after>$CertRenewTime ]; :local CertNewVal [ /certificate/get $CertNew ]; From 3ad7ccd3d6c443bf64156ffcd980a418584c35d1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 3 Feb 2025 10:05:35 +0100 Subject: [PATCH 818/908] check-certificates: check to characters for star-dot --- check-certificates.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index b986179..34e7537 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -164,7 +164,7 @@ :set LastName [ :pick $SAN ([ :find $SAN ":" ] + 1) [ :len $SAN ] ]; :set FetchName $LastName; :set ImportSuccess [ $CheckCertificatesDownloadImport $ScriptName $LastName $FetchName ]; - :if ($ImportSuccess = false && [ :pick $LastName 0 ] = "*") do={ + :if ($ImportSuccess = false && [ :pick $LastName 0 2 ] = "*.") do={ :set FetchName ("star." . [ :pick $LastName 2 [ :len $LastName ] ]); :set ImportSuccess [ $CheckCertificatesDownloadImport $ScriptName $LastName $FetchName ]; } From 61f3c26199b4c22ae312a09f6c82f8e9cc403dd0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 3 Feb 2025 14:35:47 +0100 Subject: [PATCH 819/908] doc/check-health: highligh note on bad initial state --- doc/check-health.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/doc/check-health.md b/doc/check-health.md index 578ea43..a945371 100644 --- a/doc/check-health.md +++ b/doc/check-health.md @@ -26,14 +26,16 @@ health related events: * power supply failed or recovered * temperature is above or below threshold -Note that bad initial state will not trigger an event. - Monitoring CPU and RAM utilization (available processing and memory resources) works on all devices. Other than that only sensors available in hardware can be checked. See what your hardware supports: /system/health/print; +> ⚠️ **Warning**: Note that bad initial state will not trigger an event! For +> example rebooting a device that is already too hot will not trigger an +> alert on high temperature. + ### Sample notifications #### CPU utilization From 3024b246b58fa106592c7f6f949e421e15edcdb3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 4 Feb 2025 12:02:31 +0100 Subject: [PATCH 820/908] check-health: remove extra line break --- check-health.rsc | 1 - 1 file changed, 1 deletion(-) diff --git a/check-health.rsc b/check-health.rsc index 31bd6c2..76de4cb 100644 --- a/check-health.rsc +++ b/check-health.rsc @@ -91,7 +91,6 @@ :set CheckHealthTemperatureNotified ({}); } - :foreach Voltage in=[ /system/health/find where type="V" ] do={ :local Name [ /system/health/get $Voltage name ]; :local Value [ /system/health/get $Voltage value ]; From bfe5f20920a90fc54b7b25a238a1763fa6f2d5e7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 4 Feb 2025 15:08:37 +0100 Subject: [PATCH 821/908] check-health: remove trailing whitespaces --- check-health.rsc | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/check-health.rsc b/check-health.rsc index 76de4cb..34c508c 100644 --- a/check-health.rsc +++ b/check-health.rsc @@ -107,16 +107,16 @@ message=("The " . $Name . " on " . $Identity . " jumped more than " . $CheckHealthVoltagePercent . "%.\n\n" . \ [ $FormatLine "old value" ($CheckHealthLast->$Name . " V") 12 ] . "\n" . \ [ $FormatLine "new value" ($Value . " V") 12 ]) }); - } else={ - :if ($NumCurr <= $CheckHealthVoltageLow && $NumLast > $CheckHealthVoltageLow) do={ - $SendNotification2 ({ origin=$ScriptName; \ - subject=([ $SymbolForNotification "high-voltage-sign,chart-decreasing" ] . "Health warning: Low " . $Name); \ - message=("The " . $Name . " on " . $Identity . " dropped to " . $Value . " V below hard limit.") }); - } - :if ($NumCurr > $CheckHealthVoltageLow && $NumLast <= $CheckHealthVoltageLow) do={ - $SendNotification2 ({ origin=$ScriptName; \ - subject=([ $SymbolForNotification "high-voltage-sign,chart-increasing" ] . "Health recovery: Low " . $Name); \ - message=("The " . $Name . " on " . $Identity . " recovered to " . $Value . " V above hard limit.") }); + } else={ + :if ($NumCurr <= $CheckHealthVoltageLow && $NumLast > $CheckHealthVoltageLow) do={ + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "high-voltage-sign,chart-decreasing" ] . "Health warning: Low " . $Name); \ + message=("The " . $Name . " on " . $Identity . " dropped to " . $Value . " V below hard limit.") }); + } + :if ($NumCurr > $CheckHealthVoltageLow && $NumLast <= $CheckHealthVoltageLow) do={ + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "high-voltage-sign,chart-increasing" ] . "Health recovery: Low " . $Name); \ + message=("The " . $Name . " on " . $Identity . " recovered to " . $Value . " V above hard limit.") }); } } } From 6501c98c822af958588512c374474f16bac61493 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 5 Feb 2025 09:36:15 +0100 Subject: [PATCH 822/908] certs: dns.google switched to 'GTS Root R4' Note that 8.8.8.8 is still at 'GTS Root R1'... --- certs/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/certs/Makefile b/certs/Makefile index 5dfb0d1..ba25303 100644 --- a/certs/Makefile +++ b/certs/Makefile @@ -10,7 +10,7 @@ DOMAINS_DUAL = \ api.macvendors.com/GTS-Root-R4 \ api.telegram.org/Go-Daddy-Root-Certificate-Authority-G2 \ cloudflare-dns.com/DigiCert-Global-Root-G2 \ - dns.google/GTS-Root-R1 \ + dns.google/GTS-Root-R4 \ dns.quad9.net/DigiCert-Global-Root-G3 \ git.eworm.de/ISRG-Root-X2 \ lists.blocklist.de/Certum-Trusted-Network-CA \ From 27c92b4382f961ad427313f6a0bfc01716e805d1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 5 Feb 2025 09:51:42 +0100 Subject: [PATCH 823/908] doc/netwatch-dns: switch exmample to cloudflare-dns.com --- doc/netwatch-dns.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/netwatch-dns.md b/doc/netwatch-dns.md index 6d2c865..aa4e91f 100644 --- a/doc/netwatch-dns.md +++ b/doc/netwatch-dns.md @@ -53,8 +53,8 @@ Note that using a name in DoH url may introduce a chicken-and-egg issue! Adding a static DNS record has the same result for the url, but always resolves to the same address. - /ip/dns/static/add name="dns.nextdns.io" address=199.247.16.158; - /tool/netwatch/add comment="doh" host=199.247.16.158; + /ip/dns/static/add name="cloudflare-dns.com" address=1.1.1.1; + /tool/netwatch/add comment="doh" host=1.1.1.1; Be aware that you have to keep the ip address in sync with real world manually! From 84ba3a463a46876f3e728326034d404d02aefb67 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 5 Feb 2025 09:55:41 +0100 Subject: [PATCH 824/908] doc/netwatch-dns: warn on different certificate... ... based on indicated server name. Currently this is true for 8.8.8.8 (GTS Root R1) and dns.google (GTS Root R4). --- doc/netwatch-dns.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/doc/netwatch-dns.md b/doc/netwatch-dns.md index aa4e91f..0d94918 100644 --- a/doc/netwatch-dns.md +++ b/doc/netwatch-dns.md @@ -66,6 +66,10 @@ Importing a certificate automatically is possible. You may want to find the /tool/netwatch/add comment="doh, doh-cert=DigiCert Global Root G3" host=9.9.9.9; /tool/netwatch/add comment="doh, doh-cert=GTS Root R1" host=8.8.8.8; +> ⚠️ **Warning**: Combining these techniques can cause some confusion and +> troubles! Chances are that a service uses different certificates based +> on indicated server name. + Sometimes using just one specific (possibly internal) DNS server may be desired, with fallback in case it fails. This is possible as well: From 23d38927bcd553229d1cd80bff0d3506ab40f6fa Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 4 Feb 2025 12:27:35 +0100 Subject: [PATCH 825/908] check-health: split off plugins... ... from 'check-health', so the script works on all devices to monitor CPU and RAM. The supported plugins for sensors in hardware are installed automatically. --- check-health.d/state.rsc | 48 ++++++++ check-health.d/temperature.rsc | 74 ++++++++++++ check-health.d/voltage.rsc | 63 ++++++++++ check-health.rsc | 108 +++--------------- ...l.avif => notification-08-state-fail.avif} | Bin ...-ok.avif => notification-09-state-ok.avif} | Bin doc/check-health.md | 42 +++++-- global-functions.rsc | 2 +- news-and-changes.rsc | 2 + 9 files changed, 239 insertions(+), 100 deletions(-) create mode 100644 check-health.d/state.rsc create mode 100644 check-health.d/temperature.rsc create mode 100644 check-health.d/voltage.rsc rename doc/check-health.d/{notification-08-psu-fail.avif => notification-08-state-fail.avif} (100%) rename doc/check-health.d/{notification-09-psu-ok.avif => notification-09-state-ok.avif} (100%) diff --git a/check-health.d/state.rsc b/check-health.d/state.rsc new file mode 100644 index 0000000..bcc1fbc --- /dev/null +++ b/check-health.d/state.rsc @@ -0,0 +1,48 @@ +#!rsc by RouterOS +# RouterOS script: check-health.d/state +# Copyright (c) 2019-2025 Christian Hesse +# https://rsc.eworm.de/COPYING.md +# +# requires RouterOS, version=7.14 +# +# check for RouterOS health state - state plugin +# https://rsc.eworm.de/doc/check-health.md + +:global CheckHealthPlugins; + +:set ($CheckHealthPlugins->[ :jobname ]) do={ + :local FuncName [ :tostr $0 ]; + + :global CheckHealthLast; + :global Identity; + + :global LogPrint; + :global SendNotification2; + :global SymbolForNotification; + + :if ([ :len [ /system/health/find where type="" name~"-state\$"] ] = 0) do={ + $LogPrint debug $FuncName ("Your device does not provide any state health values."); + :return false; + } + + :foreach State in=[ /system/health/find where type="" name~"-state\$" ] do={ + :local Name [ /system/health/get $State name ]; + :local Value [ /system/health/get $State value ]; + + :if ([ :typeof ($CheckHealthLast->$Name) ] != "nothing") do={ + :if ($CheckHealthLast->$Name = "ok" && \ + $Value != "ok") do={ + $SendNotification2 ({ origin=$FuncName; \ + subject=([ $SymbolForNotification "cross-mark" ] . "Health warning: " . $Name); \ + message=("The device '" . $Name . "' on " . $Identity . " failed!") }); + } + :if ($CheckHealthLast->$Name != "ok" && \ + $Value = "ok") do={ + $SendNotification2 ({ origin=$FuncName; \ + subject=([ $SymbolForNotification "white-heavy-check-mark" ] . "Health recovery: " . $Name); \ + message=("The device '" . $Name . "' on " . $Identity . " recovered!") }); + } + } + :set ($CheckHealthLast->$Name) $Value; + } +} diff --git a/check-health.d/temperature.rsc b/check-health.d/temperature.rsc new file mode 100644 index 0000000..9b84782 --- /dev/null +++ b/check-health.d/temperature.rsc @@ -0,0 +1,74 @@ +#!rsc by RouterOS +# RouterOS script: check-health.d/temperature +# Copyright (c) 2019-2025 Christian Hesse +# https://rsc.eworm.de/COPYING.md +# +# requires RouterOS, version=7.14 +# +# check for RouterOS health state - temperature plugin +# https://rsc.eworm.de/doc/check-health.md + +:global CheckHealthPlugins; + +:set ($CheckHealthPlugins->[ :jobname ]) do={ + :local FuncName [ :tostr $0 ]; + + :global CheckHealthLast; + :global CheckHealthTemperature; + :global CheckHealthTemperatureDeviation; + :global CheckHealthTemperatureNotified; + :global Identity; + + :global LogPrint; + :global SendNotification2; + :global SymbolForNotification; + + :if ([ :len [ /system/health/find where type="C" ] ] = 0) do={ + $LogPrint debug $FuncName ("Your device does not provide any voltage health values."); + :return false; + } + + :local TempToNum do={ + :global CharacterReplace; + :local T [ :toarray [ $CharacterReplace $1 "." "," ] ]; + :return ($T->0 * 10 + $T->1); + } + + :if ([ :typeof $CheckHealthTemperatureNotified ] != "array") do={ + :set CheckHealthTemperatureNotified ({}); + } + + :foreach Temperature in=[ /system/health/find where type="C" ] do={ + :local Name [ /system/health/get $Temperature name ]; + :local Value [ /system/health/get $Temperature value ]; + + :if ([ :typeof ($CheckHealthLast->$Name) ] != "nothing") do={ + :if ([ :typeof ($CheckHealthTemperature->$Name) ] != "num" ) do={ + $LogPrint info $FuncName ("No threshold given for " . $Name . ", assuming 50C."); + :set ($CheckHealthTemperature->$Name) 50; + } + :local Validate [ /system/health/get [ find where name=$Name ] value ]; + :while ($Value != $Validate) do={ + :set Value $Validate; + :set Validate [ /system/health/get [ find where name=$Name ] value ]; + } + :if ($Value > $CheckHealthTemperature->$Name && \ + $CheckHealthTemperatureNotified->$Name != true) do={ + $SendNotification2 ({ origin=$FuncName; \ + subject=([ $SymbolForNotification "fire" ] . "Health warning: " . $Name); \ + message=("The " . $Name . " on " . $Identity . " is above threshold: " . \ + $Value . "\C2\B0" . "C") }); + :set ($CheckHealthTemperatureNotified->$Name) true; + } + :if ($Value <= ($CheckHealthTemperature->$Name - $CheckHealthTemperatureDeviation) && \ + $CheckHealthTemperatureNotified->$Name = true) do={ + $SendNotification2 ({ origin=$FuncName; \ + subject=([ $SymbolForNotification "white-heavy-check-mark" ] . "Health recovery: " . $Name); \ + message=("The " . $Name . " on " . $Identity . " dropped below threshold: " . \ + $Value . "\C2\B0" . "C") }); + :set ($CheckHealthTemperatureNotified->$Name) false; + } + } + :set ($CheckHealthLast->$Name) $Value; + } +} diff --git a/check-health.d/voltage.rsc b/check-health.d/voltage.rsc new file mode 100644 index 0000000..6394795 --- /dev/null +++ b/check-health.d/voltage.rsc @@ -0,0 +1,63 @@ +#!rsc by RouterOS +# RouterOS script: check-health.d/voltage +# Copyright (c) 2019-2025 Christian Hesse +# https://rsc.eworm.de/COPYING.md +# +# requires RouterOS, version=7.14 +# +# check for RouterOS health state - voltage plugin +# https://rsc.eworm.de/doc/check-health.md + +:global CheckHealthPlugins; + +:set ($CheckHealthPlugins->[ :jobname ]) do={ + :local FuncName [ :tostr $0 ]; + + :global CheckHealthLast; + :global CheckHealthVoltageLow; + :global CheckHealthVoltagePercent; + :global Identity; + + :global FormatLine; + :global IfThenElse; + :global LogPrint; + :global SendNotification2; + :global SymbolForNotification; + + :if ([ :len [ /system/health/find where type="V" ] ] = 0) do={ + $LogPrint debug $FuncName ("Your device does not provide any voltage health values."); + :return false; + } + + :foreach Voltage in=[ /system/health/find where type="V" ] do={ + :local Name [ /system/health/get $Voltage name ]; + :local Value [ /system/health/get $Voltage value ]; + + :if ([ :typeof ($CheckHealthLast->$Name) ] != "nothing") do={ + :local NumCurr [ $TempToNum $Value ]; + :local NumLast [ $TempToNum ($CheckHealthLast->$Name) ]; + + :if ($NumLast * (100 + $CheckHealthVoltagePercent) < $NumCurr * 100 || \ + $NumLast * 100 > $NumCurr * (100 + $CheckHealthVoltagePercent)) do={ + $SendNotification2 ({ origin=$FuncName; \ + subject=([ $SymbolForNotification ("high-voltage-sign,chart-" . [ $IfThenElse ($NumLast < \ + $NumCurr) "in" "de" ] . "creasing") ] . "Health warning: " . $Name); \ + message=("The " . $Name . " on " . $Identity . " jumped more than " . $CheckHealthVoltagePercent . "%.\n\n" . \ + [ $FormatLine "old value" ($CheckHealthLast->$Name . " V") 12 ] . "\n" . \ + [ $FormatLine "new value" ($Value . " V") 12 ]) }); + } else={ + :if ($NumCurr <= $CheckHealthVoltageLow && $NumLast > $CheckHealthVoltageLow) do={ + $SendNotification2 ({ origin=$FuncName; \ + subject=([ $SymbolForNotification "high-voltage-sign,chart-decreasing" ] . "Health warning: Low " . $Name); \ + message=("The " . $Name . " on " . $Identity . " dropped to " . $Value . " V below hard limit.") }); + } + :if ($NumCurr > $CheckHealthVoltageLow && $NumLast <= $CheckHealthVoltageLow) do={ + $SendNotification2 ({ origin=$FuncName; \ + subject=([ $SymbolForNotification "high-voltage-sign,chart-increasing" ] . "Health recovery: Low " . $Name); \ + message=("The " . $Name . " on " . $Identity . " recovered to " . $Value . " V above hard limit.") }); + } + } + } + :set ($CheckHealthLast->$Name) $Value; + } +} diff --git a/check-health.rsc b/check-health.rsc index 34c508c..827f597 100644 --- a/check-health.rsc +++ b/check-health.rsc @@ -19,11 +19,6 @@ :global CheckHealthCPUUtilizationNotified; :global CheckHealthLast; :global CheckHealthRAMUtilizationNotified; - :global CheckHealthTemperature; - :global CheckHealthTemperatureDeviation; - :global CheckHealthTemperatureNotified; - :global CheckHealthVoltageLow; - :global CheckHealthVoltagePercent; :global Identity; :global FormatLine; @@ -33,6 +28,7 @@ :global ScriptLock; :global SendNotification2; :global SymbolForNotification; + :global ValidateSyntax; :local TempToNum do={ :global CharacterReplace; @@ -78,105 +74,37 @@ :set CheckHealthRAMUtilizationNotified false; } - :if ([ :len [ /system/health/find ] ] = 0) do={ - $LogPrint debug $ScriptName ("Your device does not provide any health values."); + :local Plugins [ /system/script/find where name~"^check-health.d/." ]; + :if ([ :len $Plugins ] = 0) do={ + $LogPrint debug $ScriptName ("No plugins installed."); :set ExitOK true; :error true; } + :global CheckHealthPlugins ({}); :if ([ :typeof $CheckHealthLast ] != "array") do={ :set CheckHealthLast ({}); } - :if ([ :typeof $CheckHealthTemperatureNotified ] != "array") do={ - :set CheckHealthTemperatureNotified ({}); - } - :foreach Voltage in=[ /system/health/find where type="V" ] do={ - :local Name [ /system/health/get $Voltage name ]; - :local Value [ /system/health/get $Voltage value ]; - - :if ([ :typeof ($CheckHealthLast->$Name) ] != "nothing") do={ - :local NumCurr [ $TempToNum $Value ]; - :local NumLast [ $TempToNum ($CheckHealthLast->$Name) ]; - - :if ($NumLast * (100 + $CheckHealthVoltagePercent) < $NumCurr * 100 || \ - $NumLast * 100 > $NumCurr * (100 + $CheckHealthVoltagePercent)) do={ - $SendNotification2 ({ origin=$ScriptName; \ - subject=([ $SymbolForNotification ("high-voltage-sign,chart-" . [ $IfThenElse ($NumLast < \ - $NumCurr) "in" "de" ] . "creasing") ] . "Health warning: " . $Name); \ - message=("The " . $Name . " on " . $Identity . " jumped more than " . $CheckHealthVoltagePercent . "%.\n\n" . \ - [ $FormatLine "old value" ($CheckHealthLast->$Name . " V") 12 ] . "\n" . \ - [ $FormatLine "new value" ($Value . " V") 12 ]) }); - } else={ - :if ($NumCurr <= $CheckHealthVoltageLow && $NumLast > $CheckHealthVoltageLow) do={ - $SendNotification2 ({ origin=$ScriptName; \ - subject=([ $SymbolForNotification "high-voltage-sign,chart-decreasing" ] . "Health warning: Low " . $Name); \ - message=("The " . $Name . " on " . $Identity . " dropped to " . $Value . " V below hard limit.") }); - } - :if ($NumCurr > $CheckHealthVoltageLow && $NumLast <= $CheckHealthVoltageLow) do={ - $SendNotification2 ({ origin=$ScriptName; \ - subject=([ $SymbolForNotification "high-voltage-sign,chart-increasing" ] . "Health recovery: Low " . $Name); \ - message=("The " . $Name . " on " . $Identity . " recovered to " . $Value . " V above hard limit.") }); - } + :foreach Plugin in=$Plugins do={ + :local PluginVal [ /system/script/get $Plugin ]; + :if ([ $ValidateSyntax ($PluginVal->"source") ] = true) do={ + :do { + /system/script/run $Plugin; + } on-error={ + $LogPrint error $ScriptName ("Plugin '" . $ScriptVal->"name" . "' failed to run."); } + } else={ + $LogPrint error $ScriptName ("Plugin '" . $ScriptVal->"name" . "' failed syntax validation, skipping."); } - :set ($CheckHealthLast->$Name) $Value; } - :foreach PSU in=[ /system/health/find where name~"^psu.*-state\$" ] do={ - :local Name [ /system/health/get $PSU name ]; - :local Value [ /system/health/get $PSU value ]; - - :if ([ :typeof ($CheckHealthLast->$Name) ] != "nothing") do={ - :if ($CheckHealthLast->$Name = "ok" && \ - $Value != "ok") do={ - $SendNotification2 ({ origin=$ScriptName; \ - subject=([ $SymbolForNotification "cross-mark" ] . "Health warning: " . $Name); \ - message=("The power supply unit '" . $Name . "' on " . $Identity . " failed!") }); - } - :if ($CheckHealthLast->$Name != "ok" && \ - $Value = "ok") do={ - $SendNotification2 ({ origin=$ScriptName; \ - subject=([ $SymbolForNotification "white-heavy-check-mark" ] . "Health recovery: " . $Name); \ - message=("The power supply unit '" . $Name . "' on " . $Identity . " recovered!") }); - } - } - :set ($CheckHealthLast->$Name) $Value; + :foreach PluginName,Discard in=$CheckHealthPlugins do={ + ($CheckHealthPlugins->$PluginName) \ + ("\$CheckHealthPlugins->\"" . $PluginName . "\""); } - :foreach Temperature in=[ /system/health/find where type="C" ] do={ - :local Name [ /system/health/get $Temperature name ]; - :local Value [ /system/health/get $Temperature value ]; - - :if ([ :typeof ($CheckHealthLast->$Name) ] != "nothing") do={ - :if ([ :typeof ($CheckHealthTemperature->$Name) ] != "num" ) do={ - $LogPrint info $ScriptName ("No threshold given for " . $Name . ", assuming 50C."); - :set ($CheckHealthTemperature->$Name) 50; - } - :local Validate [ /system/health/get [ find where name=$Name ] value ]; - :while ($Value != $Validate) do={ - :set Value $Validate; - :set Validate [ /system/health/get [ find where name=$Name ] value ]; - } - :if ($Value > $CheckHealthTemperature->$Name && \ - $CheckHealthTemperatureNotified->$Name != true) do={ - $SendNotification2 ({ origin=$ScriptName; \ - subject=([ $SymbolForNotification "fire" ] . "Health warning: " . $Name); \ - message=("The " . $Name . " on " . $Identity . " is above threshold: " . \ - $Value . "\C2\B0" . "C") }); - :set ($CheckHealthTemperatureNotified->$Name) true; - } - :if ($Value <= ($CheckHealthTemperature->$Name - $CheckHealthTemperatureDeviation) && \ - $CheckHealthTemperatureNotified->$Name = true) do={ - $SendNotification2 ({ origin=$ScriptName; \ - subject=([ $SymbolForNotification "white-heavy-check-mark" ] . "Health recovery: " . $Name); \ - message=("The " . $Name . " on " . $Identity . " dropped below threshold: " . \ - $Value . "\C2\B0" . "C") }); - :set ($CheckHealthTemperatureNotified->$Name) false; - } - } - :set ($CheckHealthLast->$Name) $Value; - } + :set CheckHealthPlugins; } on-error={ :global ExitError; $ExitError $ExitOK [ :jobname ]; } diff --git a/doc/check-health.d/notification-08-psu-fail.avif b/doc/check-health.d/notification-08-state-fail.avif similarity index 100% rename from doc/check-health.d/notification-08-psu-fail.avif rename to doc/check-health.d/notification-08-state-fail.avif diff --git a/doc/check-health.d/notification-09-psu-ok.avif b/doc/check-health.d/notification-09-state-ok.avif similarity index 100% rename from doc/check-health.d/notification-09-psu-ok.avif rename to doc/check-health.d/notification-09-state-ok.avif diff --git a/doc/check-health.md b/doc/check-health.md index a945371..51e71bc 100644 --- a/doc/check-health.md +++ b/doc/check-health.md @@ -17,21 +17,21 @@ Description ----------- This script is run from scheduler periodically, sending notification on -health related events: +health related events. Monitoring CPU and RAM utilization (available +processing and memory resources) works on all devices: * high CPU utilization * high RAM utilization (low available RAM) + +With additional plugins functionality can be extended, depending on +sensors available in hardware: + * voltage jumps up or down more than configured threshold * voltage drops below hard lower limit +* fan failed or recovered * power supply failed or recovered * temperature is above or below threshold -Monitoring CPU and RAM utilization (available processing and memory -resources) works on all devices. Other than that only sensors available -in hardware can be checked. See what your hardware supports: - - /system/health/print; - > ⚠️ **Warning**: Note that bad initial state will not trigger an event! For > example rebooting a device that is already too hot will not trigger an > alert on high temperature. @@ -59,8 +59,8 @@ in hardware can be checked. See what your hardware supports: #### PSU state -![check-health notification psu fail](check-health.d/notification-08-psu-fail.avif) -![check-health notification psu ok](check-health.d/notification-09-psu-ok.avif) +![check-health notification state fail](check-health.d/notification-08-state-fail.avif) +![check-health notification state ok](check-health.d/notification-09-state-ok.avif) Requirements and installation ----------------------------- @@ -74,6 +74,30 @@ Just install the script and create a scheduler: > precision of cpu utilization, escpecially on devices with limited > resources. Thus an unusual interval is used here. +### Plugins + +Additional plugins are available for sensors available in hardware. First +check what your hardware supports: + + /system/health/print; + +Then install the plugin for *fan* and *power supply unit* *state*: + + $ScriptInstallUpdate check-health,check-health.d/state; + +... or *temperature*: + + $ScriptInstallUpdate check-health,check-health.d/temperature; + +... or *voltage*: + + $ScriptInstallUpdate check-health,check-health.d/voltage; + +You can also combine the commands and install all or a subset of plugins +in one go: + + $ScriptInstallUpdate check-health,check-health.d/state,check-health.d/temperature,check-health.d/voltage; + Configuration ------------- diff --git a/global-functions.rsc b/global-functions.rsc index a2ec833..8eb6712 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -13,7 +13,7 @@ :local ScriptName [ :jobname ]; # expected configuration version -:global ExpectedConfigVersion 131; +:global ExpectedConfigVersion 132; # global variables not to be changed by user :global GlobalFunctionsReady false; diff --git a/news-and-changes.rsc b/news-and-changes.rsc index 7508b43..c7e566f 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -56,6 +56,7 @@ 129="Extended 'backup-partition' to support RouterOS copy-over - interactively or before feature update."; 130="Dropped intermediate certificates, depending on just root certificates now."; 131="Enhanced certificate download to fallback to mkcert.org, so all (commonly trusted) root certificates are available now."; + 132="Split off plugins from 'check-health', so the script works on all devices to monitor CPU and RAM. The supported plugins for sensors in hardware are installed automatically."; }; # Migration steps to be applied on script updates @@ -64,4 +65,5 @@ 100=":global ScriptInstallUpdate; :if ([ :len [ /system/script/find where name=\"ssh-keys-import\" source~\"^#!rsc by RouterOS\\r?\\n\" ] ] > 0) do={ /system/script/set name=\"mod/ssh-keys-import\" ssh-keys-import; \$ScriptInstallUpdate; }"; 104=":global CharacterReplace; :global ScriptInstallUpdate; :foreach Script in={ \"capsman-download-packages\"; \"capsman-rolling-upgrade\"; \"hotspot-to-wpa\"; \"hotspot-to-wpa-cleanup\" } do={ /system/script/set name=(\$Script . \".capsman\") [ find where name=\$Script ]; :foreach Scheduler in=[ /system/scheduler/find where on-event~(\$Script . \"([^-.]|\\\$)\") ] do={ /system/scheduler/set \$Scheduler on-event=[ \$CharacterReplace [ get \$Scheduler on-event ] \$Script (\$Script . \".capsman\") ]; }; }; /ip/hotspot/user/profile/set on-login=\"hotspot-to-wpa.capsman\" [ find where on-login=\"hotspot-to-wpa\" ]; \$ScriptInstallUpdate;"; 111=":local Rec [ /ip/dns/static/find where comment~\"^managed by dhcp-to-dns for \" ]; :if ([ :len \$Rec ] > 0) do={ /ip/dns/static/remove \$Rec; /system/script/run dhcp-to-dns; }"; + 132=":if ([ :len [ /system/script/find where name=\"check-health\" ] ] > 0) do={ :local Code \":local Install \\\"check-health\\\"; :if ([ :len [ /system/health/find where type=\\\"\\\" name~\\\"-state\\\\\\\$\\\" ] ] > 0) do={ :set Install (\\\$Install . \\\",check-health.d/state\\\"); }; :if ([ :len [ /system/health/find where type=\\\"C\\\" ] ] > 0) do={ :set Install (\\\$Install . \\\",check-health.d/temperature\\\"); }; :if ([ :len [ /system/health/find where type=\\\"V\\\" ] ] > 0) do={ :set Install (\\\$Install . \\\",check-health.d/voltage\\\"); }; :global ScriptInstallUpdate; \\\$ScriptInstallUpdate \\\$Install;\"; :global ValidateSyntax; :if ([ \$ValidateSyntax \$Code ] = true) do={ :do { [ :parse \$Code ]; } on-error={ }; }; }"; }; From 7b660d095293e24bd3fedf2a00815eedec84ccf5 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 6 Feb 2025 21:24:20 +0100 Subject: [PATCH 826/908] packages-update: move configuration variables up --- packages-update.rsc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/packages-update.rsc b/packages-update.rsc index ff47b2a..ba6d4f7 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -16,6 +16,9 @@ :do { :local ScriptName [ :jobname ]; + :global PackagesUpdateDeferReboot; + :global PackagesUpdateBackupFailure; + :global DownloadPackage; :global Grep; :global LogPrint; @@ -24,9 +27,6 @@ :global ScriptLock; :global VersionToNum; - :global PackagesUpdateDeferReboot; - :global PackagesUpdateBackupFailure; - :local Schedule do={ :local ScriptName [ :tostr $1 ]; From dafd95d44a18088771e6e0fd9b2ef115ddbcbc18 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 6 Feb 2025 21:26:39 +0100 Subject: [PATCH 827/908] packages-update: disable random delay for backup --- packages-update.rsc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/packages-update.rsc b/packages-update.rsc index ba6d4f7..788edd4 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -16,6 +16,7 @@ :do { :local ScriptName [ :jobname ]; + :global BackupRandomDelay; :global PackagesUpdateDeferReboot; :global PackagesUpdateBackupFailure; @@ -79,7 +80,9 @@ :set ($RunOrder->($Store->"order" . "-" . $ScriptVal->"name")) ($ScriptVal->"name"); } + :local BackupRandomDelayBefore $BackupRandomDelay; :foreach Order,Script in=$RunOrder do={ + :set BackupRandomDelay 0; :set PackagesUpdateBackupFailure false; :do { $LogPrint info $ScriptName ("Running backup script " . $Script . " before update."); @@ -87,6 +90,7 @@ } on-error={ :set PackagesUpdateBackupFailure true; } + :set BackupRandomDelay $BackupRandomDelayBefore; :if ($PackagesUpdateBackupFailure = true) do={ $LogPrint warning $ScriptName ("Running backup script " . $Script . " before update failed!"); From dbdc3e4718f5b0ec614baa9a9a942b52cbb19ad4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 7 Feb 2025 17:12:30 +0100 Subject: [PATCH 828/908] packages-update: ignore available packages MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This was introduced with RouterOS 7.18beta2 to list and install available packages. We do not want to install all of them. 😝 --- packages-update.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages-update.rsc b/packages-update.rsc index 788edd4..afec2f5 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -130,7 +130,7 @@ } } - :foreach Package in=[ /system/package/find where !bundle ] do={ + :foreach Package in=[ /system/package/find where !bundle !available ] do={ :local PkgName [ /system/package/get $Package name ]; :if ([ $DownloadPackage $PkgName ($Update->"latest-version") ] = false) do={ $LogPrint error $ScriptName ("Download for package " . $PkgName . " failed, update aborted."); From 0fb5fd03230c2054a94d80ca72fc941e21b7f3ff Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 7 Feb 2025 17:36:59 +0100 Subject: [PATCH 829/908] global-functions: $MkDir: create directory directly... ... instead of file inside directory. This requires RouterOS 7.15, so bumping requirement. --- README.md | 2 +- global-functions.rsc | 8 +++----- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 8594f58..a76d50f 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ RouterOS Scripts [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/global-functions.rsc b/global-functions.rsc index 8eb6712..48f1676 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # requires device-mode, fetch, scheduler # # global functions @@ -895,10 +895,8 @@ } :do { - :local File ($Path . "/file"); - /file/add name=$File; - $WaitForFile $File; - /file/remove $File; + /file/add type="directory" name=$Path; + $WaitForFile $Path; } on-error={ $LogPrint warning $0 ("Making directory '" . $Path . "' failed!"); :return false; From 4542c2b19e4b74ee37c02671c05f4025946d8bf7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 21 Jan 2025 18:16:57 +0100 Subject: [PATCH 830/908] global-functions: introduce $RmFile --- global-functions.rsc | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 48f1676..e41d352 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -63,6 +63,7 @@ :global ProtocolStrip; :global RandomDelay; :global RequiredRouterOS; +:global RmFile; :global ScriptFromTerminal; :global ScriptInstallUpdate; :global ScriptLock; @@ -1004,6 +1005,26 @@ :return true; } +# remove file +:set RmFile do={ + :local FileName [ :tostr $1 ]; + + :global LogPrint; + + :local File [ /file/find where name=$FileName type=file ]; + :if ([ :len $File ] = 0) do={ + :return true; + } + + :do { + /file/remove $File; + } on-error={ + $LogPrint error $0 ("Removing file '" . $FileName . "' (" . $File . ") failed."); + :return false; + } + :return true; +} + # check if script is run from terminal :set ScriptFromTerminal do={ :local Script [ :tostr $1 ]; From 727495d9c4f7ff00a9d0c5dc1fd06e22ba3abe39 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 21 Jan 2025 18:21:28 +0100 Subject: [PATCH 831/908] global-functions: introduce $RmDir --- global-functions.rsc | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index e41d352..b7a3b6a 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -63,6 +63,7 @@ :global ProtocolStrip; :global RandomDelay; :global RequiredRouterOS; +:global RmDir; :global RmFile; :global ScriptFromTerminal; :global ScriptInstallUpdate; @@ -1005,6 +1006,26 @@ :return true; } +# remove directory +:set RmDir do={ + :local DirName [ :tostr $1 ]; + + :global LogPrint; + + :local Dir [ /file/find where name=$DirName type=directory ]; + :if ([ :len $Dir ] = 0) do={ + :return true; + } + + :do { + /file/remove $Dir; + } on-error={ + $LogPrint error $0 ("Removing directory '" . $DirName . "' (" . $Dir . ") failed."); + :return false; + } + :return true; +} + # remove file :set RmFile do={ :local FileName [ :tostr $1 ]; From 7233dea5bb9e73a93599baf17077b80758934665 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 21 Jan 2025 19:24:38 +0100 Subject: [PATCH 832/908] global-functions: $RmFile: add debug output --- global-functions.rsc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index b7a3b6a..50202f0 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1032,8 +1032,11 @@ :global LogPrint; + $LogPrint debug $0 ("Removing file: ". $FileName); + :local File [ /file/find where name=$FileName type=file ]; :if ([ :len $File ] = 0) do={ + $LogPrint debug $0 ("... which does not exist."); :return true; } From 49d9fb1ffddfb973bed00aac3a36bf4dd8d6687a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 21 Jan 2025 19:24:05 +0100 Subject: [PATCH 833/908] global-functions: $RmDir: add debug output --- global-functions.rsc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 50202f0..2799f39 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1012,8 +1012,11 @@ :global LogPrint; + $LogPrint debug $0 ("Removing directory: ". $DirName); + :local Dir [ /file/find where name=$DirName type=directory ]; :if ([ :len $Dir ] = 0) do={ + $LogPrint debug $0 ("... which does not exist."); :return true; } From 4bfb591fa035a12e80edf8f2550f6237cd343cd9 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 7 Feb 2025 17:39:48 +0100 Subject: [PATCH 834/908] bump required RouterOS version for all scripts --- BRANCHES.md | 2 +- CERTIFICATES.md | 2 +- CONTRIBUTIONS.md | 2 +- INITIAL-COMMANDS.md | 2 +- accesslist-duplicates.capsman.rsc | 2 +- accesslist-duplicates.local.rsc | 2 +- accesslist-duplicates.template.rsc | 2 +- accesslist-duplicates.wifi.rsc | 2 +- backup-cloud.rsc | 2 +- backup-email.rsc | 2 +- backup-partition.rsc | 2 +- backup-upload.rsc | 2 +- capsman-download-packages.capsman.rsc | 2 +- capsman-download-packages.template.rsc | 2 +- capsman-download-packages.wifi.rsc | 2 +- capsman-rolling-upgrade.capsman.rsc | 2 +- capsman-rolling-upgrade.template.rsc | 2 +- capsman-rolling-upgrade.wifi.rsc | 2 +- certificate-renew-issued.rsc | 2 +- check-certificates.rsc | 2 +- check-health.d/state.rsc | 2 +- check-health.d/temperature.rsc | 2 +- check-health.d/voltage.rsc | 2 +- check-health.rsc | 2 +- check-lte-firmware-upgrade.rsc | 2 +- check-routeros-update.rsc | 2 +- collect-wireless-mac.capsman.rsc | 2 +- collect-wireless-mac.local.rsc | 2 +- collect-wireless-mac.template.rsc | 2 +- collect-wireless-mac.wifi.rsc | 2 +- dhcp-lease-comment.capsman.rsc | 2 +- dhcp-lease-comment.local.rsc | 2 +- dhcp-lease-comment.template.rsc | 2 +- dhcp-lease-comment.wifi.rsc | 2 +- doc/accesslist-duplicates.md | 2 +- doc/backup-cloud.md | 2 +- doc/backup-email.md | 2 +- doc/backup-partition.md | 2 +- doc/backup-upload.md | 2 +- doc/capsman-download-packages.md | 2 +- doc/capsman-rolling-upgrade.md | 2 +- doc/certificate-renew-issued.md | 2 +- doc/check-certificates.md | 2 +- doc/check-health.md | 2 +- doc/check-lte-firmware-upgrade.md | 2 +- doc/check-routeros-update.md | 2 +- doc/collect-wireless-mac.md | 2 +- doc/dhcp-lease-comment.md | 2 +- doc/firmware-upgrade-reboot.md | 2 +- doc/global-wait.md | 2 +- doc/gps-track.md | 2 +- doc/hotspot-to-wpa.md | 2 +- doc/ip-addr-bridge.md | 2 +- doc/ipsec-to-dns.md | 2 +- doc/ipv6-update.md | 2 +- doc/lease-script.md | 2 +- doc/leds-mode.md | 2 +- doc/log-forward.md | 2 +- doc/mod/bridge-port-to.md | 2 +- doc/mod/bridge-port-vlan.md | 2 +- doc/mod/inspectvar.md | 2 +- doc/mod/ipcalc.md | 2 +- doc/mod/notification-email.md | 2 +- doc/mod/notification-matrix.md | 2 +- doc/mod/notification-ntfy.md | 2 +- doc/mod/notification-telegram.md | 2 +- doc/mod/scriptrunonce.md | 2 +- doc/mode-button.md | 2 +- doc/ospf-to-leds.md | 2 +- doc/packages-update.md | 2 +- doc/ppp-on-up.md | 2 +- doc/sms-action.md | 2 +- doc/sms-forward.md | 2 +- doc/super-mario-theme.md | 2 +- doc/unattended-lte-firmware-upgrade.md | 2 +- doc/update-gre-address.md | 2 +- doc/update-tunnelbroker.md | 2 +- firmware-upgrade-reboot.rsc | 2 +- global-wait.rsc | 2 +- gps-track.rsc | 2 +- hotspot-to-wpa-cleanup.capsman.rsc | 2 +- hotspot-to-wpa-cleanup.template.rsc | 2 +- hotspot-to-wpa-cleanup.wifi.rsc | 2 +- hotspot-to-wpa.capsman.rsc | 2 +- hotspot-to-wpa.template.rsc | 2 +- hotspot-to-wpa.wifi.rsc | 2 +- ipsec-to-dns.rsc | 2 +- ipv6-update.rsc | 2 +- lease-script.rsc | 2 +- log-forward.rsc | 2 +- mod/bridge-port-to.rsc | 2 +- mod/bridge-port-vlan.rsc | 2 +- mod/inspectvar.rsc | 2 +- mod/ipcalc.rsc | 2 +- mod/notification-email.rsc | 2 +- mod/notification-matrix.rsc | 2 +- mod/notification-ntfy.rsc | 2 +- mod/notification-telegram.rsc | 2 +- mod/scriptrunonce.rsc | 2 +- mode-button.rsc | 2 +- ospf-to-leds.rsc | 2 +- packages-update.rsc | 2 +- ppp-on-up.rsc | 2 +- sms-action.rsc | 2 +- sms-forward.rsc | 2 +- unattended-lte-firmware-upgrade.rsc | 2 +- update-gre-address.rsc | 2 +- update-tunnelbroker.rsc | 2 +- 108 files changed, 108 insertions(+), 108 deletions(-) diff --git a/BRANCHES.md b/BRANCHES.md index 5d94077..8a0bdad 100644 --- a/BRANCHES.md +++ b/BRANCHES.md @@ -4,7 +4,7 @@ Installing from branches [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/CERTIFICATES.md b/CERTIFICATES.md index 589d480..5432d78 100644 --- a/CERTIFICATES.md +++ b/CERTIFICATES.md @@ -4,7 +4,7 @@ Certificate name from browser [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/CONTRIBUTIONS.md b/CONTRIBUTIONS.md index ef1bd8b..0b35c40 100644 --- a/CONTRIBUTIONS.md +++ b/CONTRIBUTIONS.md @@ -4,7 +4,7 @@ Past Contributions [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/INITIAL-COMMANDS.md b/INITIAL-COMMANDS.md index 84a88fe..424ef32 100644 --- a/INITIAL-COMMANDS.md +++ b/INITIAL-COMMANDS.md @@ -4,7 +4,7 @@ Initial commands [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/accesslist-duplicates.capsman.rsc b/accesslist-duplicates.capsman.rsc index 0c4eaaf..27546c8 100644 --- a/accesslist-duplicates.capsman.rsc +++ b/accesslist-duplicates.capsman.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # print duplicate antries in wireless access list # https://rsc.eworm.de/doc/accesslist-duplicates.md diff --git a/accesslist-duplicates.local.rsc b/accesslist-duplicates.local.rsc index 353fe1f..589815d 100644 --- a/accesslist-duplicates.local.rsc +++ b/accesslist-duplicates.local.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # print duplicate antries in wireless access list # https://rsc.eworm.de/doc/accesslist-duplicates.md diff --git a/accesslist-duplicates.template.rsc b/accesslist-duplicates.template.rsc index 4219014..ccbca3d 100644 --- a/accesslist-duplicates.template.rsc +++ b/accesslist-duplicates.template.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # print duplicate antries in wireless access list # https://rsc.eworm.de/doc/accesslist-duplicates.md diff --git a/accesslist-duplicates.wifi.rsc b/accesslist-duplicates.wifi.rsc index 3ee53d8..527ebb4 100644 --- a/accesslist-duplicates.wifi.rsc +++ b/accesslist-duplicates.wifi.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # print duplicate antries in wireless access list # https://rsc.eworm.de/doc/accesslist-duplicates.md diff --git a/backup-cloud.rsc b/backup-cloud.rsc index efae055..9d76080 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -4,7 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # provides: backup-script, order=40 -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # upload backup to MikroTik cloud # https://rsc.eworm.de/doc/backup-cloud.md diff --git a/backup-email.rsc b/backup-email.rsc index f6ebad0..d097301 100644 --- a/backup-email.rsc +++ b/backup-email.rsc @@ -4,7 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # provides: backup-script, order=20 -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # create and email backup and config file # https://rsc.eworm.de/doc/backup-email.md diff --git a/backup-partition.rsc b/backup-partition.rsc index bfa7765..1f0cf2e 100644 --- a/backup-partition.rsc +++ b/backup-partition.rsc @@ -4,7 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # provides: backup-script, order=70 -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # requires device-mode, scheduler # # save configuration to fallback partition diff --git a/backup-upload.rsc b/backup-upload.rsc index dc5120f..533cc55 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -4,7 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # provides: backup-script, order=50 -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # requires device-mode, fetch # # create and upload backup and config file diff --git a/capsman-download-packages.capsman.rsc b/capsman-download-packages.capsman.rsc index fa76ff5..2726af7 100644 --- a/capsman-download-packages.capsman.rsc +++ b/capsman-download-packages.capsman.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # download and cleanup packages for CAP installation from CAPsMAN # https://rsc.eworm.de/doc/capsman-download-packages.md diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index 912e279..0a42bb2 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # download and cleanup packages for CAP installation from CAPsMAN # https://rsc.eworm.de/doc/capsman-download-packages.md diff --git a/capsman-download-packages.wifi.rsc b/capsman-download-packages.wifi.rsc index 3a5e7d1..037409a 100644 --- a/capsman-download-packages.wifi.rsc +++ b/capsman-download-packages.wifi.rsc @@ -4,7 +4,7 @@ # Michael Gisbers # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # download and cleanup packages for CAP installation from CAPsMAN # https://rsc.eworm.de/doc/capsman-download-packages.md diff --git a/capsman-rolling-upgrade.capsman.rsc b/capsman-rolling-upgrade.capsman.rsc index abe066e..791b3db 100644 --- a/capsman-rolling-upgrade.capsman.rsc +++ b/capsman-rolling-upgrade.capsman.rsc @@ -5,7 +5,7 @@ # https://rsc.eworm.de/COPYING.md # # provides: capsman-rolling-upgrade.capsman -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # upgrade CAPs one after another # https://rsc.eworm.de/doc/capsman-rolling-upgrade.md diff --git a/capsman-rolling-upgrade.template.rsc b/capsman-rolling-upgrade.template.rsc index c1c7ff1..0b1cc2b 100644 --- a/capsman-rolling-upgrade.template.rsc +++ b/capsman-rolling-upgrade.template.rsc @@ -5,7 +5,7 @@ # https://rsc.eworm.de/COPYING.md # # provides: capsman-rolling-upgrade%TEMPL% -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # upgrade CAPs one after another # https://rsc.eworm.de/doc/capsman-rolling-upgrade.md diff --git a/capsman-rolling-upgrade.wifi.rsc b/capsman-rolling-upgrade.wifi.rsc index 44c99db..4afdee2 100644 --- a/capsman-rolling-upgrade.wifi.rsc +++ b/capsman-rolling-upgrade.wifi.rsc @@ -5,7 +5,7 @@ # https://rsc.eworm.de/COPYING.md # # provides: capsman-rolling-upgrade.wifi -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # upgrade CAPs one after another # https://rsc.eworm.de/doc/capsman-rolling-upgrade.md diff --git a/certificate-renew-issued.rsc b/certificate-renew-issued.rsc index 5a4043d..91a48de 100644 --- a/certificate-renew-issued.rsc +++ b/certificate-renew-issued.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2019-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # renew locally issued certificates # https://rsc.eworm.de/doc/certificate-renew-issued.md diff --git a/check-certificates.rsc b/check-certificates.rsc index 34e7537..25807cb 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # requires device-mode, fetch # # check for certificate validity diff --git a/check-health.d/state.rsc b/check-health.d/state.rsc index bcc1fbc..2991935 100644 --- a/check-health.d/state.rsc +++ b/check-health.d/state.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2019-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # check for RouterOS health state - state plugin # https://rsc.eworm.de/doc/check-health.md diff --git a/check-health.d/temperature.rsc b/check-health.d/temperature.rsc index 9b84782..a2f632d 100644 --- a/check-health.d/temperature.rsc +++ b/check-health.d/temperature.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2019-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # check for RouterOS health state - temperature plugin # https://rsc.eworm.de/doc/check-health.md diff --git a/check-health.d/voltage.rsc b/check-health.d/voltage.rsc index 6394795..9071c88 100644 --- a/check-health.d/voltage.rsc +++ b/check-health.d/voltage.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2019-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # check for RouterOS health state - voltage plugin # https://rsc.eworm.de/doc/check-health.md diff --git a/check-health.rsc b/check-health.rsc index 827f597..f02a249 100644 --- a/check-health.rsc +++ b/check-health.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2019-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # check for RouterOS health state # https://rsc.eworm.de/doc/check-health.md diff --git a/check-lte-firmware-upgrade.rsc b/check-lte-firmware-upgrade.rsc index 562b8fe..c5b6cb5 100644 --- a/check-lte-firmware-upgrade.rsc +++ b/check-lte-firmware-upgrade.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # check for LTE firmware upgrade, send notification # https://rsc.eworm.de/doc/check-lte-firmware-upgrade.md diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index 5c9b392..361be34 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # requires device-mode, fetch, scheduler # # check for RouterOS update, send notification and/or install diff --git a/collect-wireless-mac.capsman.rsc b/collect-wireless-mac.capsman.rsc index f718e0b..17e09e3 100644 --- a/collect-wireless-mac.capsman.rsc +++ b/collect-wireless-mac.capsman.rsc @@ -4,7 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=40 -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # collect wireless mac adresses in access list # https://rsc.eworm.de/doc/collect-wireless-mac.md diff --git a/collect-wireless-mac.local.rsc b/collect-wireless-mac.local.rsc index 0017875..4a38bfa 100644 --- a/collect-wireless-mac.local.rsc +++ b/collect-wireless-mac.local.rsc @@ -4,7 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=40 -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # collect wireless mac adresses in access list # https://rsc.eworm.de/doc/collect-wireless-mac.md diff --git a/collect-wireless-mac.template.rsc b/collect-wireless-mac.template.rsc index 527e985..da901be 100644 --- a/collect-wireless-mac.template.rsc +++ b/collect-wireless-mac.template.rsc @@ -4,7 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=40 -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # collect wireless mac adresses in access list # https://rsc.eworm.de/doc/collect-wireless-mac.md diff --git a/collect-wireless-mac.wifi.rsc b/collect-wireless-mac.wifi.rsc index 5f9de7d..cb217ce 100644 --- a/collect-wireless-mac.wifi.rsc +++ b/collect-wireless-mac.wifi.rsc @@ -4,7 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=40 -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # collect wireless mac adresses in access list # https://rsc.eworm.de/doc/collect-wireless-mac.md diff --git a/dhcp-lease-comment.capsman.rsc b/dhcp-lease-comment.capsman.rsc index 3803963..36b31c8 100644 --- a/dhcp-lease-comment.capsman.rsc +++ b/dhcp-lease-comment.capsman.rsc @@ -4,7 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=60 -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # update dhcp-server lease comment with infos from access-list # https://rsc.eworm.de/doc/dhcp-lease-comment.md diff --git a/dhcp-lease-comment.local.rsc b/dhcp-lease-comment.local.rsc index d5f1461..35dc6f6 100644 --- a/dhcp-lease-comment.local.rsc +++ b/dhcp-lease-comment.local.rsc @@ -4,7 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=60 -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # update dhcp-server lease comment with infos from access-list # https://rsc.eworm.de/doc/dhcp-lease-comment.md diff --git a/dhcp-lease-comment.template.rsc b/dhcp-lease-comment.template.rsc index 2bddc26..47a8554 100644 --- a/dhcp-lease-comment.template.rsc +++ b/dhcp-lease-comment.template.rsc @@ -4,7 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=60 -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # update dhcp-server lease comment with infos from access-list # https://rsc.eworm.de/doc/dhcp-lease-comment.md diff --git a/dhcp-lease-comment.wifi.rsc b/dhcp-lease-comment.wifi.rsc index 515b438..e0f9785 100644 --- a/dhcp-lease-comment.wifi.rsc +++ b/dhcp-lease-comment.wifi.rsc @@ -4,7 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=60 -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # update dhcp-server lease comment with infos from access-list # https://rsc.eworm.de/doc/dhcp-lease-comment.md diff --git a/doc/accesslist-duplicates.md b/doc/accesslist-duplicates.md index a6302f5..e4d0c7f 100644 --- a/doc/accesslist-duplicates.md +++ b/doc/accesslist-duplicates.md @@ -4,7 +4,7 @@ Find and remove access list duplicates [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/backup-cloud.md b/doc/backup-cloud.md index d658760..7286960 100644 --- a/doc/backup-cloud.md +++ b/doc/backup-cloud.md @@ -4,7 +4,7 @@ Upload backup to Mikrotik cloud [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/backup-email.md b/doc/backup-email.md index aedae4d..7b8bcfe 100644 --- a/doc/backup-email.md +++ b/doc/backup-email.md @@ -4,7 +4,7 @@ Send backup via e-mail [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/backup-partition.md b/doc/backup-partition.md index 9f62967..9d615a5 100644 --- a/doc/backup-partition.md +++ b/doc/backup-partition.md @@ -4,7 +4,7 @@ Save configuration to fallback partition [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/backup-upload.md b/doc/backup-upload.md index f2858b2..6a5b0e4 100644 --- a/doc/backup-upload.md +++ b/doc/backup-upload.md @@ -4,7 +4,7 @@ Upload backup to server [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/capsman-download-packages.md b/doc/capsman-download-packages.md index d719934..5722227 100644 --- a/doc/capsman-download-packages.md +++ b/doc/capsman-download-packages.md @@ -4,7 +4,7 @@ Download packages for CAP upgrade from CAPsMAN [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/capsman-rolling-upgrade.md b/doc/capsman-rolling-upgrade.md index f366d40..d277db6 100644 --- a/doc/capsman-rolling-upgrade.md +++ b/doc/capsman-rolling-upgrade.md @@ -4,7 +4,7 @@ Run rolling CAP upgrades from CAPsMAN [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/certificate-renew-issued.md b/doc/certificate-renew-issued.md index 096e07b..c4615b5 100644 --- a/doc/certificate-renew-issued.md +++ b/doc/certificate-renew-issued.md @@ -4,7 +4,7 @@ Renew locally issued certificates [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/check-certificates.md b/doc/check-certificates.md index 4188815..4c144ba 100644 --- a/doc/check-certificates.md +++ b/doc/check-certificates.md @@ -4,7 +4,7 @@ Renew certificates and notify on expiration [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/check-health.md b/doc/check-health.md index 51e71bc..7cf0c33 100644 --- a/doc/check-health.md +++ b/doc/check-health.md @@ -4,7 +4,7 @@ Notify about health state [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/check-lte-firmware-upgrade.md b/doc/check-lte-firmware-upgrade.md index 66b2cf5..3693b71 100644 --- a/doc/check-lte-firmware-upgrade.md +++ b/doc/check-lte-firmware-upgrade.md @@ -4,7 +4,7 @@ Notify on LTE firmware upgrade [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/check-routeros-update.md b/doc/check-routeros-update.md index 2e9b8aa..926b4aa 100644 --- a/doc/check-routeros-update.md +++ b/doc/check-routeros-update.md @@ -4,7 +4,7 @@ Notify on RouterOS update [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/collect-wireless-mac.md b/doc/collect-wireless-mac.md index 84c111d..0197522 100644 --- a/doc/collect-wireless-mac.md +++ b/doc/collect-wireless-mac.md @@ -4,7 +4,7 @@ Collect MAC addresses in wireless access list [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/dhcp-lease-comment.md b/doc/dhcp-lease-comment.md index 6a4c930..b02f199 100644 --- a/doc/dhcp-lease-comment.md +++ b/doc/dhcp-lease-comment.md @@ -4,7 +4,7 @@ Comment DHCP leases with info from access list [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/firmware-upgrade-reboot.md b/doc/firmware-upgrade-reboot.md index 7ab6ac5..54f1da0 100644 --- a/doc/firmware-upgrade-reboot.md +++ b/doc/firmware-upgrade-reboot.md @@ -4,7 +4,7 @@ Automatically upgrade firmware and reboot [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/global-wait.md b/doc/global-wait.md index 6787d20..799cae7 100644 --- a/doc/global-wait.md +++ b/doc/global-wait.md @@ -4,7 +4,7 @@ Wait for global functions and modules [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/gps-track.md b/doc/gps-track.md index 9685899..5e4878f 100644 --- a/doc/gps-track.md +++ b/doc/gps-track.md @@ -4,7 +4,7 @@ Send GPS position to server [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/hotspot-to-wpa.md b/doc/hotspot-to-wpa.md index 07d07dc..a2e9748 100644 --- a/doc/hotspot-to-wpa.md +++ b/doc/hotspot-to-wpa.md @@ -4,7 +4,7 @@ Use WPA network with hotspot credentials [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/ip-addr-bridge.md b/doc/ip-addr-bridge.md index ddbcc0a..f9f98e3 100644 --- a/doc/ip-addr-bridge.md +++ b/doc/ip-addr-bridge.md @@ -4,7 +4,7 @@ Manage IP addresses with bridge status [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/ipsec-to-dns.md b/doc/ipsec-to-dns.md index a688e80..123656c 100644 --- a/doc/ipsec-to-dns.md +++ b/doc/ipsec-to-dns.md @@ -4,7 +4,7 @@ Create DNS records for IPSec peers [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/ipv6-update.md b/doc/ipv6-update.md index 42f0fe4..1f009b1 100644 --- a/doc/ipv6-update.md +++ b/doc/ipv6-update.md @@ -4,7 +4,7 @@ Update configuration on IPv6 prefix change [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/lease-script.md b/doc/lease-script.md index 1b59ff7..f83c383 100644 --- a/doc/lease-script.md +++ b/doc/lease-script.md @@ -4,7 +4,7 @@ Run other scripts on DHCP lease [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/leds-mode.md b/doc/leds-mode.md index c01472e..a194396 100644 --- a/doc/leds-mode.md +++ b/doc/leds-mode.md @@ -4,7 +4,7 @@ Manage LEDs dark mode [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/log-forward.md b/doc/log-forward.md index 55b1540..25be00a 100644 --- a/doc/log-forward.md +++ b/doc/log-forward.md @@ -4,7 +4,7 @@ Forward log messages via notification [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/bridge-port-to.md b/doc/mod/bridge-port-to.md index 2ed9dc7..629c526 100644 --- a/doc/mod/bridge-port-to.md +++ b/doc/mod/bridge-port-to.md @@ -4,7 +4,7 @@ Manage ports in bridge [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/bridge-port-vlan.md b/doc/mod/bridge-port-vlan.md index ded2603..cf29199 100644 --- a/doc/mod/bridge-port-vlan.md +++ b/doc/mod/bridge-port-vlan.md @@ -4,7 +4,7 @@ Manage VLANs on bridge ports [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/inspectvar.md b/doc/mod/inspectvar.md index 4e2f4c1..7daba15 100644 --- a/doc/mod/inspectvar.md +++ b/doc/mod/inspectvar.md @@ -4,7 +4,7 @@ Inspect variables [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/ipcalc.md b/doc/mod/ipcalc.md index 9f39429..c07853e 100644 --- a/doc/mod/ipcalc.md +++ b/doc/mod/ipcalc.md @@ -4,7 +4,7 @@ IP address calculation [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/notification-email.md b/doc/mod/notification-email.md index 0bef455..34d1c09 100644 --- a/doc/mod/notification-email.md +++ b/doc/mod/notification-email.md @@ -4,7 +4,7 @@ Send notifications via e-mail [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/notification-matrix.md b/doc/mod/notification-matrix.md index fbc9b91..89c1b01 100644 --- a/doc/mod/notification-matrix.md +++ b/doc/mod/notification-matrix.md @@ -4,7 +4,7 @@ Send notifications via Matrix [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/notification-ntfy.md b/doc/mod/notification-ntfy.md index 04dee35..51756ac 100644 --- a/doc/mod/notification-ntfy.md +++ b/doc/mod/notification-ntfy.md @@ -4,7 +4,7 @@ Send notifications via Ntfy [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/notification-telegram.md b/doc/mod/notification-telegram.md index f55f936..b85d09c 100644 --- a/doc/mod/notification-telegram.md +++ b/doc/mod/notification-telegram.md @@ -4,7 +4,7 @@ Send notifications via Telegram [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mod/scriptrunonce.md b/doc/mod/scriptrunonce.md index 0127c6d..955d12e 100644 --- a/doc/mod/scriptrunonce.md +++ b/doc/mod/scriptrunonce.md @@ -4,7 +4,7 @@ Download script and run it once [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/mode-button.md b/doc/mode-button.md index 7feb19f..be15bc9 100644 --- a/doc/mode-button.md +++ b/doc/mode-button.md @@ -4,7 +4,7 @@ Mode button with multiple presses [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/ospf-to-leds.md b/doc/ospf-to-leds.md index 23248b5..3694d35 100644 --- a/doc/ospf-to-leds.md +++ b/doc/ospf-to-leds.md @@ -4,7 +4,7 @@ Visualize OSPF state via LEDs [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/packages-update.md b/doc/packages-update.md index 8b0d4a3..75225fe 100644 --- a/doc/packages-update.md +++ b/doc/packages-update.md @@ -4,7 +4,7 @@ Manage system update [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/ppp-on-up.md b/doc/ppp-on-up.md index 7902f3b..305afc1 100644 --- a/doc/ppp-on-up.md +++ b/doc/ppp-on-up.md @@ -4,7 +4,7 @@ Run scripts on ppp connection [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/sms-action.md b/doc/sms-action.md index 5de7f0d..b696c85 100644 --- a/doc/sms-action.md +++ b/doc/sms-action.md @@ -4,7 +4,7 @@ Act on received SMS [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/sms-forward.md b/doc/sms-forward.md index 8e7417b..ccb6482 100644 --- a/doc/sms-forward.md +++ b/doc/sms-forward.md @@ -4,7 +4,7 @@ Forward received SMS [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/super-mario-theme.md b/doc/super-mario-theme.md index 2ffb25b..c72f220 100644 --- a/doc/super-mario-theme.md +++ b/doc/super-mario-theme.md @@ -4,7 +4,7 @@ Play Super Mario theme [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/unattended-lte-firmware-upgrade.md b/doc/unattended-lte-firmware-upgrade.md index e9a888c..cb96aa1 100644 --- a/doc/unattended-lte-firmware-upgrade.md +++ b/doc/unattended-lte-firmware-upgrade.md @@ -4,7 +4,7 @@ Install LTE firmware upgrade [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/update-gre-address.md b/doc/update-gre-address.md index 7e101c4..de9f622 100644 --- a/doc/update-gre-address.md +++ b/doc/update-gre-address.md @@ -4,7 +4,7 @@ Update GRE configuration with dynamic addresses [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/doc/update-tunnelbroker.md b/doc/update-tunnelbroker.md index 126d470..ee0fe98 100644 --- a/doc/update-tunnelbroker.md +++ b/doc/update-tunnelbroker.md @@ -4,7 +4,7 @@ Update tunnelbroker configuration [![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) [![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) [![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) -[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.14-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) [![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) [![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) diff --git a/firmware-upgrade-reboot.rsc b/firmware-upgrade-reboot.rsc index e3d62de..86a9a8c 100644 --- a/firmware-upgrade-reboot.rsc +++ b/firmware-upgrade-reboot.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2022-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # install firmware upgrade, and reboot # https://rsc.eworm.de/doc/firmware-upgrade-reboot.md diff --git a/global-wait.rsc b/global-wait.rsc index bc98462..ca3fc0c 100644 --- a/global-wait.rsc +++ b/global-wait.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # wait for global-functions to finish # https://rsc.eworm.de/doc/global-wait.md diff --git a/gps-track.rsc b/gps-track.rsc index 5e35f8d..dea56d2 100644 --- a/gps-track.rsc +++ b/gps-track.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # requires device-mode, fetch # # track gps data by sending json data to http server diff --git a/hotspot-to-wpa-cleanup.capsman.rsc b/hotspot-to-wpa-cleanup.capsman.rsc index c21ec3e..033d0e7 100644 --- a/hotspot-to-wpa-cleanup.capsman.rsc +++ b/hotspot-to-wpa-cleanup.capsman.rsc @@ -4,7 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=80 -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # requires device-mode, hotspot # # manage and clean up private WPA passphrase after hotspot login diff --git a/hotspot-to-wpa-cleanup.template.rsc b/hotspot-to-wpa-cleanup.template.rsc index 1bd877e..0f8c490 100644 --- a/hotspot-to-wpa-cleanup.template.rsc +++ b/hotspot-to-wpa-cleanup.template.rsc @@ -4,7 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=80 -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # requires device-mode, hotspot # # manage and clean up private WPA passphrase after hotspot login diff --git a/hotspot-to-wpa-cleanup.wifi.rsc b/hotspot-to-wpa-cleanup.wifi.rsc index 8e36204..dfec697 100644 --- a/hotspot-to-wpa-cleanup.wifi.rsc +++ b/hotspot-to-wpa-cleanup.wifi.rsc @@ -4,7 +4,7 @@ # https://rsc.eworm.de/COPYING.md # # provides: lease-script, order=80 -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # requires device-mode, hotspot # # manage and clean up private WPA passphrase after hotspot login diff --git a/hotspot-to-wpa.capsman.rsc b/hotspot-to-wpa.capsman.rsc index de9f9d9..3f51475 100644 --- a/hotspot-to-wpa.capsman.rsc +++ b/hotspot-to-wpa.capsman.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2019-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # requires device-mode, hotspot # # add private WPA passphrase after hotspot login diff --git a/hotspot-to-wpa.template.rsc b/hotspot-to-wpa.template.rsc index 003b12e..068241d 100644 --- a/hotspot-to-wpa.template.rsc +++ b/hotspot-to-wpa.template.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2019-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # requires device-mode, hotspot # # add private WPA passphrase after hotspot login diff --git a/hotspot-to-wpa.wifi.rsc b/hotspot-to-wpa.wifi.rsc index 0d6a7b9..cc5e2fc 100644 --- a/hotspot-to-wpa.wifi.rsc +++ b/hotspot-to-wpa.wifi.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2019-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # requires device-mode, hotspot # # add private WPA passphrase after hotspot login diff --git a/ipsec-to-dns.rsc b/ipsec-to-dns.rsc index 91f6b45..26dab0a 100644 --- a/ipsec-to-dns.rsc +++ b/ipsec-to-dns.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2021-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # requires device-mode, ipsec # # and add/remove/update DNS entries from IPSec mode-config diff --git a/ipv6-update.rsc b/ipv6-update.rsc index 7eb625b..c6e3d65 100644 --- a/ipv6-update.rsc +++ b/ipv6-update.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # update firewall and dns settings on IPv6 prefix change # https://rsc.eworm.de/doc/ipv6-update.md diff --git a/lease-script.rsc b/lease-script.rsc index b6ceac9..bf27fda 100644 --- a/lease-script.rsc +++ b/lease-script.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # run scripts on DHCP lease # https://rsc.eworm.de/doc/lease-script.md diff --git a/log-forward.rsc b/log-forward.rsc index 379fa54..58ec956 100644 --- a/log-forward.rsc +++ b/log-forward.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # forward log messages via notification # https://rsc.eworm.de/doc/log-forward.md diff --git a/mod/bridge-port-to.rsc b/mod/bridge-port-to.rsc index f00e10b..39a036e 100644 --- a/mod/bridge-port-to.rsc +++ b/mod/bridge-port-to.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # reset bridge ports to default bridge # https://rsc.eworm.de/doc/mod/bridge-port-to.md diff --git a/mod/bridge-port-vlan.rsc b/mod/bridge-port-vlan.rsc index 62e71e3..0eeb9b5 100644 --- a/mod/bridge-port-vlan.rsc +++ b/mod/bridge-port-vlan.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # manage VLANs on bridge ports # https://rsc.eworm.de/doc/mod/bridge-port-vlan.md diff --git a/mod/inspectvar.rsc b/mod/inspectvar.rsc index 0f05da7..c861557 100644 --- a/mod/inspectvar.rsc +++ b/mod/inspectvar.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # inspect variables # https://rsc.eworm.de/doc/mod/inspectvar.md diff --git a/mod/ipcalc.rsc b/mod/ipcalc.rsc index fbed74b..477cf4a 100644 --- a/mod/ipcalc.rsc +++ b/mod/ipcalc.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # ip address calculation # https://rsc.eworm.de/doc/mod/ipcalc.md diff --git a/mod/notification-email.rsc b/mod/notification-email.rsc index 404e74d..7b89d98 100644 --- a/mod/notification-email.rsc +++ b/mod/notification-email.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # requires device-mode, email, scheduler # # send notifications via e-mail diff --git a/mod/notification-matrix.rsc b/mod/notification-matrix.rsc index 9b2b641..e989ee0 100644 --- a/mod/notification-matrix.rsc +++ b/mod/notification-matrix.rsc @@ -4,7 +4,7 @@ # Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # requires device-mode, fetch, scheduler # # send notifications via Matrix diff --git a/mod/notification-ntfy.rsc b/mod/notification-ntfy.rsc index 212fde2..aac6d6c 100644 --- a/mod/notification-ntfy.rsc +++ b/mod/notification-ntfy.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # requires device-mode, fetch, scheduler # # send notifications via Ntfy (ntfy.sh) diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index c3ef2dd..23ef942 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # requires device-mode, fetch, scheduler # # send notifications via Telegram diff --git a/mod/scriptrunonce.rsc b/mod/scriptrunonce.rsc index e5368c4..b158c9c 100644 --- a/mod/scriptrunonce.rsc +++ b/mod/scriptrunonce.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # requires device-mode, fetch # # download script and run it once diff --git a/mode-button.rsc b/mode-button.rsc index 4cf5e75..edc5f40 100644 --- a/mode-button.rsc +++ b/mode-button.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # requires device-mode, scheduler # # act on multiple mode and reset button presses diff --git a/ospf-to-leds.rsc b/ospf-to-leds.rsc index 9d822c1..a8662b3 100644 --- a/ospf-to-leds.rsc +++ b/ospf-to-leds.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2020-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # visualize ospf instance state via leds # https://rsc.eworm.de/doc/ospf-to-leds.md diff --git a/packages-update.rsc b/packages-update.rsc index afec2f5..b11596e 100644 --- a/packages-update.rsc +++ b/packages-update.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2019-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # requires device-mode, scheduler # # download packages and reboot for installation diff --git a/ppp-on-up.rsc b/ppp-on-up.rsc index 85e9689..e09bd9d 100644 --- a/ppp-on-up.rsc +++ b/ppp-on-up.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # run scripts on ppp up # https://rsc.eworm.de/doc/ppp-on-up.md diff --git a/sms-action.rsc b/sms-action.rsc index 34d2127..3c8307a 100644 --- a/sms-action.rsc +++ b/sms-action.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # run action on received SMS # https://rsc.eworm.de/doc/sms-action.md diff --git a/sms-forward.rsc b/sms-forward.rsc index 654fd56..8169022 100644 --- a/sms-forward.rsc +++ b/sms-forward.rsc @@ -4,7 +4,7 @@ # Anatoly Bubenkov # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # forward SMS to e-mail # https://rsc.eworm.de/doc/sms-forward.md diff --git a/unattended-lte-firmware-upgrade.rsc b/unattended-lte-firmware-upgrade.rsc index 74495d1..83925fd 100644 --- a/unattended-lte-firmware-upgrade.rsc +++ b/unattended-lte-firmware-upgrade.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2018-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # requires device-mode, scheduler # # schedule unattended lte firmware upgrade diff --git a/update-gre-address.rsc b/update-gre-address.rsc index 6b169a0..cddfa92 100644 --- a/update-gre-address.rsc +++ b/update-gre-address.rsc @@ -3,7 +3,7 @@ # Copyright (c) 2013-2025 Christian Hesse # https://rsc.eworm.de/COPYING.md # -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # # update gre interface remote address with dynamic address from # ipsec remote peer diff --git a/update-tunnelbroker.rsc b/update-tunnelbroker.rsc index a58589b..45afa6f 100644 --- a/update-tunnelbroker.rsc +++ b/update-tunnelbroker.rsc @@ -5,7 +5,7 @@ # https://rsc.eworm.de/COPYING.md # # provides: ppp-on-up -# requires RouterOS, version=7.14 +# requires RouterOS, version=7.15 # requires device-mode, fetch # # update local address of tunnelbroker interface From a8e5b5226bc6a11a0ccbca0f3becc85f9f4904e3 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 10 Feb 2025 11:04:09 +0100 Subject: [PATCH 835/908] global-functions: $RmFile: fail on wrong type --- global-functions.rsc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 2799f39..ac37dee 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1037,6 +1037,11 @@ $LogPrint debug $0 ("Removing file: ". $FileName); + :if ([ :len [ /file/find where name=$FileName type!=file ] ] > 0) do={ + $LogPrint error $0 ("File '" . $FileName . "' is not a file."); + :return false; + } + :local File [ /file/find where name=$FileName type=file ]; :if ([ :len $File ] = 0) do={ $LogPrint debug $0 ("... which does not exist."); From 82020ddd73163194eb75aaa6f57d8e41597a7e6f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 10 Feb 2025 11:03:34 +0100 Subject: [PATCH 836/908] global-functions: $RmDir: fail on wrong type --- global-functions.rsc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index ac37dee..cf278eb 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1014,6 +1014,11 @@ $LogPrint debug $0 ("Removing directory: ". $DirName); + :if ([ :len [ /file/find where name=$DirName type!=directory ] ] > 0) do={ + $LogPrint error $0 ("Directory '" . $DirName . "' is not a directory."); + :return false; + } + :local Dir [ /file/find where name=$DirName type=directory ]; :if ([ :len $Dir ] = 0) do={ $LogPrint debug $0 ("... which does not exist."); From dbdf2952443ada35695925628999db4ddbe80be0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 21 Jan 2025 18:33:35 +0100 Subject: [PATCH 837/908] global-functions: $CertificateDownload: use $RmFile --- global-functions.rsc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index cf278eb..782c1a3 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -149,6 +149,7 @@ :global CleanName; :global FetchUserAgentStr; :global LogPrint; + :global RmFile; :global WaitForFile; $LogPrint info $0 ("Downloading and importing certificate with " . \ @@ -172,7 +173,7 @@ dst-path=$FileName as-value; $WaitForFile $FileName; :if ([ /file/get $FileName size ] = 0) do={ - /file/remove $FileName; + $RmFile $FileName; :error false; } } on-error={ @@ -183,7 +184,7 @@ /certificate/import file-name=$FileName passphrase="" as-value; :delay 1s; - /file/remove [ find where name=$FileName ]; + $RmFile $FileName; :if ([ :len [ /certificate/find where common-name=$CommonName ] ] = 0) do={ /certificate/remove [ find where name~("^" . $FileName . "_[0-9]+\$") ]; From ea8ec6b580071d832df28fd78a9e3c4c07a17bef Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 21 Jan 2025 18:35:39 +0100 Subject: [PATCH 838/908] global-functions: $DownloadPackage: use $RmFile --- global-functions.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 782c1a3..b19ec56 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -343,6 +343,7 @@ :global CleanFilePath; :global LogPrint; :global MkDir; + :global RmFile; :global WaitForFile; :if ([ :len $PkgName ] = 0) do={ :return false; } @@ -386,7 +387,7 @@ $LogPrint debug $0 ("Downloading package file failed."); } - /file/remove [ find where name=$PkgDest ]; + $RmFile $PkgDest; :set Retry ($Retry - 1); } From d19b90df08dd179163c501a08d53eaf15bc53f15 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 21 Jan 2025 18:37:01 +0100 Subject: [PATCH 839/908] global-functions: $FetchHuge: use $RmFile --- global-functions.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index b19ec56..ab6610e 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -457,6 +457,7 @@ :global IfThenElse; :global LogPrint; :global MkDir; + :global RmFile; :global WaitForFile; :set CheckCert [ $IfThenElse ($CheckCert = "false") "no" "yes-without-crl" ]; @@ -473,7 +474,7 @@ http-header-field=({ [ $FetchUserAgentStr $ScriptName ] }) as-value; } on-error={ :if ([ $WaitForFile $FileName 500ms ] = true) do={ - /file/remove $FileName; + $RmFile $FileName; } $LogPrint debug $0 ("Failed downloading from: " . $Url); /file/remove $DirName; From 4760515add1f753af7596245eb1a6c560ea37031 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 21 Jan 2025 18:38:09 +0100 Subject: [PATCH 840/908] global-functions: $FetchHuge: use $RmDir --- global-functions.rsc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index ab6610e..e680b60 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -457,6 +457,7 @@ :global IfThenElse; :global LogPrint; :global MkDir; + :global RmDir; :global RmFile; :global WaitForFile; @@ -477,7 +478,7 @@ $RmFile $FileName; } $LogPrint debug $0 ("Failed downloading from: " . $Url); - /file/remove $DirName; + $RmDir $DirName; :return false; } $WaitForFile $FileName; @@ -493,7 +494,7 @@ :delay 100ms; } } - /file/remove $DirName; + $RmDir $DirName; :return $Return; } From f5f00b70e325d80db939dcc2aa885b80845566fa Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 21 Jan 2025 18:41:58 +0100 Subject: [PATCH 841/908] global-functions: $MkDir: use $RmDir --- global-functions.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index e680b60..4b1f63d 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -857,6 +857,7 @@ :global CleanFilePath; :global LogPrint; + :global RmDir; :global WaitForFile; :local MkTmpfs do={ @@ -873,7 +874,7 @@ } $LogPrint info $0 ("Creating disk of type tmpfs."); - /file/remove [ find where name="tmpfs" type="directory" ]; + $RmDir "tmpfs"; :do { /disk/add slot=tmpfs type=tmpfs tmpfs-max-size=([ /system/resource/get total-memory ] / 3); $WaitForFile "tmpfs"; From d748b69142a8b2b2d4328ef0e07dabe01fdbc01e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 7 Feb 2025 16:13:43 +0100 Subject: [PATCH 842/908] backup-cloud: use $RmDir --- backup-cloud.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/backup-cloud.rsc b/backup-cloud.rsc index 9d76080..c4e23b2 100644 --- a/backup-cloud.rsc +++ b/backup-cloud.rsc @@ -26,6 +26,7 @@ :global LogPrint; :global MkDir; :global RandomDelay; + :global RmDir; :global ScriptFromTerminal; :global ScriptLock; :global SendNotification2; @@ -97,7 +98,7 @@ $LogPrint error $ScriptName ("Failed uploading backup for " . $Identity . " to cloud!"); :set PackagesUpdateBackupFailure true; } - /file/remove "tmpfs/backup-cloud"; + $RmDir "tmpfs/backup-cloud"; } on-error={ :global ExitError; $ExitError $ExitOK [ :jobname ]; } From 81ba47a07d97a4cc36fc020cf35de7656e2abbb2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 7 Feb 2025 16:10:46 +0100 Subject: [PATCH 843/908] backup-upload: use $RmDir --- backup-upload.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/backup-upload.rsc b/backup-upload.rsc index 533cc55..7f15a86 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -35,6 +35,7 @@ :global LogPrint; :global MkDir; :global RandomDelay; + :global RmDir; :global ScriptFromTerminal; :global ScriptLock; :global SendNotification2; @@ -170,7 +171,7 @@ :if ($Failed = 1) do={ :set PackagesUpdateBackupFailure true; } - /file/remove $DirName; + $RmDir $DirName; } on-error={ :global ExitError; $ExitError $ExitOK [ :jobname ]; } From 88ff03136805f40f14bb5d39af370c0ace62c4e7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 7 Feb 2025 16:10:05 +0100 Subject: [PATCH 844/908] backup-upload: use $RmFile --- backup-upload.rsc | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/backup-upload.rsc b/backup-upload.rsc index 7f15a86..14c3914 100644 --- a/backup-upload.rsc +++ b/backup-upload.rsc @@ -36,6 +36,7 @@ :global MkDir; :global RandomDelay; :global RmDir; + :global RmFile; :global ScriptFromTerminal; :global ScriptLock; :global SendNotification2; @@ -100,7 +101,7 @@ :set Failed 1; } - /file/remove ($FilePath . ".backup"); + $RmFile ($FilePath . ".backup"); } # create configuration export @@ -119,7 +120,7 @@ :set Failed 1; } - /file/remove ($FilePath . ".rsc"); + $RmFile ($FilePath . ".rsc"); } # global-config-overlay @@ -140,7 +141,7 @@ :set Failed 1; } - /file/remove ($FilePath . ".conf"); + $RmFile ($FilePath . ".conf"); } :local FileInfo do={ From 63db96bdccc9c9c1356e71683157383322b40285 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 7 Feb 2025 16:06:33 +0100 Subject: [PATCH 845/908] capsman-download-packages: use $RmFile --- capsman-download-packages.capsman.rsc | 3 ++- capsman-download-packages.template.rsc | 3 ++- capsman-download-packages.wifi.rsc | 3 ++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/capsman-download-packages.capsman.rsc b/capsman-download-packages.capsman.rsc index 2726af7..4387cb1 100644 --- a/capsman-download-packages.capsman.rsc +++ b/capsman-download-packages.capsman.rsc @@ -22,6 +22,7 @@ :global DownloadPackage; :global LogPrint; :global MkDir; + :global RmFile; :global ScriptLock; :global WaitFullyConnected; @@ -61,7 +62,7 @@ :if ([ $DownloadPackage ($File->"package-name") $InstalledVersion \ ($File->"package-architecture") $PackagePath ] = true) do={ :set Updated true; - /file/remove $Package; + $RmFile $Package; } } diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index 0a42bb2..744494e 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -23,6 +23,7 @@ :global DownloadPackage; :global LogPrint; :global MkDir; + :global RmFile; :global ScriptLock; :global WaitFullyConnected; @@ -63,7 +64,7 @@ :if ([ $DownloadPackage ($File->"package-name") $InstalledVersion \ ($File->"package-architecture") $PackagePath ] = true) do={ :set Updated true; - /file/remove $Package; + $RmFile $Package; } } diff --git a/capsman-download-packages.wifi.rsc b/capsman-download-packages.wifi.rsc index 037409a..a0c5e12 100644 --- a/capsman-download-packages.wifi.rsc +++ b/capsman-download-packages.wifi.rsc @@ -22,6 +22,7 @@ :global DownloadPackage; :global LogPrint; :global MkDir; + :global RmFile; :global ScriptLock; :global WaitFullyConnected; @@ -61,7 +62,7 @@ :if ([ $DownloadPackage ($File->"package-name") $InstalledVersion \ ($File->"package-architecture") $PackagePath ] = true) do={ :set Updated true; - /file/remove $Package; + $RmFile $Package; } } From 6570a84904bcdd6d74090944f0fc94d1b94add90 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 7 Feb 2025 16:08:40 +0100 Subject: [PATCH 846/908] check-certificates: use $RmFile --- check-certificates.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index 25807cb..0907395 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -44,6 +44,7 @@ :global EscapeForRegEx; :global FetchUserAgentStr; :global LogPrint; + :global RmFile; :global UrlEncode; :global WaitForFile; @@ -63,7 +64,7 @@ :set DecryptionFailed false; } } - /file/remove [ find where name=$CertFileName ]; + $RmFile $CertFileName; :if ($DecryptionFailed = true) do={ $LogPrint warning $ScriptName ("Decryption failed for certificate file '" . $CertFileName . "'."); From 0fea300feaaaf8f3c87facb99e04126753713c76 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 7 Feb 2025 16:12:51 +0100 Subject: [PATCH 847/908] mod/ssh-keys-import: use $RmDir --- mod/ssh-keys-import.rsc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/mod/ssh-keys-import.rsc b/mod/ssh-keys-import.rsc index 35aa7ec..2fae4b1 100644 --- a/mod/ssh-keys-import.rsc +++ b/mod/ssh-keys-import.rsc @@ -19,6 +19,7 @@ :global GetRandom20CharAlNum; :global LogPrint; :global MkDir; + :global RmDir; :global WaitForFile; :if ([ :len $Key ] = 0 || [ :len $User ] = 0) do={ @@ -58,10 +59,10 @@ /user/ssh-keys/import public-key-file=$FileName user=$User; $LogPrint info $0 ("Imported ssh public key (" . $KeyVal->2 . ", " . $KeyVal->0 . ", " . \ "MD5:" . $FingerPrintMD5 . ") for user '" . $User . "'."); - /file/remove "tmpfs/ssh-keys-import"; + $RmDir "tmpfs/ssh-keys-import"; } on-error={ $LogPrint warning $0 ("Failed importing key."); - /file/remove "tmpfs/ssh-keys-import"; + $RmDir "tmpfs/ssh-keys-import"; :return false; } } on-error={ From b156fc43cfde99935eb78d95c6a5eae35b8f70f1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 7 Feb 2025 16:14:58 +0100 Subject: [PATCH 848/908] telegram-chat: use $RmDir --- telegram-chat.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/telegram-chat.rsc b/telegram-chat.rsc index 8f29d8c..10952a6 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -37,6 +37,7 @@ :global MIN; :global MkDir; :global RandomDelay; + :global RmDir; :global ScriptLock; :global SendTelegram2; :global SymbolForNotification; @@ -154,7 +155,7 @@ $State . [ $IfThenElse ([ :len $Content ] > 0) \ ([ $SymbolForNotification "memo" ] . "Output:\n" . $Content) \ ([ $SymbolForNotification "memo" ] . "No output.") ]) }); - /file/remove "tmpfs/telegram-chat"; + $RmDir "tmpfs/telegram-chat"; } else={ $LogPrint info $ScriptName ("The command from update " . $UpdateID . " failed syntax validation!"); $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=false; replyto=($Message->"message_id"); \ From fc3beac83b8a6fd35a7b3736759f15bb8b71a723 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 10 Feb 2025 08:42:17 +0100 Subject: [PATCH 849/908] log-forward: make empty string a special meaning --- global-config.rsc | 10 +++++----- log-forward.rsc | 5 +++++ 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/global-config.rsc b/global-config.rsc index df26ef9..5df7b34 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -119,17 +119,17 @@ :global FwAddrListTimeOut 1d; # This defines what log messages to filter or include by topic or message -# text. Regular expressions are supported. Do *NOT* set an empty string, -# that will filter or include everything! +# text. Regular expressions are supported. An empty string has a special +# meaning not to filter or include anything. # These are filters, so excluding messages from forwarding. :global LogForwardFilter "(debug|info|packet|raw)"; -:global LogForwardFilterMessage []; +:global LogForwardFilterMessage ""; #:global LogForwardFilterMessage "message text"; #:global LogForwardFilterMessage "(message text|another text|...)"; # ... and another setting with reverse logic. This includes messages even # if filtered above. -:global LogForwardInclude []; -:global LogForwardIncludeMessage []; +:global LogForwardInclude ""; +:global LogForwardIncludeMessage ""; #:global LogForwardInclude "account"; #:global LogForwardIncludeMessage "message text"; diff --git a/log-forward.rsc b/log-forward.rsc index 58ec956..afeb3f2 100644 --- a/log-forward.rsc +++ b/log-forward.rsc @@ -57,6 +57,11 @@ :local MessageVal; :local MessageDups ({}); + :set LogForwardFilter [ $EitherOr $LogForwardFilter [] ]; + :set LogForwardFilterMessage [ $EitherOr $LogForwardFilterMessage [] ]; + :set LogForwardInclude [ $EitherOr $LogForwardInclude [] ]; + :set LogForwardIncludeMessage [ $EitherOr $LogForwardIncludeMessage [] ]; + :local LogForwardFilterLogForwardingCached [ $EitherOr [ $LogForwardFilterLogForwarding ] ("\$^") ]; :foreach Message in=[ /log/find where (!(message="") and \ !(message~$LogForwardFilterLogForwardingCached) and \ From 2e42f7963c2186512c4fa2cd75de7ab07754f229 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 10 Feb 2025 08:45:25 +0100 Subject: [PATCH 850/908] mod/notification-ntfy: use empty strings as default... ... which should be fine now that the credentials are not passed with fetch's properties, but as properly formatted authentication header. --- global-config.rsc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/global-config.rsc b/global-config.rsc index 5df7b34..b0f0c64 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -56,9 +56,9 @@ # install the module: # $ScriptInstallUpdate mod/notification-ntfy :global NtfyServer "ntfy.sh"; -:global NtfyServerUser []; -:global NtfyServerPass []; -:global NtfyServerToken []; +:global NtfyServerUser ""; +:global NtfyServerPass ""; +:global NtfyServerToken ""; :global NtfyTopic ""; # It is possible to override e-mail, Telegram, Matrix and Ntfy setting From da280586b5012feb576cd7cd3e911d00ac7bf63e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 10 Feb 2025 14:00:37 +0100 Subject: [PATCH 851/908] doc/log-forward: add a hint on defaults --- doc/log-forward.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/doc/log-forward.md b/doc/log-forward.md index 25be00a..93f6a7d 100644 --- a/doc/log-forward.md +++ b/doc/log-forward.md @@ -53,6 +53,12 @@ Just install the script: Configuration ------------- +The default configuration should provide reasonable presets, filtering +*info*, and effectively forwarding *warning* and *error*. + +> 💡️ **Hint**: Please try with defaults first, especially if you are not +> familiar with regular expressions! + The configuration goes to `global-config-overlay`, these are the parameters: * `LogForwardFilter`: define topics *not* to be forwarded From 8af67af462369968238afe874a24c26141b0b5c9 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 10 Feb 2025 14:08:06 +0100 Subject: [PATCH 852/908] doc/log-forward: mention ntfy --- doc/log-forward.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/log-forward.md b/doc/log-forward.md index 93f6a7d..3c19569 100644 --- a/doc/log-forward.md +++ b/doc/log-forward.md @@ -22,15 +22,15 @@ server (see `/system/logging`). This has some limitation, however: * does not work early after boot if network connectivity is not yet established, or breaks intermittently * lots of messages generate a flood of mails -* Matrix and Telegram are not supported +* Matrix, Ntfy and Telegram are not supported The script works around the limitations, for example it does: * read from `/log`, including messages from early boot * skip multi-repeated messages * rate-limit itself to mitigate flooding -* forward via notification (which includes *e-mail*, *Matrix* and *Telegram* - when installed and configured, see below) +* forward via notification (which includes *e-mail*, *Matrix*, *Ntfy* and + *Telegram* when installed and configured, see below) It is intended to be run periodically from scheduler, then collects new log messages and forwards them via notification. From 4d0b4a1ff4137ae0b5508fb16428ac4da7205410 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 11 Feb 2025 14:30:14 +0100 Subject: [PATCH 853/908] fw-addr-lists: these lists are deprecated and discontinued Any alternatives around? --- certs/GlobalSign.pem | 28 ---------------------------- certs/Makefile | 2 -- doc/fw-addr-lists.md | 6 +++--- global-config.rsc | 4 ---- 4 files changed, 3 insertions(+), 37 deletions(-) delete mode 100644 certs/GlobalSign.pem diff --git a/certs/GlobalSign.pem b/certs/GlobalSign.pem deleted file mode 100644 index 47035e4..0000000 --- a/certs/GlobalSign.pem +++ /dev/null @@ -1,28 +0,0 @@ -# Issuer: CN=GlobalSign O=GlobalSign OU=GlobalSign Root CA - R3 -# Subject: CN=GlobalSign O=GlobalSign OU=GlobalSign Root CA - R3 -# Label: "GlobalSign Root CA - R3" -# Serial: 4835703278459759426209954 -# MD5 Fingerprint: c5:df:b8:49:ca:05:13:55:ee:2d:ba:1a:c3:3e:b0:28 -# SHA1 Fingerprint: d6:9b:56:11:48:f0:1c:77:c5:45:78:c1:09:26:df:5b:85:69:76:ad -# SHA256 Fingerprint: cb:b5:22:d7:b7:f1:27:ad:6a:01:13:86:5b:df:1c:d4:10:2e:7d:07:59:af:63:5a:7c:f4:72:0d:c9:63:c5:3b ------BEGIN CERTIFICATE----- -MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G -A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp -Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4 -MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEG -A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWtiHL8 -RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsT -gHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmm -KPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zd -QQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZ -XriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCAwEAAaNCMEAw -DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI/wS3+o -LkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZU -RUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMp -jjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK -6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX -mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs -Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH -WD9f ------END CERTIFICATE----- diff --git a/certs/Makefile b/certs/Makefile index ba25303..4e252b4 100644 --- a/certs/Makefile +++ b/certs/Makefile @@ -23,12 +23,10 @@ DOMAINS_IPV4 = \ 8.8.8.8/GTS-Root-R1 \ 9.9.9.9/DigiCert-Global-Root-G3 \ api.mullvad.net/ISRG-Root-X1 \ - feodotracker.abuse.ch/GlobalSign \ ipv4.showipv6.de/ISRG-Root-X1 \ ipv4.tunnelbroker.net/Starfield-Root-Certificate-Authority-G2 \ mkcert.org/ISRG-Root-X1 \ ntfy.sh/ISRG-Root-X1 \ - sslbl.abuse.ch/GlobalSign \ www.dshield.org/ISRG-Root-X1 \ www.spamhaus.org/GTS-Root-R4 DOMAINS_IPV6 = \ diff --git a/doc/fw-addr-lists.md b/doc/fw-addr-lists.md index f581fd2..b888d4b 100644 --- a/doc/fw-addr-lists.md +++ b/doc/fw-addr-lists.md @@ -19,9 +19,9 @@ Description This script downloads, imports and updates firewall address-lists. Its main purpose is to block attacking ip addresses, spam hosts, command-and-control servers and similar malicious entities. The default configuration contains -lists from [abuse.ch](https://abuse.ch/), [dshield.org](https://dshield.org/) -and [blocklist.de](https://www.blocklist.de/), and -lists from [spamhaus.org](https://spamhaus.org/) are prepared. +lists from [dshield.org](https://dshield.org/) and +[blocklist.de](https://www.blocklist.de/), and lists from +[spamhaus.org](https://spamhaus.org/) are prepared. The address-lists are updated in place, so after initial import you will not see situation when the lists are not populated. diff --git a/global-config.rsc b/global-config.rsc index b0f0c64..2be4752 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -98,10 +98,6 @@ "block"={ # { url="https://rsc.eworm.de/main/fw-addr-lists.d/block"; # cert="ISRG Root X2" }; - { url="https://feodotracker.abuse.ch/downloads/ipblocklist_recommended.txt"; - cert="GlobalSign" }; - { url="https://sslbl.abuse.ch/blacklist/sslipblacklist.txt"; - cert="GlobalSign" }; { url="https://www.dshield.org/block.txt"; cidr="/24"; cert="ISRG Root X1" }; { url="https://lists.blocklist.de/lists/strongips.txt"; From e1c561dd91dff9ad7c6bdd1e3496e126a8ac8b2c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 11 Feb 2025 14:56:43 +0100 Subject: [PATCH 854/908] global-functions: $MkDir: add debug output --- global-functions.rsc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 4b1f63d..645ce3c 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -891,7 +891,10 @@ :return true; } + $LogPrint debug $0 ("Making directory: " . $Path); + :if ([ :len [ /file/find where name=$Path type="directory" ] ] = 1) do={ + $LogPrint debug $0 ("... which already exists."); :return true; } From d41f7585504b592938da5ea0fc68870d1f68c0f5 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 11 Feb 2025 15:32:05 +0100 Subject: [PATCH 855/908] introduce DEBUG info --- DEBUG.md | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 DEBUG.md diff --git a/DEBUG.md b/DEBUG.md new file mode 100644 index 0000000..3d7f025 --- /dev/null +++ b/DEBUG.md @@ -0,0 +1,49 @@ +Debug output and logs +===================== + +[![GitHub stars](https://img.shields.io/github/stars/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=red)](https://github.com/eworm-de/routeros-scripts/stargazers) +[![GitHub forks](https://img.shields.io/github/forks/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=green)](https://github.com/eworm-de/routeros-scripts/network) +[![GitHub watchers](https://img.shields.io/github/watchers/eworm-de/routeros-scripts?logo=GitHub&style=flat&color=blue)](https://github.com/eworm-de/routeros-scripts/watchers) +[![required RouterOS version](https://img.shields.io/badge/RouterOS-7.15-yellow?style=flat)](https://mikrotik.com/download/changelogs/) +[![Telegram group @routeros_scripts](https://img.shields.io/badge/Telegram-%40routeros__scripts-%2326A5E4?logo=telegram&style=flat)](https://t.me/routeros_scripts) +[![donate with PayPal](https://img.shields.io/badge/Like_it%3F-Donate!-orange?logo=githubsponsors&logoColor=orange&style=flat)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=A4ZXBD6YS2W8J) + +[⬅️ Go back to main README](README.md) + +Sometimes scripts do not behave as expected. In these cases debug output +or logs can help. + +## Debug output + +Run this command in a terminal: + + :set PrintDebug true; + +You will then see debug output when running the script from terminal. + +To revert to default output run: + + :set PrintDebug false; + +### Debug output for specific script + +Even having debug output for a specific script or function only (or a +set of) is possible. To enable debug output for `telegram-chat` run: + + :set ($PrintDebugOverride->"telegram-chat") true; + +## Debug logs + +The debug info can go to system log. To make it show up in `memory` run: + + /system/logging/add topics=script,debug action=memory; + +Other actions (`disk`, `email`, `remote` or `support`) can be used as +well. I do not recommend using `echo` - use [debug output](#debug-output) +instead. + +Disable or remote that setting to restore regular logging. + +--- +[⬅️ Go back to main README](README.md) +[⬆️ Go back to top](#top) From c8759381e90408a01dd842e837724b77f2d8c237 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 11 Feb 2025 19:14:42 +0100 Subject: [PATCH 856/908] global-functions: $WaitForFile: check that we can get properties MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Looks like RouterOS 7.18beta2 brings more breakage. Having a file available in listing is just the first step now. We also need to make sure that the file properties are accessible... 🤪 I have seen this taking several tens of seconds at least... 🤪🤪 So let's just try until we have properties available, or the file vanishes. Reported as SUP-179200. 🤞 --- global-functions.rsc | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 645ce3c..13dca64 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1669,6 +1669,7 @@ :global CleanFilePath; :global EitherOr; + :global LogPrintOnce; :global MAX; :set FileName [ $CleanFilePath $FileName ]; @@ -1682,7 +1683,20 @@ :delay $Delay; :set I ($I + 1); } - :return true; + + :while ([ :len [ /file/find where name=$FileName ] ] > 0) do={ + :do { + /file/get $FileName; + :return true; + } on-error={ + $LogPrintOnce warning $0 \ + ("Hit the infamous file handling breakage (SUP-179200) introduced with RouterOS 7.18beta2..."); + } + :delay $Delay; + :set Delay ($Delay * 3 / 2); + } + + :return false; } # wait to be fully connected (default route is reachable, time is sync, DNS resolves) From df631b987d86b3b20cd55de9a005b13703576784 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 12 Feb 2025 12:13:17 +0100 Subject: [PATCH 857/908] fw-addr-lists: add a collective list in default configuration --- doc/fw-addr-lists.md | 3 ++- global-config.rsc | 4 ++++ global-functions.rsc | 2 +- news-and-changes.rsc | 1 + 4 files changed, 8 insertions(+), 2 deletions(-) diff --git a/doc/fw-addr-lists.md b/doc/fw-addr-lists.md index b888d4b..cb560d7 100644 --- a/doc/fw-addr-lists.md +++ b/doc/fw-addr-lists.md @@ -18,7 +18,8 @@ Description This script downloads, imports and updates firewall address-lists. Its main purpose is to block attacking ip addresses, spam hosts, command-and-control -servers and similar malicious entities. The default configuration contains +servers and similar malicious entities. The default configuration contains a +[collective list by GitHub user @stamparm](https://github.com/stamparm/ipsum), lists from [dshield.org](https://dshield.org/) and [blocklist.de](https://www.blocklist.de/), and lists from [spamhaus.org](https://spamhaus.org/) are prepared. diff --git a/global-config.rsc b/global-config.rsc index 2be4752..b364a25 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -90,6 +90,7 @@ :global BackupPartitionCopyBeforeFeatureUpdate false; # This defines the settings for firewall address-lists (fw-addr-lists). +# Warning: Mind your device's resources - memory and processing! :global FwAddrLists { # "allow"={ # { url="https://rsc.eworm.de/main/fw-addr-lists.d/allow"; @@ -98,6 +99,9 @@ "block"={ # { url="https://rsc.eworm.de/main/fw-addr-lists.d/block"; # cert="ISRG Root X2" }; + { url="https://raw.githubusercontent.com/stamparm/ipsum/refs/heads/master/levels/4.txt"; +# # higher level (decrease the numerical value) for more addresses, and vice versa + cert="DigiCert Global Root G2" }; { url="https://www.dshield.org/block.txt"; cidr="/24"; cert="ISRG Root X1" }; { url="https://lists.blocklist.de/lists/strongips.txt"; diff --git a/global-functions.rsc b/global-functions.rsc index 13dca64..5996370 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -13,7 +13,7 @@ :local ScriptName [ :jobname ]; # expected configuration version -:global ExpectedConfigVersion 132; +:global ExpectedConfigVersion 133; # global variables not to be changed by user :global GlobalFunctionsReady false; diff --git a/news-and-changes.rsc b/news-and-changes.rsc index c7e566f..6f9e96e 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -57,6 +57,7 @@ 130="Dropped intermediate certificates, depending on just root certificates now."; 131="Enhanced certificate download to fallback to mkcert.org, so all (commonly trusted) root certificates are available now."; 132="Split off plugins from 'check-health', so the script works on all devices to monitor CPU and RAM. The supported plugins for sensors in hardware are installed automatically."; + 133="Updated the default configuration for 'fw-addr-lists', deprecated lists were removed, a collective list was added."; }; # Migration steps to be applied on script updates From b7b3b43f3b11a280dbb465a425a5a554c2e8e471 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 12 Feb 2025 13:59:31 +0100 Subject: [PATCH 858/908] mod/scriptrunonce: use $FetchHuge --- mod/scriptrunonce.rsc | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/mod/scriptrunonce.rsc b/mod/scriptrunonce.rsc index b158c9c..683e416 100644 --- a/mod/scriptrunonce.rsc +++ b/mod/scriptrunonce.rsc @@ -4,7 +4,6 @@ # https://rsc.eworm.de/COPYING.md # # requires RouterOS, version=7.15 -# requires device-mode, fetch # # download script and run it once # https://rsc.eworm.de/doc/mod/scriptrunonce.md @@ -18,6 +17,7 @@ :global ScriptRunOnceBaseUrl; :global ScriptRunOnceUrlSuffix; + :global FetchHuge; :global LogPrint; :global ValidateSyntax; @@ -30,11 +30,10 @@ :set Script ($ScriptRunOnceBaseUrl . $Script . ".rsc" . $ScriptRunOnceUrlSuffix); } - :local Source; - :do { - :set Source ([ /tool/fetch check-certificate=yes-without-crl $Script output=user as-value ]->"data"); - } on-error={ + :local Source [ $FetchHuge $0 $Script true ]; + :if ($Source = false) do={ $LogPrint warning $0 ("Failed fetching script '" . $Script . "'!"); + :return false; } :if ([ :len $Source ] > 0) do={ From 1c957dbc6d0a35d48f18f2fde0f2061f334feca8 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 12 Feb 2025 14:01:10 +0100 Subject: [PATCH 859/908] mod/scriptrunonce: resolve nested conditions --- mod/scriptrunonce.rsc | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/mod/scriptrunonce.rsc b/mod/scriptrunonce.rsc index 683e416..9d990a1 100644 --- a/mod/scriptrunonce.rsc +++ b/mod/scriptrunonce.rsc @@ -36,17 +36,16 @@ :return false; } - :if ([ :len $Source ] > 0) do={ - :if ([ $ValidateSyntax $Source ] = true) do={ - :do { - $LogPrint info $0 ("Running script '" . $Script . "' now."); - [ :parse $Source ]; - } on-error={ - $LogPrint warning $0 ("The script '" . $Script . "' failed to run!"); - } - } else={ - $LogPrint warning $0 ("The script '" . $Script . "' failed syntax validation!"); - } + :if ([ $ValidateSyntax $Source ] = false) do={ + $LogPrint warning $0 ("The script '" . $Script . "' failed syntax validation!"); + :return false; + } + + :do { + $LogPrint info $0 ("Running script '" . $Script . "' now."); + [ :parse $Source ]; + } on-error={ + $LogPrint warning $0 ("The script '" . $Script . "' failed to run!"); } } } on-error={ From 5715bc7b57ced8f38b394d535028659655a71801 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 12 Feb 2025 14:02:33 +0100 Subject: [PATCH 860/908] mod/scriptrunonce: always give proper return code --- mod/scriptrunonce.rsc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/mod/scriptrunonce.rsc b/mod/scriptrunonce.rsc index 9d990a1..7fcd5b5 100644 --- a/mod/scriptrunonce.rsc +++ b/mod/scriptrunonce.rsc @@ -46,7 +46,10 @@ [ :parse $Source ]; } on-error={ $LogPrint warning $0 ("The script '" . $Script . "' failed to run!"); + :return false; } + + :return true; } } on-error={ :global ExitError; $ExitError false $0; From 584e507fd18f0a0d97f6e3cbfc4f3f6e0d4854fc Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 13 Feb 2025 08:50:49 +0100 Subject: [PATCH 861/908] global-functions: $DeviceInfo: show commit id (if available) --- global-functions.rsc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 5996370..71e5c66 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -13,6 +13,7 @@ :local ScriptName [ :jobname ]; # expected configuration version +:global CommitId "unknown"; :global ExpectedConfigVersion 133; # global variables not to be changed by user @@ -284,6 +285,7 @@ # get readable device info :set DeviceInfo do={ + :global CommitId; :global ExpectedConfigVersion; :global Identity; @@ -324,6 +326,8 @@ $RouterBoard->"current-firmware" != $RouterBoard->"upgrade-firmware") \ ([ $FormatLine " Firmware" ($RouterBoard->"current-firmware") ] . "\n") ] . \ "RouterOS-Scripts:\n" . \ + [ $IfThenElse ($CommitId != "unknown") \ + ([ $FormatLine " Commit" [ :pick $CommitId 0 8 ] ] . "\n") ] . \ [ $FormatLine " Version" $ExpectedConfigVersion ]); } From 0199ea8884d9b45a184717bdbd5dccf829eb527d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 13 Feb 2025 09:07:43 +0100 Subject: [PATCH 862/908] global-functions: $ScriptInstallUpdate: show commit id (if available) --- global-functions.rsc | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 71e5c66..204f824 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1105,6 +1105,7 @@ :local Scripts [ :toarray $1 ]; :local NewComment [ :tostr $2 ]; + :global CommitId; :global ExpectedConfigVersion; :global Identity; :global IDonate; @@ -1137,6 +1138,7 @@ } } + :local CommitIdBefore $CommitId; :local ExpectedConfigVersionBefore $ExpectedConfigVersion; :local ReloadGlobalFunctions false; :local ReloadGlobalConfig false; @@ -1251,6 +1253,10 @@ } } + :if ($CommitId != "unknown" && $CommitIdBefore != $CommitId) do={ + $LogPrint info $0 ("Updated to commit id: " . [ :pick $CommitId 0 8 ]); + } + :if ($ExpectedConfigVersionBefore > $ExpectedConfigVersion) do={ $LogPrint warning $0 ("The configuration version decreased from " . \ $ExpectedConfigVersionBefore . " to " . $ExpectedConfigVersion . \ From dafcc1a0cb8d18b191919c4876fa1db6c3fe2e27 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 13 Feb 2025 17:49:42 +0100 Subject: [PATCH 863/908] global-functions: $RmFile: fix type safeguard MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Ups... 🫣 The type is not just literal 'file' - but what ever type the file is, like 'backup', 'package', 'script', '.conf file', ... So let's match those types we do *not* want to remove. Fixes: https://github.com/eworm-de/routeros-scripts/issues/90 --- global-functions.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 204f824..221b1b5 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1054,12 +1054,12 @@ $LogPrint debug $0 ("Removing file: ". $FileName); - :if ([ :len [ /file/find where name=$FileName type!=file ] ] > 0) do={ + :if ([ :len [ /file/find where name=$FileName (type=directory or type=disk) ] ] > 0) do={ $LogPrint error $0 ("File '" . $FileName . "' is not a file."); :return false; } - :local File [ /file/find where name=$FileName type=file ]; + :local File [ /file/find where name=$FileName !(type=directory or type=disk) ]; :if ([ :len $File ] = 0) do={ $LogPrint debug $0 ("... which does not exist."); :return true; From 75633872aa8a09a328e2bef07211e182bceb2725 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 17 Feb 2025 11:45:02 +0100 Subject: [PATCH 864/908] global-functions: $DeviceInfo: also show commit info --- global-functions.rsc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 221b1b5..c6625c1 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -12,8 +12,9 @@ :local ScriptName [ :jobname ]; -# expected configuration version +# Git commit id & info, expected configuration version :global CommitId "unknown"; +:global CommitInfo "unknown"; :global ExpectedConfigVersion 133; # global variables not to be changed by user @@ -286,6 +287,7 @@ # get readable device info :set DeviceInfo do={ :global CommitId; + :global CommitInfo; :global ExpectedConfigVersion; :global Identity; @@ -327,7 +329,7 @@ ([ $FormatLine " Firmware" ($RouterBoard->"current-firmware") ] . "\n") ] . \ "RouterOS-Scripts:\n" . \ [ $IfThenElse ($CommitId != "unknown") \ - ([ $FormatLine " Commit" [ :pick $CommitId 0 8 ] ] . "\n") ] . \ + ([ $FormatLine " Commit" ($CommitInfo . "/" . [ :pick $CommitId 0 8 ]) ] . "\n") ] . \ [ $FormatLine " Version" $ExpectedConfigVersion ]); } From 2c92c78b4647e43c44da567e98adee69b7857393 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 17 Feb 2025 11:47:26 +0100 Subject: [PATCH 865/908] global-functions: $ScriptInstallUpdate: also show commit info --- global-functions.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index c6625c1..f5fa5cb 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1108,6 +1108,7 @@ :local NewComment [ :tostr $2 ]; :global CommitId; + :global CommitInfo; :global ExpectedConfigVersion; :global Identity; :global IDonate; @@ -1256,7 +1257,7 @@ } :if ($CommitId != "unknown" && $CommitIdBefore != $CommitId) do={ - $LogPrint info $0 ("Updated to commit id: " . [ :pick $CommitId 0 8 ]); + $LogPrint info $0 ("Updated to commit: " . $CommitInfo . "/" . [ :pick $CommitId 0 8 ]); } :if ($ExpectedConfigVersionBefore > $ExpectedConfigVersion) do={ From 58da92e36a704a0bd5915451fbace686e8d9456d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 19 Feb 2025 22:21:03 +0100 Subject: [PATCH 866/908] global-functions: $WaitForFile: drop the warning on file handling breakage... ... but keep the workaround for now - just to be sure. --- global-functions.rsc | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index f5fa5cb..99e52f8 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1682,7 +1682,6 @@ :global CleanFilePath; :global EitherOr; - :global LogPrintOnce; :global MAX; :set FileName [ $CleanFilePath $FileName ]; @@ -1701,10 +1700,7 @@ :do { /file/get $FileName; :return true; - } on-error={ - $LogPrintOnce warning $0 \ - ("Hit the infamous file handling breakage (SUP-179200) introduced with RouterOS 7.18beta2..."); - } + } on-error={ } :delay $Delay; :set Delay ($Delay * 3 / 2); } From cad104879cbc758717f6cbf18f2f1b8946078c19 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 24 Feb 2025 14:49:30 +0100 Subject: [PATCH 867/908] mod/notification-telegram: simplify the queue... ... and pass http-data as a complete sting. --- mod/notification-telegram.rsc | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index 23ef942..be4a915 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -22,7 +22,6 @@ :global IsFullyConnected; :global LogPrint; - :global UrlEncode; :if ([ $IsFullyConnected ] = false) do={ $LogPrint debug $0 ("System is not fully connected, not flushing."); @@ -41,9 +40,7 @@ :do { :local Data ([ /tool/fetch check-certificate=yes-without-crl output=user http-method=post \ ("https://api.telegram.org/bot" . ($Message->"tokenid") . "/sendMessage") \ - http-data=("chat_id=" . ($Message->"chatid") . "&disable_notification=" . ($Message->"silent") . \ - "&reply_to_message_id=" . ($Message->"replyto") . "&disable_web_page_preview=true" . \ - "&parse_mode=MarkdownV2&text=" . [ $UrlEncode ($Message->"text") ]) as-value ]->"data"); + http-data=($Message->"http-data") as-value ]->"data"); :set ($TelegramQueue->$Id); :set ($TelegramMessageIDs->[ :tostr ([ :deserialize from=json value=$Data ]->"result"->"message_id") ]) 1; } on-error={ @@ -145,6 +142,9 @@ (($LenSum - [ :len $Text ]) * 100 / $LenSum) . "%_!") "plain" "_" ]); } + :local HTTPData ("chat_id=" . $ChatId . "&disable_notification=" . ($Notification->"silent") . \ + "&reply_to_message_id=" . ($Notification->"replyto") . "&disable_web_page_preview=true" . \ + "&parse_mode=MarkdownV2"); :do { :if ([ $CertificateAvailable "Go Daddy Root Certificate Authority - G2" ] = false) do={ $LogPrint warning $0 ("Downloading required certificate failed."); @@ -152,9 +152,7 @@ } :local Data ([ /tool/fetch check-certificate=yes-without-crl output=user http-method=post \ ("https://api.telegram.org/bot" . $TokenId . "/sendMessage") \ - http-data=("chat_id=" . $ChatId . "&disable_notification=" . ($Notification->"silent") . \ - "&reply_to_message_id=" . ($Notification->"replyto") . "&disable_web_page_preview=true" . \ - "&parse_mode=MarkdownV2&text=" . [ $UrlEncode $Text ]) as-value ]->"data"); + http-data=($HTTPData . "&text=" . [ $UrlEncode $Text ]) as-value ]->"data"); :set ($TelegramMessageIDs->[ :tostr ([ :deserialize from=json value=$Data ]->"result"->"message_id") ]) 1; } on-error={ $LogPrint info $0 ("Failed sending Telegram notification! Queuing..."); @@ -165,8 +163,8 @@ :set Text ($Text . "\n" . [ $SymbolForNotification "alarm-clock" ] . \ [ $EscapeMD ("This message was queued since _" . [ /system/clock/get date ] . \ " " . [ /system/clock/get time ] . "_ and may be obsolete.") "plain" "_" ]); - :set ($TelegramQueue->[ :len $TelegramQueue ]) { chatid=$ChatId; tokenid=$TokenId; - text=$Text; silent=($Notification->"silent"); replyto=($Notification->"replyto") }; + :set ($TelegramQueue->[ :len $TelegramQueue ]) { tokenid=$TokenId; + http-data=($HTTPData . "&text=" . [ $UrlEncode $Text ]) }; :if ([ :len [ /system/scheduler/find where name="_FlushTelegramQueue" ] ] = 0) do={ /system/scheduler/add name="_FlushTelegramQueue" interval=1m start-time=startup \ on-event=(":global FlushTelegramQueue; \$FlushTelegramQueue;"); From a22b62f58803141a3055db046363f4d41b12ea83 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 24 Feb 2025 14:57:26 +0100 Subject: [PATCH 868/908] mod/notification-telegram: support sending to group's topic... ... when a group has enabled the "Topics" feature. --- doc/mod/notification-telegram.md | 3 +++ global-config.rsc | 2 ++ mod/notification-telegram.rsc | 8 ++++++-- 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/doc/mod/notification-telegram.md b/doc/mod/notification-telegram.md index b85d09c..8043716 100644 --- a/doc/mod/notification-telegram.md +++ b/doc/mod/notification-telegram.md @@ -58,6 +58,9 @@ Sending notifications to a group is possible as well. Add your bot and the *GetIDs Bot* to a group, then use the group's id (which starts with a dash) for `TelegramChatId`. Then remove *GetIDs Bot* from group. +Groups can enable the `Topics` feature. Use `TelegramThreadId` to send to a +specific topic in a group. + Usage and invocation -------------------- diff --git a/global-config.rsc b/global-config.rsc index b364a25..2524ded 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -33,6 +33,8 @@ :global TelegramChatId ""; #:global TelegramTokenId "123456:ABCDEF-GHI"; #:global TelegramChatId "12345678"; +# Use this to send notifications to a specific topic in group. +:global TelegramThreadId ""; # Using telegram-chat you have to define trusted chat ids (not group ids!) # or user names. Groups allow to chat with devices simultaneously. #:global TelegramChatIdsTrusted { diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index be4a915..d04893f 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -68,6 +68,8 @@ :global TelegramChatIdOverride; :global TelegramMessageIDs; :global TelegramQueue; + :global TelegramThreadId; + :global TelegramThreadIdOverride; :global TelegramTokenId; :global TelegramTokenIdOverride; @@ -108,6 +110,8 @@ :local ChatId [ $EitherOr ($Notification->"chatid") \ [ $EitherOr ($TelegramChatIdOverride->($Notification->"origin")) $TelegramChatId ] ]; + :local ThreadId [ $EitherOr ($Notification->"threadid") \ + [ $EitherOr ($TelegramThreadIdOverride->($Notification->"origin")) $TelegramThreadId ] ]; :local TokenId [ $EitherOr ($TelegramTokenIdOverride->($Notification->"origin")) $TelegramTokenId ]; :if ([ :len $TokenId ] = 0 || [ :len $ChatId ] = 0) do={ @@ -143,8 +147,8 @@ } :local HTTPData ("chat_id=" . $ChatId . "&disable_notification=" . ($Notification->"silent") . \ - "&reply_to_message_id=" . ($Notification->"replyto") . "&disable_web_page_preview=true" . \ - "&parse_mode=MarkdownV2"); + "&reply_to_message_id=" . ($Notification->"replyto") . "&message_thread_id=" . $ThreadId . \ + "&disable_web_page_preview=true&parse_mode=MarkdownV2"); :do { :if ([ $CertificateAvailable "Go Daddy Root Certificate Authority - G2" ] = false) do={ $LogPrint warning $0 ("Downloading required certificate failed."); From 757fa60e6f37cc684abec5582d1b6051f6ef8d6d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 25 Feb 2025 10:46:25 +0100 Subject: [PATCH 869/908] telegram-chat: make $IsReply a boolean... ... and check for correct data type. We need this for a group with topic feature enabled, as that variable is set there, but is is an array. --- telegram-chat.rsc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/telegram-chat.rsc b/telegram-chat.rsc index 10952a6..eacbbcb 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -97,7 +97,7 @@ :foreach Update in=($JSON->"result") do={ :set UpdateID ($Update->"update_id"); :local Message ($Update->"message"); - :local IsReply [ :len ($Message->"reply_to_message") ]; + :local IsReply ([ :typeof ($Message->"reply_to_message") ] = "string"); :local IsMyReply ($TelegramMessageIDs->[ :tostr ($Message->"reply_to_message"->"message_id") ]); :if (($IsMyReply = 1 || $TelegramChatOffset->0 > 0 || $Uptime > 5m) && $UpdateID >= $TelegramChatOffset->2) do={ :local Trusted false; @@ -130,7 +130,8 @@ " from update " . $UpdateID . "!"); :set Done true; } - :if ($Done = false && ($IsMyReply = 1 || ($IsReply = 0 && $TelegramChatActive = true)) && [ :len $Command ] > 0) do={ + :if ($Done = false && ($IsMyReply = 1 || ($IsReply = false && \ + $TelegramChatActive = true)) && [ :len $Command ] > 0) do={ :if ([ $ValidateSyntax $Command ] = true) do={ :local State ""; :local File ("tmpfs/telegram-chat/" . [ $GetRandom20CharAlNum 6 ]); From 7928c5f0543765e27379e39bbaff6bdb19638971 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 24 Feb 2025 15:31:34 +0100 Subject: [PATCH 870/908] telegram-chat: support reply in group's topic --- telegram-chat.rsc | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/telegram-chat.rsc b/telegram-chat.rsc index eacbbcb..07e3816 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -104,6 +104,7 @@ :local Chat ($Message->"chat"); :local From ($Message->"from"); :local Command ($Message->"text"); + :local ThreadId [ $IfThenElse ($Message->"is_topic_message") ($Message->"message_thread_id") "" ]; :foreach IdsTrusted in=($TelegramChatId, $TelegramChatIdsTrusted) do={ :if ($From->"id" = $IdsTrusted || $From->"username" = $IdsTrusted) do={ @@ -115,7 +116,8 @@ :local Done false; :if ($Command = "?") do={ $LogPrint info $ScriptName ("Sending notice for update " . $UpdateID . "."); - $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=true; replyto=($Message->"message_id"); \ + $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=true; \ + replyto=($Message->"message_id"); threadid=$ThreadId; \ subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ message=("Online" . [ $IfThenElse $TelegramChatActive " (and active!)" ] . ", awaiting your commands!") }); :set Done true; @@ -150,7 +152,8 @@ :set State ([ $SymbolForNotification "cross-mark" ] . "The command failed with an error!\n\n"); } :local Content ([ /file/read chunk-size=32768 file=$File as-value ]->"data"); - $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=true; replyto=($Message->"message_id"); \ + $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=true; \ + replyto=($Message->"message_id"); threadid=$ThreadId; \ subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ message=([ $SymbolForNotification "gear" ] . "Command:\n" . $Command . "\n\n" . \ $State . [ $IfThenElse ([ :len $Content ] > 0) \ @@ -159,7 +162,8 @@ $RmDir "tmpfs/telegram-chat"; } else={ $LogPrint info $ScriptName ("The command from update " . $UpdateID . " failed syntax validation!"); - $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=false; replyto=($Message->"message_id"); \ + $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=false; \ + replyto=($Message->"message_id"); threadid=$ThreadId; \ subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ message=([ $SymbolForNotification "gear" ] . "Command:\n" . $Command . "\n\n" . \ [ $SymbolForNotification "cross-mark" ] . "The command failed syntax validation!") }); @@ -171,7 +175,8 @@ " (ID " . $From->"id" . ") in update " . $UpdateID . "!"); :if ($Command ~ ("^! *" . [ $EscapeForRegEx $Identity ] . "\$")) do={ $LogPrint warning $ScriptName $MessageText; - $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=false; replyto=($Message->"message_id"); \ + $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=false; \ + replyto=($Message->"message_id"); threadid=$ThreadId; \ subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ message=("You are not trusted.") }); } else={ From e5de9de391283f64763ad16446fa2f6727191306 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 25 Feb 2025 12:19:49 +0100 Subject: [PATCH 871/908] notify on support for Telegram group topics --- global-functions.rsc | 2 +- news-and-changes.rsc | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 99e52f8..42782bc 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -15,7 +15,7 @@ # Git commit id & info, expected configuration version :global CommitId "unknown"; :global CommitInfo "unknown"; -:global ExpectedConfigVersion 133; +:global ExpectedConfigVersion 134; # global variables not to be changed by user :global GlobalFunctionsReady false; diff --git a/news-and-changes.rsc b/news-and-changes.rsc index 6f9e96e..a735ff7 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -58,6 +58,7 @@ 131="Enhanced certificate download to fallback to mkcert.org, so all (commonly trusted) root certificates are available now."; 132="Split off plugins from 'check-health', so the script works on all devices to monitor CPU and RAM. The supported plugins for sensors in hardware are installed automatically."; 133="Updated the default configuration for 'fw-addr-lists', deprecated lists were removed, a collective list was added."; + 134="Enhanced 'mod/notification-telegram' and 'telegram-chat' to support topics in groups."; }; # Migration steps to be applied on script updates From c33eb41c9cfb73e7e5b5ec7a3c37aa9e92ebc9cb Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 18 Dec 2024 17:50:56 +0100 Subject: [PATCH 872/908] global-functions: $DeviceInfo: add license level, re-order --- global-functions.rsc | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 42782bc..b3166dc 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -309,16 +309,19 @@ ([ $FormatLine "Location" ($Snmp->"location") ] . "\n") ] . \ [ $IfThenElse ([ :len ($Snmp->"contact") ] > 0) \ ([ $FormatLine "Contact" ($Snmp->"contact") ] . "\n") ] . \ - [ $FormatLine "Board name" ($Resource->"board-name") ] . "\n" . \ - [ $FormatLine "Architecture" ($Resource->"architecture-name") ] . "\n" . \ + "Hardware:\n" . \ + [ $FormatLine " Board" ($Resource->"board-name") ] . "\n" . \ + [ $FormatLine " Arch" ($Resource->"architecture-name") ] . "\n" . \ [ $IfThenElse ($RouterBoard->"routerboard" = true) \ - ([ $FormatLine "Model" ($RouterBoard->"model") ] . \ + ([ $FormatLine " Model" ($RouterBoard->"model") ] . \ [ $IfThenElse ([ :len ($RouterBoard->"revision") ] > 0) \ (" " . $RouterBoard->"revision") ] . "\n" . \ - [ $FormatLine "Serial number" ($RouterBoard->"serial-number") ] . "\n") ] . \ - [ $IfThenElse ([ :len ($License->"level") ] > 0) \ - ([ $FormatLine "License" ($License->"level") ] . "\n") ] . \ + [ $FormatLine " Serial" ($RouterBoard->"serial-number") ] . "\n") ] . \ + [ $IfThenElse ([ :len ($License->"nlevel") ] > 0) \ + ([ $FormatLine " License" ("level " . ($License->"nlevel")) ] . "\n") ] . \ "RouterOS:\n" . \ + [ $IfThenElse ([ :len ($License->"level") ] > 0) \ + ([ $FormatLine " License" ("level " . ($License->"level")) ] . "\n") ] . \ [ $FormatLine " Channel" ($Update->"channel") ] . "\n" . \ [ $FormatLine " Installed" ($Update->"installed-version") ] . "\n" . \ [ $IfThenElse ([ :typeof ($Update->"latest-version") ] != "nothing" && \ From 4eafcaa3ace2be0f17618c90c0d320647dfd8e38 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 25 Feb 2025 21:26:52 +0100 Subject: [PATCH 873/908] telegram-chat: say hello when awaiting commands --- telegram-chat.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/telegram-chat.rsc b/telegram-chat.rsc index 07e3816..5db4860 100644 --- a/telegram-chat.rsc +++ b/telegram-chat.rsc @@ -119,7 +119,8 @@ $SendTelegram2 ({ origin=$ScriptName; chatid=($Chat->"id"); silent=true; \ replyto=($Message->"message_id"); threadid=$ThreadId; \ subject=([ $SymbolForNotification "speech-balloon" ] . "Telegram Chat"); \ - message=("Online" . [ $IfThenElse $TelegramChatActive " (and active!)" ] . ", awaiting your commands!") }); + message=([ $IfThenElse ([ :len ($From->"first_name") ] > 0) ("Hello " . ($From->"first_name") . "!\n\n") ] . \ + "Online" . [ $IfThenElse $TelegramChatActive " (and active!)" ] . ", awaiting your commands!") }); :set Done true; } :if ($Done = false && [ :pick $Command 0 1 ] = "!") do={ From 53b13b295af835658dc4ef6192624b2ae898bab1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Tue, 25 Feb 2025 21:33:08 +0100 Subject: [PATCH 874/908] mod/notification-telegram: introduce $GetTelegramChatId --- .../notification-telegram.d/getchatid.avif | Bin 0 -> 3896 bytes doc/mod/notification-telegram.md | 24 ++++++++----- global-functions.rsc | 2 +- mod/notification-telegram.rsc | 34 ++++++++++++++++++ news-and-changes.rsc | 1 + 5 files changed, 52 insertions(+), 9 deletions(-) create mode 100644 doc/mod/notification-telegram.d/getchatid.avif diff --git a/doc/mod/notification-telegram.d/getchatid.avif b/doc/mod/notification-telegram.d/getchatid.avif new file mode 100644 index 0000000000000000000000000000000000000000..779296915de91a9b21e2f05685e34a1539d9c73e GIT binary patch literal 3896 zcmbVJc|4Tw7Jp|9Gh>OdZ)4v{hOzJKWG|7Wg+Um*Axp}deNQA*iVO)U43+F6AqrWt z6pds=B~;9v(eHQf{oKFqz32U$=X}rdoO8a<3jlzKS6EaqHXP>#P=#g#a9*eY9M;R) z5M>AeAccT)VOUy@DxyA~{`fx-0D^HIVSnSl?V(^?Sipe;qMiyk{~!;VX956VfEJ-D z>;(WY1XBG24`dGj&~Pd?#Nh%DRyfG;Q=N0P650)HxDv`Z$Uo>{GT%Ql)U;_N&WonB zLVg_n+@A&jaLB_m)Z<_zZKy9U7#~cvmbhS#AgblWg$AFaTB^`VP!BX!*@AJAxPu4` z2BTVLY&gm|UW66_I6Q*<@qr%xkiMEiA36tD&r;sDf6eH37llaAqcE zUKSQ!Wl=#<<^NeI9RLCbuz{###Q-n@M27%TdH`YSp7fvt`9p<9lnz4A0ENLBnWzO# zY_yl614HQO=^@ld2VJ7(0SJPgT@+==z;PT46${~1j?cRd6E|w;^YZq=`G$s_508k9x{!D| zDLExIE&WRV)q=unMc0e(lvmuXBve)3d-$lashQZ)`napRr?>BU|G$mS)Kel&vf6{o-c>XPanEeMY1eF&U0-=LIX}mz-2pVw&gkBWI zz;1XPiVfiqQ;vsm8s*(?=!A=_*llpR<3|~}CD4nKn>1<%%>FxK3I7+fe-ir_uW5jp z4n+NVbO=Bn_&S*Y{&BaF0e3OOpVM>d|wQdGhlWObE4x{~dGl1#%7j7&IBA?^hq9@EAMf(v}&82eQ zTMn5iEnHXAIh+X&b~@kx{d+BE!Tk`6B+QBHy1K5vmB@i}ToZvh^Q>)EyC}|p4*d-d zB6Mc%o+*EpCFVpWxKe6w*j^z1;|uNWeW9pbGi`@Gi!mI;4Ag;{fTP zp(X=}N8)R}x0NnZm*+hTgV;}ZhjRMP^eA4u6XRvtwZ%L%9I`v9&24>atSLoW8#Ds9?|^c66Fl8h92pY@;%y zCQ!nn?tJQ!zRP24)!Qr*D~!aFWfJd9X%Jn*2f^)H=r}o+Sj5WZ8{i|V%+!7>q$rM6 zAT)t9#<+OpGMR^u%g*6S2*FS9v+Iuga&Lu-a8r9?Ao#S3d}Mf&`T2 z_e)i@jG^lrT_oERws^EJ4pt>vwwiS}f^D~x&HGRtx}ODpMUlUd%k@N`wLHXapN2#T zf)AM)NVogW-*S4T-=r9X-3-6azmO=Jsm##_qW~u_u$099@?% z8)I@z)~A0t@vtBGy6jxxXmiH0THz_z2k~~KuXe4r<E$g21Vzz|w*m z07@Z>uv!ei+1e2s8^q0tk4rxBI{9_(vr`_?Lr`F|{ zZccfR9-i|=z>7}x(UJRXt(HFImkQpL&yT<%Z)7`X+j36#K6%nMV#IbVMO!dI58Q$>A>&!4h@B4OElQ`)lay+c&+r5EO<_Mvdfz_yy+K{kg z$0uiYN(_>tt6jTuHLvF;$=p3ABOVvYry&98Y7*vma=LzA-YDEyNamDyc#53azWyV# zpmXt=?+2f# zs?s3?0x|8WQm4C+phNr#pRURcLkRNiz)EN-NoTWkGwc}Dw#x5@3`|v4$`m`m2-lFr>%28EHmp#dW47vt%qCV!IBpld4P5zj?9LSgy26=0 zwfuWHkj}#bbF>i`UdyvmQ>7!4_xwu&ndRjw9I|S#F??lUeJs5amf-fKhk79bu_c%v@a| zBXqj&RoYf*C~>RX-l|#IT+Hz-*{x*jhq!q%ET5fGQwljGE2wj7o`fsq=Sdr3(G6jb zw_10cbCXUdrB_DI2Kwua&(~%rXa>I1_$+HC;0N!;bHL}lw1hfuW{dpr3U)f=1}m?z zM`dv(<~>VZQ>;w0bILAW+MAfgTKW-H5iB=k1}ap| z^VGez7o{5}CG4@R`cCui7WiQ+SJg`k^tJONRbg%5Y% z&gbgI6&RR*{LN@CwY`XXJy6%}t;{&6*x$00lwlh48|W^F~k&M*4e zWly<$X|D0fFY?kAukRc#`#$qnEmOORBGU4F;b##bhSol9pYZ&qI#~3|t&4^glOZ;4 zk8I=VBA371=+WLT@SMH&WT(9Dm)9;7Wn&TmxJ`|&QkLEYl{hO}g-iDT%#REa9JbEu zvVGZIn-O_VJ^I~3a8?#2g_Km2+plMH_0zKM*NRl$)Kot?t`pby8&ABc5%ELlm0s=? z>ceV|3R~9NONUW1YcXbeGdGb#x3(6K^{F$HW93g9l-tGKjXK$Q=KZF9^m^R$_dCg_ z=$D=~HKt0&DUZ>c%@c?$7N^aeW&FFW%LS^^+XC8chk%n4)B^ssgQ1aTK z+WP31k`CJ`t2KkM+^~w!r=8jc+62{hwKc~3V=wt8?1FvwQ5c^LF}dw|hLE8x-r7Qb zC&LmXmqu*V2kRR#;0aej2Ml>~WAw^OP)dYzorsvzv@uV`Ob7fosHLWda7I?JGo0-n zM?+%0`g`qL?u+|N-BXA4mDsw9e(0X6!&@L(n%ZJV>YprKG3EBtlpJ_A>c$rqJli~M zPikvKkF?%AFC6C+2&reB(J0fO8Vu8Sn6ugy>NRx*pKqlMjuw``G}`Sw+h@{T$b(s` zuuMM^;?|e#mcevK8yo*g?`YFkffRgJjB(F(rMTKNUr6FBMIY98J)-+SHLgd)8~6Xo{UO}5R1XmToG zCnSAix+m}UePrg@%S?)PPV!eF7>~zkEv0RQtB%|kkDnLSx_owZcxz^5uDy1vp@V|&!>XuY$1kV_Pgs#xK<1uu|k3fL?1rsf}dTZkB73xjO3Lq zH<$tjuhlL{gL|s6LM0i$4D|=xcGg8$gLEw=PnjQQ9XQS}9cBOB&nF%!^3+^a%lq9L zO8VLjg%&{$BB8DVHugBr8y?7F$6>P^xE+>@0pd{tUlw9i;)UoigknML3 z@%b$`NsVc1&H!`nD@6u=OU=e-)+RNp$ahbHcfa2A3%u}V@J8em?FHEKZ}d9KMw=kF zTffMRtn9OciH?ealxRXhhb4u6_h!BMF1|l@%4aORqSKXk4pjGCy+mKajpN2cdRq-& z2Xf==8mW4hL8_kb4oisQj>>9`R}g40xa%QWd->9)N>7ujKW1;Z=g#13CY3jlgYgW} z!A>kvbsgQ8vMh)(*YROFG5lO=+}+xF8B00bk())D0w1O21?kh+)7SM!D_jNJpWP? zr2s$c>Qa4*;GmM*kqhsx>`HuqkME ℹ️ **Info**: Copy relevant configuration from @@ -54,9 +61,10 @@ reload the configuration. ### Notifications to a group -Sending notifications to a group is possible as well. Add your bot and the -*GetIDs Bot* to a group, then use the group's id (which starts with a dash) -for `TelegramChatId`. Then remove *GetIDs Bot* from group. +Sending notifications to a group is possible as well. Add your bot to a group +and make it an admin (required for read access!) and send a message and run +`$GetTelegramChatId` again. Then use that chat id (which starts with a dash) +for `TelegramChatId`. Groups can enable the `Topics` feature. Use `TelegramThreadId` to send to a specific topic in a group. diff --git a/global-functions.rsc b/global-functions.rsc index b3166dc..43cd7f0 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -15,7 +15,7 @@ # Git commit id & info, expected configuration version :global CommitId "unknown"; :global CommitInfo "unknown"; -:global ExpectedConfigVersion 134; +:global ExpectedConfigVersion 135; # global variables not to be changed by user :global GlobalFunctionsReady false; diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index d04893f..7782fcf 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -10,6 +10,7 @@ # https://rsc.eworm.de/doc/mod/notification-telegram.md :global FlushTelegramQueue; +:global GetTelegramChatId; :global NotificationFunctions; :global PurgeTelegramQueue; :global SendTelegram; @@ -58,6 +59,39 @@ :global ExitError; $ExitError false $0; } } +# get the chat id +:set GetTelegramChatId do={ :do { + :global TelegramTokenId; + + :global CertificateAvailable; + :global LogPrint; + + :if ([ $CertificateAvailable "Go Daddy Root Certificate Authority - G2" ] = false) do={ + $LogPrint warning $0 ("Downloading required certificate failed."); + :return false; + } + + :local Data; + :do { + :set Data ([ /tool/fetch check-certificate=yes-without-crl output=user \ + ("https://api.telegram.org/bot" . $TelegramTokenId . "/getUpdates?offset=0" . \ + "&allowed_updates=%5B%22message%22%5D") as-value ]->"data"); + } on-error={ + $LogPrint warning $0 ("Fetching data failed!"); + :return false; + } + + :local JSON [ :deserialize from=json value=$Data ]; + :foreach Update in=($JSON->"result") do={ + $LogPrint info $0 ("The chat id is: " . ($Update->"message"->"chat"->"id")); + :return true; + } + + $LogPrint info $0 ("No message received."); +} on-error={ + :global ExitError; $ExitError false $0; +} } + # send notification via telegram - expects one array argument :set ($NotificationFunctions->"telegram") do={ :local Notification $1; diff --git a/news-and-changes.rsc b/news-and-changes.rsc index a735ff7..459326f 100644 --- a/news-and-changes.rsc +++ b/news-and-changes.rsc @@ -59,6 +59,7 @@ 132="Split off plugins from 'check-health', so the script works on all devices to monitor CPU and RAM. The supported plugins for sensors in hardware are installed automatically."; 133="Updated the default configuration for 'fw-addr-lists', deprecated lists were removed, a collective list was added."; 134="Enhanced 'mod/notification-telegram' and 'telegram-chat' to support topics in groups."; + 135="Introduced helper function '\$GetTelegramChatId' for 'mod/notification-telegram' which helps retrieve information."; }; # Migration steps to be applied on script updates From f6c2225f68fae8494d620dca0fc41b50a0450977 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 26 Feb 2025 13:37:57 +0100 Subject: [PATCH 875/908] check-certificates: catch and ignore import error MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Hmm... 🤨 When was that runtime error introduced? I *think* it worked before. --- check-certificates.rsc | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index 0907395..94f23a7 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -59,10 +59,12 @@ :local DecryptionFailed true; :foreach PassPhrase in=$CertRenewPass do={ - :local Result [ /certificate/import file-name=$CertFileName passphrase=$PassPhrase as-value ]; - :if ($Result->"decryption-failures" = 0) do={ - :set DecryptionFailed false; - } + :do { + :local Result [ /certificate/import file-name=$CertFileName passphrase=$PassPhrase as-value ]; + :if ($Result->"decryption-failures" = 0) do={ + :set DecryptionFailed false; + } + } on-error={ } } $RmFile $CertFileName; From a6d4e7e82cc9870c6cfd1e0ee9724eb6129ce5ab Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 26 Feb 2025 18:03:17 +0100 Subject: [PATCH 876/908] check-certificates: drop dot from type... ... and add it in file name. --- check-certificates.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index 94f23a7..20ac2e2 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -50,8 +50,8 @@ :local Return false; - :foreach Type in={ ".pem"; ".p12" } do={ - :local CertFileName ([ $UrlEncode $FetchName ] . $Type); + :foreach Type in={ "pem"; "p12" } do={ + :local CertFileName ([ $UrlEncode $FetchName ] . "." . $Type); :do { /tool/fetch check-certificate=yes-without-crl http-header-field=({ [ $FetchUserAgentStr $ScriptName ] }) \ ($CertRenewUrl . $CertFileName) dst-path=$CertFileName as-value; From 3d40b4419d47f41edf5059c00c1ab575f49c6da1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 26 Feb 2025 13:40:12 +0100 Subject: [PATCH 877/908] check-certificates: add more debug output --- check-certificates.rsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index 20ac2e2..6862015 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -58,10 +58,12 @@ $WaitForFile $CertFileName; :local DecryptionFailed true; - :foreach PassPhrase in=$CertRenewPass do={ + :foreach I,PassPhrase in=$CertRenewPass do={ :do { + $LogPrint debug $ScriptName ("Trying " . $I . ". passphrase... "); :local Result [ /certificate/import file-name=$CertFileName passphrase=$PassPhrase as-value ]; :if ($Result->"decryption-failures" = 0) do={ + $LogPrint debug $ScriptName ("Success!"); :set DecryptionFailed false; } } on-error={ } From 512c54bd590503af27e754c5c65c34b5307cf9c9 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 26 Feb 2025 13:55:09 +0100 Subject: [PATCH 878/908] check-certificates: ... and even more --- check-certificates.rsc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/check-certificates.rsc b/check-certificates.rsc index 6862015..6dff9ba 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -52,6 +52,9 @@ :foreach Type in={ "pem"; "p12" } do={ :local CertFileName ([ $UrlEncode $FetchName ] . "." . $Type); + $LogPrint debug $ScriptName ("Trying type '" . $Type . "' for '" . $CertName . \ + "' (file '" . $CertFileName . "')..."); + :do { /tool/fetch check-certificate=yes-without-crl http-header-field=({ [ $FetchUserAgentStr $ScriptName ] }) \ ($CertRenewUrl . $CertFileName) dst-path=$CertFileName as-value; From e833dfcf25175fb1d5c652dcf898c6332ce70404 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 26 Feb 2025 13:51:25 +0100 Subject: [PATCH 879/908] check-certificates: simplify return from function... ... and also break earch on success. --- check-certificates.rsc | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index 6dff9ba..5065c33 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -48,8 +48,6 @@ :global UrlEncode; :global WaitForFile; - :local Return false; - :foreach Type in={ "pem"; "p12" } do={ :local CertFileName ([ $UrlEncode $FetchName ] . "." . $Type); $LogPrint debug $ScriptName ("Trying type '" . $Type . "' for '" . $CertName . \ @@ -84,13 +82,13 @@ $CertificateNameByCN [ /certificate/get $CertInChain common-name ]; } - :set Return true; + :return true; } on-error={ $LogPrint debug $ScriptName ("Could not download certificate file '" . $CertFileName . "'."); } } - :return $Return; + :return false; } :local FormatInfo do={ From 14195c51ca381063789ca58c760d70037328e600 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 26 Feb 2025 18:25:58 +0100 Subject: [PATCH 880/908] check-certificates: try PKCS#12 before PEM... MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ... as that is more likely to have a private key. Is that true? 🤨 --- check-certificates.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/check-certificates.rsc b/check-certificates.rsc index 5065c33..be8e4df 100644 --- a/check-certificates.rsc +++ b/check-certificates.rsc @@ -48,7 +48,7 @@ :global UrlEncode; :global WaitForFile; - :foreach Type in={ "pem"; "p12" } do={ + :foreach Type in={ "p12"; "pem" } do={ :local CertFileName ([ $UrlEncode $FetchName ] . "." . $Type); $LogPrint debug $ScriptName ("Trying type '" . $Type . "' for '" . $CertName . \ "' (file '" . $CertFileName . "')..."); From b11be59b0824efac6df128fde46a529ced14a2d0 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 27 Feb 2025 10:44:53 +0100 Subject: [PATCH 881/908] README: quote the certificate file name --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a76d50f..fae6986 100644 --- a/README.md +++ b/README.md @@ -87,7 +87,7 @@ file to your MikroTik device. Then we import the certificate. - /certificate/import file-name=isrg-root-x2.pem passphrase=""; + /certificate/import file-name="isrg-root-x2.pem" passphrase=""; Do not worry that the command is not shown - that happens because it contains a sensitive property, the passphrase. From e2fe653035ca2217dc56235de780f72dbb790e1d Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 26 Feb 2025 20:16:12 +0100 Subject: [PATCH 882/908] mod/notification-telegram: $GetTelegramChatId: use last message --- mod/notification-telegram.rsc | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index 7782fcf..4528615 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -82,12 +82,15 @@ } :local JSON [ :deserialize from=json value=$Data ]; - :foreach Update in=($JSON->"result") do={ - $LogPrint info $0 ("The chat id is: " . ($Update->"message"->"chat"->"id")); - :return true; + :local Count [ :len ($JSON->"result") ]; + + :if ($Count = 0) do={ + $LogPrint info $0 ("No message received."); + :return false; } - $LogPrint info $0 ("No message received."); + :local Message ($JSON->"result"->($Count - 1)->"message"); + $LogPrint info $0 ("The chat id is: " . ($Message->"chat"->"id")); } on-error={ :global ExitError; $ExitError false $0; } } From f5189b8bd7ca01fb6e26414960764960a03066c4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 27 Feb 2025 10:45:30 +0100 Subject: [PATCH 883/908] INITIAL-COMMANDS: quote the certificate file name --- INITIAL-COMMANDS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/INITIAL-COMMANDS.md b/INITIAL-COMMANDS.md index 424ef32..8b64d28 100644 --- a/INITIAL-COMMANDS.md +++ b/INITIAL-COMMANDS.md @@ -19,7 +19,7 @@ Run the complete base installation: { /tool/fetch "https://git.eworm.de/cgit/routeros-scripts/plain/certs/ISRG-Root-X2.pem" dst-path="isrg-root-x2.pem" as-value; :delay 1s; - /certificate/import file-name=isrg-root-x2.pem passphrase=""; + /certificate/import file-name="isrg-root-x2.pem" passphrase=""; :if ([ :len [ /certificate/find where fingerprint="69729b8e15a86efc177a57afb7171dfc64add28c2fca8cf1507e34453ccb1470" ] ] != 1) do={ :error "Something is wrong with your certificates!"; }; From 0c4fb42616f8015dd128ec7df1d1afce590d26ed Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 26 Feb 2025 20:18:12 +0100 Subject: [PATCH 884/908] mod/notification-telegram: $GetTelegramChatId: give thead id... ... if message was sent to group's topic. --- mod/notification-telegram.rsc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/mod/notification-telegram.rsc b/mod/notification-telegram.rsc index 4528615..68e913f 100644 --- a/mod/notification-telegram.rsc +++ b/mod/notification-telegram.rsc @@ -91,6 +91,9 @@ :local Message ($JSON->"result"->($Count - 1)->"message"); $LogPrint info $0 ("The chat id is: " . ($Message->"chat"->"id")); + :if (($Message->"is_topic_message") = true) do={ + $LogPrint info $0 ("The thread id is: " . ($Message->"message_thread_id")); + } } on-error={ :global ExitError; $ExitError false $0; } } From 33c02e06092eded4b3344a6eb22742c9be531fb2 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 3 Mar 2025 09:10:54 +0100 Subject: [PATCH 885/908] ipv6-update: ignore if prefix is no longer valid --- ipv6-update.rsc | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/ipv6-update.rsc b/ipv6-update.rsc index c6e3d65..beccde0 100644 --- a/ipv6-update.rsc +++ b/ipv6-update.rsc @@ -20,7 +20,9 @@ :global ScriptLock; :local NaAddress $"na-address"; + :local NaValid $"na-valid"; :local PdPrefix $"pd-prefix"; + :local PdValid $"pd-valid"; :if ([ $ScriptLock $ScriptName ] = false) do={ :set ExitOK true; @@ -39,6 +41,12 @@ :error false; } + :if ($PdValid != 1) do={ + $LogPrint info $ScriptName ("The prefix " . $PdPrefix . " is no longer valid. Ignoring."); + :set ExitOK true; + :error false; + } + :local Pool [ /ipv6/pool/get [ find where prefix=$PdPrefix ] name ]; :if ([ :len [ /ipv6/firewall/address-list/find where comment=("ipv6-pool-" . $Pool) ] ] = 0) do={ /ipv6/firewall/address-list/add list=("ipv6-pool-" . $Pool) address=:: comment=("ipv6-pool-" . $Pool) dynamic=yes; From 469f783a92c8e67088d70572157ff4cd7d47fcd8 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 3 Mar 2025 09:12:43 +0100 Subject: [PATCH 886/908] ipv6-update: check for availability of both variables --- ipv6-update.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ipv6-update.rsc b/ipv6-update.rsc index beccde0..94bd1bc 100644 --- a/ipv6-update.rsc +++ b/ipv6-update.rsc @@ -35,7 +35,7 @@ :error false; } - :if ([ :typeof $PdPrefix ] = "nothing") do={ + :if ([ :typeof $PdPrefix ] = "nothing" || [ :typeof $PdValid ] = "nothing") do={ $LogPrint error $ScriptName ("This script is supposed to run from ipv6 dhcp-client."); :set ExitOK true; :error false; From 3ccaafd1b38f4335aa28361778aa37db2ca22d5f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 5 Mar 2025 00:28:01 +0100 Subject: [PATCH 887/908] global-functions: $ScriptInstallUpdate: move code into block --- global-functions.rsc | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index 43cd7f0..8fcd56d 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1163,7 +1163,12 @@ } } - :if (!($ScriptInfo->"ignore" = true)) do={ + :do { + :if ($ScriptInfo->"ignore" = true) do={ + $LogPrint debug $0 ("Ignoring script '" . $ScriptVal->"name" . "', as requested."); + :error true; + } + :do { :local BaseUrl [ $EitherOr ($ScriptInfo->"base-url") $ScriptUpdatesBaseUrl ]; :local UrlSuffix [ $EitherOr ($ScriptInfo->"url-suffix") $ScriptUpdatesUrlSuffix ]; @@ -1182,10 +1187,9 @@ } else={ $LogPrint warning $0 ("Failed fetching script '" . $ScriptVal->"name" . "'!"); } + :error false; } - } - :do { :if ([ :len $SourceNew ] = 0) do={ $LogPrint debug $0 ("No update for script '" . $ScriptVal->"name" . "'."); :error false; From 0c1d96f89dfb4d209b0848d5ac2d81a640e0f056 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 5 Mar 2025 00:18:43 +0100 Subject: [PATCH 888/908] global-functions: $ScriptInstallUpdate: get and compare checksums MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The file 'checksums.json' is generated when deploying to my web server... This should speed up the update a lot as it reduces downloads to a minimum. 🎉😁 --- global-functions.rsc | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index 8fcd56d..8405c92 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1150,6 +1150,14 @@ :local ReloadGlobalConfig false; :local DeviceMode [ /system/device-mode/get ]; + :local CheckSums ({}); + :do { + :local Url ($ScriptUpdatesBaseUrl . "checksums.json" . $ScriptUpdatesUrlSuffix); + $LogPrint debug $0 ("Fetching checksums from url: " . $Url); + :set CheckSums [ :deserialize from=json ([ /tool/fetch check-certificate=yes-without-crl \ + http-header-field=({ [ $FetchUserAgentStr $0 ] }) $Url output=user as-value ]->"data") ]; + } on-error={ } + :foreach Script in=[ /system/script/find where source~"^#!rsc by RouterOS\r?\n" ] do={ :local ScriptVal [ /system/script/get $Script ]; :local ScriptInfo [ $ParseKeyValueStore ($ScriptVal->"comment") ]; @@ -1169,6 +1177,11 @@ :error true; } + :if ([ :convert transform=md5 to=hex ($ScriptVal->"source") ] = ($CheckSums->($ScriptVal->"name"))) do={ + $LogPrint debug $0 ("Checksum for script '" . $ScriptVal->"name" . "' matches, ignoring."); + :error true; + } + :do { :local BaseUrl [ $EitherOr ($ScriptInfo->"base-url") $ScriptUpdatesBaseUrl ]; :local UrlSuffix [ $EitherOr ($ScriptInfo->"url-suffix") $ScriptUpdatesUrlSuffix ]; From 10374afc182cd8b08e07a3d45890518e8b6be73c Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 5 Mar 2025 01:37:42 +0100 Subject: [PATCH 889/908] global-functions: $ScriptInstallUpdate: support checksums for CRLF scripts --- global-functions.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 8405c92..d883aa0 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1177,7 +1177,8 @@ :error true; } - :if ([ :convert transform=md5 to=hex ($ScriptVal->"source") ] = ($CheckSums->($ScriptVal->"name"))) do={ + :if ([ :convert transform=md5 to=hex ($ScriptVal->"source") ] = ($CheckSums->($ScriptVal->"name")) || \ + [ :convert transform=md5 to=hex [ :tolf ($ScriptVal->"source") ] ] = ($CheckSums->($ScriptVal->"name"))) do={ $LogPrint debug $0 ("Checksum for script '" . $ScriptVal->"name" . "' matches, ignoring."); :error true; } From c9de6d85790897a945910316a14db16b0435c41e Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 5 Mar 2025 01:39:59 +0100 Subject: [PATCH 890/908] global-functions: $ScriptInstallUpdate: put checksum into variable --- global-functions.rsc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index d883aa0..a9fa938 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1177,8 +1177,9 @@ :error true; } - :if ([ :convert transform=md5 to=hex ($ScriptVal->"source") ] = ($CheckSums->($ScriptVal->"name")) || \ - [ :convert transform=md5 to=hex [ :tolf ($ScriptVal->"source") ] ] = ($CheckSums->($ScriptVal->"name"))) do={ + :local CheckSum ($CheckSums->($ScriptVal->"name")); + :if ([ :convert transform=md5 to=hex ($ScriptVal->"source") ] = $CheckSum || \ + [ :convert transform=md5 to=hex [ :tolf ($ScriptVal->"source") ] ] = $CheckSum) do={ $LogPrint debug $0 ("Checksum for script '" . $ScriptVal->"name" . "' matches, ignoring."); :error true; } From b13360e4b86838d95cd8c9a1a4e2ea8d757dbb0f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 5 Mar 2025 01:53:04 +0100 Subject: [PATCH 891/908] global-functions: $ScriptInstallUpdate: simplify check This one should suffice... --- global-functions.rsc | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/global-functions.rsc b/global-functions.rsc index a9fa938..4c777a1 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1178,8 +1178,7 @@ } :local CheckSum ($CheckSums->($ScriptVal->"name")); - :if ([ :convert transform=md5 to=hex ($ScriptVal->"source") ] = $CheckSum || \ - [ :convert transform=md5 to=hex [ :tolf ($ScriptVal->"source") ] ] = $CheckSum) do={ + :if ([ :convert transform=md5 to=hex [ :tolf ($ScriptVal->"source") ] ] = $CheckSum) do={ $LogPrint debug $0 ("Checksum for script '" . $ScriptVal->"name" . "' matches, ignoring."); :error true; } From 1b46a5fd9bc69f4d609b28e7ff8d36717a3b9a8f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 5 Mar 2025 08:55:06 +0100 Subject: [PATCH 892/908] global-functions: $ScriptInstallUpdate: checksum only for same source So ignore if script is fetched from different base or with different suffix. --- global-functions.rsc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/global-functions.rsc b/global-functions.rsc index 4c777a1..da31165 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -1178,7 +1178,8 @@ } :local CheckSum ($CheckSums->($ScriptVal->"name")); - :if ([ :convert transform=md5 to=hex [ :tolf ($ScriptVal->"source") ] ] = $CheckSum) do={ + :if ([ :len ($ScriptInfo->"base-url") ] = 0 && [ :len ($ScriptInfo->"url-suffix") ] = 0 && \ + [ :convert transform=md5 to=hex [ :tolf ($ScriptVal->"source") ] ] = $CheckSum) do={ $LogPrint debug $0 ("Checksum for script '" . $ScriptVal->"name" . "' matches, ignoring."); :error true; } From e341e1c30ca4ff8b87bc757cc5c0effbc50a7ea6 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 6 Mar 2025 15:02:31 +0100 Subject: [PATCH 893/908] global-functions: introduce $LogPrintVerbose ... ... which is a declared function, but has no code, intentionally. It can be called as a no-op by default. If you want this output set the function to be the same as $LogPrint: :set LogPrintVerbose $LogPrint; --- global-functions.rsc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/global-functions.rsc b/global-functions.rsc index da31165..911ff6a 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -55,6 +55,7 @@ :global IsTimeSync; :global LogPrint; :global LogPrintOnce; +:global LogPrintVerbose; :global MAX; :global MIN; :global MkDir; @@ -848,6 +849,8 @@ :return true; } +# The function $LogPrintVerbose is declared, but has no code, intentionally. + # get max value :set MAX do={ :if ($1 > $2) do={ :return $1; } From 6d718ec9877c3ecfc10681e85d050d15ed4d4b80 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 6 Mar 2025 14:38:35 +0100 Subject: [PATCH 894/908] fw-addr-lists: use $LogPrintVerbose ... ... to reduce debug output and speed up execution. --- fw-addr-lists.rsc | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index d41dc04..af8c65d 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -24,6 +24,7 @@ :global HumanReadableNum; :global LogPrint; :global LogPrintOnce; + :global LogPrintVerbose; :global ScriptLock; :global WaitFullyConnected; @@ -120,14 +121,14 @@ list=$FwListName comment=$ListComment ] do={ :local Address [ /ip/firewall/address-list/get $Entry address ]; :if ([ :typeof ($IPv4Addresses->$Address) ] = "time") do={ - $LogPrint debug $ScriptName ("Renewing IPv4 address in list '" . $FwListName . \ + $LogPrintVerbose debug $ScriptName ("Renewing IPv4 address in list '" . $FwListName . \ "' with " . ($IPv4Addresses->$Address) . ": " . $Address); /ip/firewall/address-list/set $Entry timeout=($IPv4Addresses->$Address); :set ($IPv4Addresses->$Address); :set CntRenew ($CntRenew + 1); } else={ :if ($Failure = false) do={ - $LogPrint debug $ScriptName ("Removing IPv4 address from list '" . $FwListName . \ + $LogPrintVerbose debug $ScriptName ("Removing IPv4 address from list '" . $FwListName . \ "': " . $Address); /ip/firewall/address-list/remove $Entry; :set CntRemove ($CntRemove + 1); @@ -139,14 +140,14 @@ list=$FwListName comment=$ListComment ] do={ :local Address [ /ipv6/firewall/address-list/get $Entry address ]; :if ([ :typeof ($IPv6Addresses->$Address) ] = "time") do={ - $LogPrint debug $ScriptName ("Renewing IPv6 address in list '" . $FwListName . \ + $LogPrintVerbose debug $ScriptName ("Renewing IPv6 address in list '" . $FwListName . \ "' with " . ($IPv6Addresses->$Address) . ": " . $Address); /ipv6/firewall/address-list/set $Entry timeout=($IPv6Addresses->$Address); :set ($IPv6Addresses->$Address); :set CntRenew ($CntRenew + 1); } else={ :if ($Failure = false) do={ - $LogPrint debug $ScriptName ("Removing IPv6 address from list '" . $FwListName . \ + $LogPrintVerbose debug $ScriptName ("Removing IPv6 address from list '" . $FwListName . \ "': " . $Address); /ipv6/firewall/address-list/remove $Entry; :set CntRemove ($CntRemove + 1); @@ -155,7 +156,7 @@ } :foreach Address,Timeout in=$IPv4Addresses do={ - $LogPrint debug $ScriptName ("Adding IPv4 address to list '" . $FwListName . \ + $LogPrintVerbose debug $ScriptName ("Adding IPv4 address to list '" . $FwListName . \ "' with " . $Timeout . ": " . $Address); :do { /ip/firewall/address-list/add list=$FwListName comment=$ListComment \ @@ -169,7 +170,7 @@ } :foreach Address,Timeout in=$IPv6Addresses do={ - $LogPrint debug $ScriptName ("Adding IPv6 address to list '" . $FwListName . \ + $LogPrintVerbose debug $ScriptName ("Adding IPv6 address to list '" . $FwListName . \ "' with " . $Timeout . ": " . $Address); :do { /ipv6/firewall/address-list/add list=$FwListName comment=$ListComment \ From 7be26a07125b9c946859560bd59323f84feb9494 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 6 Mar 2025 14:54:38 +0100 Subject: [PATCH 895/908] DEBUG: add info on $LogPrintVerbose --- DEBUG.md | 14 ++++++++++++++ global-functions.rsc | 1 + 2 files changed, 15 insertions(+) diff --git a/DEBUG.md b/DEBUG.md index 3d7f025..d5e9beb 100644 --- a/DEBUG.md +++ b/DEBUG.md @@ -44,6 +44,20 @@ instead. Disable or remote that setting to restore regular logging. +## Verbose output + +Specific scripts can generate huge amount of output. These do use a function +`$LogPrintVerbose`, which is declared, but has no code, intentionally. + +If you *really* want that output set the function to be the same as +`$LogPrint`: + + :set LogPrintVerbose $LogPrint; + +To revert that change just run: + + :set LogPrintVerbose; + --- [⬅️ Go back to main README](README.md) [⬆️ Go back to top](#top) diff --git a/global-functions.rsc b/global-functions.rsc index 911ff6a..8ae7bb8 100644 --- a/global-functions.rsc +++ b/global-functions.rsc @@ -850,6 +850,7 @@ } # The function $LogPrintVerbose is declared, but has no code, intentionally. +# https://rsc.eworm.de/DEBUG.md#verbose-output # get max value :set MAX do={ From fb343c99e399d679f3e2a22e76c14a5899024319 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 6 Mar 2025 22:59:31 +0100 Subject: [PATCH 896/908] fw-addr-lists: put timeout into variable --- fw-addr-lists.rsc | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index af8c65d..331d2c6 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -120,10 +120,11 @@ :foreach Entry in=[ /ip/firewall/address-list/find where \ list=$FwListName comment=$ListComment ] do={ :local Address [ /ip/firewall/address-list/get $Entry address ]; - :if ([ :typeof ($IPv4Addresses->$Address) ] = "time") do={ + :local TimeOut ($IPv4Addresses->$Address); + :if ([ :typeof $TimeOut ] = "time") do={ $LogPrintVerbose debug $ScriptName ("Renewing IPv4 address in list '" . $FwListName . \ - "' with " . ($IPv4Addresses->$Address) . ": " . $Address); - /ip/firewall/address-list/set $Entry timeout=($IPv4Addresses->$Address); + "' with " . $TimeOut . ": " . $Address); + /ip/firewall/address-list/set $Entry timeout=$TimeOut; :set ($IPv4Addresses->$Address); :set CntRenew ($CntRenew + 1); } else={ @@ -139,10 +140,11 @@ :foreach Entry in=[ /ipv6/firewall/address-list/find where \ list=$FwListName comment=$ListComment ] do={ :local Address [ /ipv6/firewall/address-list/get $Entry address ]; - :if ([ :typeof ($IPv6Addresses->$Address) ] = "time") do={ + :local TimeOut ($IPv6Addresses->$Address); + :if ([ :typeof $TimeOut ] = "time") do={ $LogPrintVerbose debug $ScriptName ("Renewing IPv6 address in list '" . $FwListName . \ - "' with " . ($IPv6Addresses->$Address) . ": " . $Address); - /ipv6/firewall/address-list/set $Entry timeout=($IPv6Addresses->$Address); + "' with " . $TimeOut . ": " . $Address); + /ipv6/firewall/address-list/set $Entry timeout=$TimeOut; :set ($IPv6Addresses->$Address); :set CntRenew ($CntRenew + 1); } else={ From ea6de35699a5b62dfffcc583c1a7181e1a6a688f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 6 Mar 2025 23:00:50 +0100 Subject: [PATCH 897/908] fw-addr-lists: do not clean up Cleanup is important on renew (so the script does not attempt to re-add), but we do not care here. --- fw-addr-lists.rsc | 2 -- 1 file changed, 2 deletions(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 331d2c6..70893e3 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -163,7 +163,6 @@ :do { /ip/firewall/address-list/add list=$FwListName comment=$ListComment \ address=$Address timeout=$Timeout; - :set ($IPv4Addresses->$Address); :set CntAdd ($CntAdd + 1); } on-error={ $LogPrint warning $ScriptName ("Failed to add IPv4 address to list '" . $FwListName . \ @@ -177,7 +176,6 @@ :do { /ipv6/firewall/address-list/add list=$FwListName comment=$ListComment \ address=$Address timeout=$Timeout; - :set ($IPv6Addresses->$Address); :set CntAdd ($CntAdd + 1); } on-error={ $LogPrint warning $ScriptName ("Failed to add IPv6 address to list '" . $FwListName . \ From 2f55bfaf009d726e1174b50887fdb8f9b4b57573 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 7 Mar 2025 12:21:22 +0100 Subject: [PATCH 898/908] fw-addr-lists: strip cidr for host addresses This makes sure the addresses match later when we read them from address-list for renew. --- fw-addr-lists.rsc | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 70893e3..fc53795 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -101,10 +101,16 @@ } :do { :if ($Address ~ "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}(/[0-9]{1,2})?\$") do={ + :if ($Address ~ "/32\$") do={ + :set Address [ :pick $Address 0 ([ :len $Address ] - 3) ]; + } :set ($IPv4Addresses->$Address) $TimeOut; :error true; } :if ($Address ~ "^[0-9a-zA-Z]*:[0-9a-zA-Z:\\.]+(/[0-9]{1,3})?\$") do={ + :if ($Address ~ "/128\$") do={ + :set Address [ :pick $Address 0 ([ :len $Address ] - 4) ]; + } :set ($IPv6Addresses->$Address) $TimeOut; :error true; } From e148df9e573801803e35d8dfaef277f571952fdc Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 6 Mar 2025 23:05:45 +0100 Subject: [PATCH 899/908] fw-addr-lists: put addresses into "branches"... ... effectively adding another layer and some complexity, but: The addresses are sorted inside the array, and sorting less addresses in a branch saves a lot of processing power. So this is a lot faster now... --- fw-addr-lists.rsc | 65 +++++++++++++++++++++++++++-------------------- 1 file changed, 37 insertions(+), 28 deletions(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index fc53795..a97f7ed 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -100,23 +100,24 @@ :set Address ([ :pick $Line 0 [ $FindDelim $Line ] ] . ($List->"cidr")); } :do { + :local Branch [ :pick $Address 0 1 ]; :if ($Address ~ "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}(/[0-9]{1,2})?\$") do={ :if ($Address ~ "/32\$") do={ :set Address [ :pick $Address 0 ([ :len $Address ] - 3) ]; } - :set ($IPv4Addresses->$Address) $TimeOut; + :set ($IPv4Addresses->$Branch->$Address) $TimeOut; :error true; } :if ($Address ~ "^[0-9a-zA-Z]*:[0-9a-zA-Z:\\.]+(/[0-9]{1,3})?\$") do={ :if ($Address ~ "/128\$") do={ :set Address [ :pick $Address 0 ([ :len $Address ] - 4) ]; } - :set ($IPv6Addresses->$Address) $TimeOut; + :set ($IPv6Addresses->$Branch->$Address) $TimeOut; :error true; } :if ($Address ~ "^[\\.a-zA-Z0-9-]+\\.[a-zA-Z]{2,}\$") do={ - :set ($IPv4Addresses->$Address) $TimeOut; - :set ($IPv6Addresses->$Address) $TimeOut; + :set ($IPv4Addresses->$Branch->$Address) $TimeOut; + :set ($IPv6Addresses->$Branch->$Address) $TimeOut; :error true; } } on-error={ } @@ -126,12 +127,13 @@ :foreach Entry in=[ /ip/firewall/address-list/find where \ list=$FwListName comment=$ListComment ] do={ :local Address [ /ip/firewall/address-list/get $Entry address ]; - :local TimeOut ($IPv4Addresses->$Address); + :local Branch [ :pick $Address 0 1 ]; + :local TimeOut ($IPv4Addresses->$Branch->$Address); :if ([ :typeof $TimeOut ] = "time") do={ $LogPrintVerbose debug $ScriptName ("Renewing IPv4 address in list '" . $FwListName . \ "' with " . $TimeOut . ": " . $Address); /ip/firewall/address-list/set $Entry timeout=$TimeOut; - :set ($IPv4Addresses->$Address); + :set ($IPv4Addresses->$Branch->$Address); :set CntRenew ($CntRenew + 1); } else={ :if ($Failure = false) do={ @@ -146,12 +148,13 @@ :foreach Entry in=[ /ipv6/firewall/address-list/find where \ list=$FwListName comment=$ListComment ] do={ :local Address [ /ipv6/firewall/address-list/get $Entry address ]; - :local TimeOut ($IPv6Addresses->$Address); + :local Branch [ :pick $Address 0 1 ]; + :local TimeOut ($IPv6Addresses->$Branch->$Address); :if ([ :typeof $TimeOut ] = "time") do={ $LogPrintVerbose debug $ScriptName ("Renewing IPv6 address in list '" . $FwListName . \ "' with " . $TimeOut . ": " . $Address); /ipv6/firewall/address-list/set $Entry timeout=$TimeOut; - :set ($IPv6Addresses->$Address); + :set ($IPv6Addresses->$Branch->$Address); :set CntRenew ($CntRenew + 1); } else={ :if ($Failure = false) do={ @@ -163,29 +166,35 @@ } } - :foreach Address,Timeout in=$IPv4Addresses do={ - $LogPrintVerbose debug $ScriptName ("Adding IPv4 address to list '" . $FwListName . \ - "' with " . $Timeout . ": " . $Address); - :do { - /ip/firewall/address-list/add list=$FwListName comment=$ListComment \ - address=$Address timeout=$Timeout; - :set CntAdd ($CntAdd + 1); - } on-error={ - $LogPrint warning $ScriptName ("Failed to add IPv4 address to list '" . $FwListName . \ - "': " . $Address); + :foreach BranchName,Branch in=$IPv4Addresses do={ + $LogPrintVerbose debug $ScriptName ("Handling branch: " . $BranchName); + :foreach Address,Timeout in=$Branch do={ + $LogPrintVerbose debug $ScriptName ("Adding IPv4 address to list '" . $FwListName . \ + "' with " . $Timeout . ": " . $Address); + :do { + /ip/firewall/address-list/add list=$FwListName comment=$ListComment \ + address=$Address timeout=$Timeout; + :set CntAdd ($CntAdd + 1); + } on-error={ + $LogPrint warning $ScriptName ("Failed to add IPv4 address to list '" . $FwListName . \ + "': " . $Address); + } } } - :foreach Address,Timeout in=$IPv6Addresses do={ - $LogPrintVerbose debug $ScriptName ("Adding IPv6 address to list '" . $FwListName . \ - "' with " . $Timeout . ": " . $Address); - :do { - /ipv6/firewall/address-list/add list=$FwListName comment=$ListComment \ - address=$Address timeout=$Timeout; - :set CntAdd ($CntAdd + 1); - } on-error={ - $LogPrint warning $ScriptName ("Failed to add IPv6 address to list '" . $FwListName . \ - "': " . $Address); + :foreach BranchName,Branch in=$IPv6Addresses do={ + $LogPrintVerbose debug $ScriptName ("Handling branch: " . $BranchName); + :foreach Address,Timeout in=$Branch do={ + $LogPrintVerbose debug $ScriptName ("Adding IPv6 address to list '" . $FwListName . \ + "' with " . $Timeout . ": " . $Address); + :do { + /ipv6/firewall/address-list/add list=$FwListName comment=$ListComment \ + address=$Address timeout=$Timeout; + :set CntAdd ($CntAdd + 1); + } on-error={ + $LogPrint warning $ScriptName ("Failed to add IPv6 address to list '" . $FwListName . \ + "': " . $Address); + } } } From d71ea804b077d35183df318fb305b213fb961d27 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 7 Mar 2025 20:35:36 +0100 Subject: [PATCH 900/908] fw-addr-lists: two characters for branch Using one character for IPv4 is ok (1 to 9), but IPv6 global unicase (2000::/3) results in just two different characters (2 and 3). So let's use first two characters... --- fw-addr-lists.rsc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index a97f7ed..9ad5b3a 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -100,7 +100,7 @@ :set Address ([ :pick $Line 0 [ $FindDelim $Line ] ] . ($List->"cidr")); } :do { - :local Branch [ :pick $Address 0 1 ]; + :local Branch [ :pick $Address 0 2 ]; :if ($Address ~ "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}(/[0-9]{1,2})?\$") do={ :if ($Address ~ "/32\$") do={ :set Address [ :pick $Address 0 ([ :len $Address ] - 3) ]; @@ -127,7 +127,7 @@ :foreach Entry in=[ /ip/firewall/address-list/find where \ list=$FwListName comment=$ListComment ] do={ :local Address [ /ip/firewall/address-list/get $Entry address ]; - :local Branch [ :pick $Address 0 1 ]; + :local Branch [ :pick $Address 0 2 ]; :local TimeOut ($IPv4Addresses->$Branch->$Address); :if ([ :typeof $TimeOut ] = "time") do={ $LogPrintVerbose debug $ScriptName ("Renewing IPv4 address in list '" . $FwListName . \ @@ -148,7 +148,7 @@ :foreach Entry in=[ /ipv6/firewall/address-list/find where \ list=$FwListName comment=$ListComment ] do={ :local Address [ /ipv6/firewall/address-list/get $Entry address ]; - :local Branch [ :pick $Address 0 1 ]; + :local Branch [ :pick $Address 0 2 ]; :local TimeOut ($IPv6Addresses->$Branch->$Address); :if ([ :typeof $TimeOut ] = "time") do={ $LogPrintVerbose debug $ScriptName ("Renewing IPv6 address in list '" . $FwListName . \ From f0e6cbcfe1a0be05f30d37cd495d4dbea0888f07 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Sat, 8 Mar 2025 10:09:51 +0100 Subject: [PATCH 901/908] fw-addr-lists: get branch from calculated checksum The addresses were spread very uneven before. Let's calculate a checksum, and take the first two characters of that. The addresses are now spread evenly on 256 branches (0x00 to 0xff). --- fw-addr-lists.rsc | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 9ad5b3a..f0940fe 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -37,6 +37,11 @@ } } + :local GetBranch do={ + :global EitherOr; + :return [ :pick [ :convert transform=md5 to=hex [ :pick $1 0 [ $EitherOr [ :find $1 "/" ] [ :len $1 ] ] ] ] 0 2 ]; + } + :if ([ $ScriptLock $ScriptName ] = false) do={ :set ExitOK true; :error false; @@ -100,7 +105,7 @@ :set Address ([ :pick $Line 0 [ $FindDelim $Line ] ] . ($List->"cidr")); } :do { - :local Branch [ :pick $Address 0 2 ]; + :local Branch [ $GetBranch $Address ]; :if ($Address ~ "^[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}(/[0-9]{1,2})?\$") do={ :if ($Address ~ "/32\$") do={ :set Address [ :pick $Address 0 ([ :len $Address ] - 3) ]; @@ -127,7 +132,7 @@ :foreach Entry in=[ /ip/firewall/address-list/find where \ list=$FwListName comment=$ListComment ] do={ :local Address [ /ip/firewall/address-list/get $Entry address ]; - :local Branch [ :pick $Address 0 2 ]; + :local Branch [ $GetBranch $Address ]; :local TimeOut ($IPv4Addresses->$Branch->$Address); :if ([ :typeof $TimeOut ] = "time") do={ $LogPrintVerbose debug $ScriptName ("Renewing IPv4 address in list '" . $FwListName . \ @@ -148,7 +153,7 @@ :foreach Entry in=[ /ipv6/firewall/address-list/find where \ list=$FwListName comment=$ListComment ] do={ :local Address [ /ipv6/firewall/address-list/get $Entry address ]; - :local Branch [ :pick $Address 0 2 ]; + :local Branch [ $GetBranch $Address ]; :local TimeOut ($IPv6Addresses->$Branch->$Address); :if ([ :typeof $TimeOut ] = "time") do={ $LogPrintVerbose debug $ScriptName ("Renewing IPv6 address in list '" . $FwListName . \ From eb59dd21caf8026748eada3aee137b8e3b6590b7 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 7 Mar 2025 17:33:51 +0100 Subject: [PATCH 902/908] check-routeros-update: check perpetual license... ... as these have to be renewed and can expire. --- check-routeros-update.rsc | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index 361be34..8d200d2 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -66,6 +66,27 @@ :error "A reboot for update is already scheduled."; } + :local License [ /system/license/get ]; + :if ([ :typeof ($License->"deadline-at") ] = "str") do={ + :if ([ :len ($License->"next-renewal-at") ] = 0 && ($License->"limited-upgrades") = true) do={ + $LogPrint warning $ScriptName ("Your license expired on " . ($License->"deadline-at") . "!"); + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "warning-sign" ] . "License expired!"); \ + message=("Your license expired on " . ($License->"deadline-at") . \ + ", can no longer update RouterOS on " . $Identity . "...") }); + :set ExitOK true; + :error false; + } + + :if ([ :totime ($License->"next-renewal-at") ] + 1w < [ :timestamp ]) do={ + $LogPrint warning $ScriptName ("Your license will expire on " . ($License->"deadline-at") . "!"); + $SendNotification2 ({ origin=$ScriptName; \ + subject=([ $SymbolForNotification "warning-sign" ] . "License about to expire!"); \ + message=("Your license failed to renew and is about to expire on " . \ + ($License->"deadline-at") . " on " . $Identity . "...") }); + } + } + $LogPrint debug $ScriptName ("Checking for updates..."); /system/package/update/check-for-updates without-paging as-value; :local Update [ /system/package/update/get ]; From 788400c4586b6a2e61c6e36acd10ab5d20da00c9 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 10 Mar 2025 16:29:06 +0100 Subject: [PATCH 903/908] fw-addr-lists: raw.githubusercontent.com requires 'USERTrust RSA Certification Authority' now --- certs/Makefile | 2 +- .../USERTrust-RSA-Certification-Authority.pem | 41 +++++++++++++++++++ global-config.rsc | 2 +- 3 files changed, 43 insertions(+), 2 deletions(-) create mode 100644 certs/USERTrust-RSA-Certification-Authority.pem diff --git a/certs/Makefile b/certs/Makefile index 4e252b4..3ccad6e 100644 --- a/certs/Makefile +++ b/certs/Makefile @@ -15,7 +15,7 @@ DOMAINS_DUAL = \ git.eworm.de/ISRG-Root-X2 \ lists.blocklist.de/Certum-Trusted-Network-CA \ matrix.org/GTS-Root-R4 \ - raw.githubusercontent.com/DigiCert-Global-Root-G2 \ + raw.githubusercontent.com/USERTrust-RSA-Certification-Authority \ rsc.eworm.de/ISRG-Root-X2 \ upgrade.mikrotik.com/ISRG-Root-X1 DOMAINS_IPV4 = \ diff --git a/certs/USERTrust-RSA-Certification-Authority.pem b/certs/USERTrust-RSA-Certification-Authority.pem new file mode 100644 index 0000000..0fbeef6 --- /dev/null +++ b/certs/USERTrust-RSA-Certification-Authority.pem @@ -0,0 +1,41 @@ +# Issuer: CN=USERTrust RSA Certification Authority O=The USERTRUST Network +# Subject: CN=USERTrust RSA Certification Authority O=The USERTRUST Network +# Label: "USERTrust RSA Certification Authority" +# Serial: 2645093764781058787591871645665788717 +# MD5 Fingerprint: 1b:fe:69:d1:91:b7:19:33:a3:72:a8:0f:e1:55:e5:b5 +# SHA1 Fingerprint: 2b:8f:1b:57:33:0d:bb:a2:d0:7a:6c:51:f7:0e:e9:0d:da:b9:ad:8e +# SHA256 Fingerprint: e7:93:c9:b0:2f:d8:aa:13:e2:1c:31:22:8a:cc:b0:81:19:64:3b:74:9c:89:89:64:b1:74:6d:46:c3:d4:cb:d2 +-----BEGIN CERTIFICATE----- +MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCB +iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl +cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV +BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAw +MjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNV +BAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU +aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2Vy +dGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK +AoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B +3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkY +tJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/ +Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O+T23LLb2 +VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT +79uq/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6 +c0Plfg6lZrEpfDKEY1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmT +Yo61Zs8liM2EuLE/pDkP2QKe6xJMlXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97l +c6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8yexDJtC/QV9AqURE9JnnV4ee +UB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+eLf8ZxXhyVeE +Hg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd +BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8G +A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPF +Up/L+M+ZBn8b2kMVn54CVVeWFPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KO +VWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ7l8wXEskEVX/JJpuXior7gtNn3/3 +ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQEg9zKC7F4iRO/Fjs +8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM8WcR +iQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYze +Sf7dNXGiFSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZ +XHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/ +qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRB +VXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aB +L6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfG +jjxDah2nGN59PRbxYvnKkKj9 +-----END CERTIFICATE----- diff --git a/global-config.rsc b/global-config.rsc index 2524ded..fa32b16 100644 --- a/global-config.rsc +++ b/global-config.rsc @@ -103,7 +103,7 @@ # cert="ISRG Root X2" }; { url="https://raw.githubusercontent.com/stamparm/ipsum/refs/heads/master/levels/4.txt"; # # higher level (decrease the numerical value) for more addresses, and vice versa - cert="DigiCert Global Root G2" }; + cert="USERTrust RSA Certification Authority" }; { url="https://www.dshield.org/block.txt"; cidr="/24"; cert="ISRG Root X1" }; { url="https://lists.blocklist.de/lists/strongips.txt"; From 97b99316b2f96fa9c5d2f539e31aa308e86c99b4 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 12 Mar 2025 10:31:11 +0100 Subject: [PATCH 904/908] netwatch-notify: increase timeout... MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ... as a timeout of one second expires immediately. 🤨 --- netwatch-notify.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index 8b05c5e..9a4c9d9 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -61,12 +61,12 @@ :global GetRandom20CharAlNum; :local FwAddrList ($ScriptName . "-" . [ $GetRandom20CharAlNum ]); - /ip/firewall/address-list/add address=$Name list=$FwAddrList dynamic=yes timeout=1s; + /ip/firewall/address-list/add address=$Name list=$FwAddrList dynamic=yes timeout=2s; :delay 20ms; :if ([ :len [ /ip/firewall/address-list/find where list=$FwAddrList address=$Expected ] ] > 0) do={ :return true; } - /ipv6/firewall/address-list/add address=$Name list=$FwAddrList dynamic=yes timeout=1s; + /ipv6/firewall/address-list/add address=$Name list=$FwAddrList dynamic=yes timeout=2s; :delay 20ms; :if ([ :len [ /ipv6/firewall/address-list/find where list=$FwAddrList address=$Expected ] ] > 0) do={ :return true; From 155542668719f9feaac45fdb786b2e5fc5fd1e71 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 12 Mar 2025 11:18:18 +0100 Subject: [PATCH 905/908] netwatch-notify: increase the timeout even more MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This interacts with the number of addresses in the address-list. Having a lot of addresses there (for exemple from script 'fw-addr-lists' 😜) makes the 'find' take longer. We have to make sure that 'find' succeeds before the address times out. As this does not hurt... Let's just bump to 10 seconds to be safe. --- netwatch-notify.rsc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index 9a4c9d9..2a5050c 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -61,12 +61,12 @@ :global GetRandom20CharAlNum; :local FwAddrList ($ScriptName . "-" . [ $GetRandom20CharAlNum ]); - /ip/firewall/address-list/add address=$Name list=$FwAddrList dynamic=yes timeout=2s; + /ip/firewall/address-list/add address=$Name list=$FwAddrList dynamic=yes timeout=10s; :delay 20ms; :if ([ :len [ /ip/firewall/address-list/find where list=$FwAddrList address=$Expected ] ] > 0) do={ :return true; } - /ipv6/firewall/address-list/add address=$Name list=$FwAddrList dynamic=yes timeout=2s; + /ipv6/firewall/address-list/add address=$Name list=$FwAddrList dynamic=yes timeout=10s; :delay 20ms; :if ([ :len [ /ipv6/firewall/address-list/find where list=$FwAddrList address=$Expected ] ] > 0) do={ :return true; From b63e0fcb2fc282ac69cbef74b35bd40e8df5a464 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Wed, 12 Mar 2025 11:26:22 +0100 Subject: [PATCH 906/908] netwatch-notify: check matching address type only --- netwatch-notify.rsc | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/netwatch-notify.rsc b/netwatch-notify.rsc index 2a5050c..0b8a8dc 100644 --- a/netwatch-notify.rsc +++ b/netwatch-notify.rsc @@ -61,15 +61,19 @@ :global GetRandom20CharAlNum; :local FwAddrList ($ScriptName . "-" . [ $GetRandom20CharAlNum ]); - /ip/firewall/address-list/add address=$Name list=$FwAddrList dynamic=yes timeout=10s; - :delay 20ms; - :if ([ :len [ /ip/firewall/address-list/find where list=$FwAddrList address=$Expected ] ] > 0) do={ - :return true; + :if ([ :typeof [ :toip $Expected ] ] = "ip") do={ + /ip/firewall/address-list/add address=$Name list=$FwAddrList dynamic=yes timeout=10s; + :delay 20ms; + :if ([ :len [ /ip/firewall/address-list/find where list=$FwAddrList address=$Expected ] ] > 0) do={ + :return true; + } } - /ipv6/firewall/address-list/add address=$Name list=$FwAddrList dynamic=yes timeout=10s; - :delay 20ms; - :if ([ :len [ /ipv6/firewall/address-list/find where list=$FwAddrList address=$Expected ] ] > 0) do={ - :return true; + :if ([ :typeof [ :toip6 $Expected ] ] = "ip6") do={ + /ipv6/firewall/address-list/add address=$Name list=$FwAddrList dynamic=yes timeout=10s; + :delay 20ms; + :if ([ :len [ /ipv6/firewall/address-list/find where list=$FwAddrList address=$Expected ] ] > 0) do={ + :return true; + } } :return false; From 20bf609c44c2b4111bb387b36b955b8c3243fbf1 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 13 Mar 2025 10:51:39 +0100 Subject: [PATCH 907/908] check-routeros-update: fix condition for license check Turns out that `next-renewal-at` is moved forward when renewal failed, so it never matches the criteria. Just start complaining three weeks before deadline. --- check-routeros-update.rsc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/check-routeros-update.rsc b/check-routeros-update.rsc index 8d200d2..78161e4 100644 --- a/check-routeros-update.rsc +++ b/check-routeros-update.rsc @@ -78,7 +78,7 @@ :error false; } - :if ([ :totime ($License->"next-renewal-at") ] + 1w < [ :timestamp ]) do={ + :if ([ :totime ($License->"deadline-at") ] - 3w < [ :timestamp ]) do={ $LogPrint warning $ScriptName ("Your license will expire on " . ($License->"deadline-at") . "!"); $SendNotification2 ({ origin=$ScriptName; \ subject=([ $SymbolForNotification "warning-sign" ] . "License about to expire!"); \ From ce39b79f69f978a8de521643b07b9c19de02b06f Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Thu, 13 Mar 2025 11:50:38 +0100 Subject: [PATCH 908/908] capsman-download-packages: fix parameter for $RmFile The function can not handle ids, we have to pass a name instead. --- capsman-download-packages.capsman.rsc | 2 +- capsman-download-packages.template.rsc | 2 +- capsman-download-packages.wifi.rsc | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/capsman-download-packages.capsman.rsc b/capsman-download-packages.capsman.rsc index 4387cb1..25c43f5 100644 --- a/capsman-download-packages.capsman.rsc +++ b/capsman-download-packages.capsman.rsc @@ -62,7 +62,7 @@ :if ([ $DownloadPackage ($File->"package-name") $InstalledVersion \ ($File->"package-architecture") $PackagePath ] = true) do={ :set Updated true; - $RmFile $Package; + $RmFile ($File->"name"); } } diff --git a/capsman-download-packages.template.rsc b/capsman-download-packages.template.rsc index 744494e..b269838 100644 --- a/capsman-download-packages.template.rsc +++ b/capsman-download-packages.template.rsc @@ -64,7 +64,7 @@ :if ([ $DownloadPackage ($File->"package-name") $InstalledVersion \ ($File->"package-architecture") $PackagePath ] = true) do={ :set Updated true; - $RmFile $Package; + $RmFile ($File->"name"); } } diff --git a/capsman-download-packages.wifi.rsc b/capsman-download-packages.wifi.rsc index a0c5e12..901bb0a 100644 --- a/capsman-download-packages.wifi.rsc +++ b/capsman-download-packages.wifi.rsc @@ -62,7 +62,7 @@ :if ([ $DownloadPackage ($File->"package-name") $InstalledVersion \ ($File->"package-architecture") $PackagePath ] = true) do={ :set Updated true; - $RmFile $Package; + $RmFile ($File->"name"); } }