Address List Query

diamuxin · December 2, 2022, 10:27am

Hi everyone!

Please, to make it less extensive, can this condition be replaced by a query in a list of addresses?

:if ( !( ($logIp~"^86.127.") or ($logIp~"^79.116.") or ($logIp~"^192.168.") ) ) do={  
# Action            
}

Thanks & BR.

rextended · December 3, 2022, 12:11pm

can you explain in more detail?

/ip firewall address-list
add address=79.116.0.0/16 list=checklist
add address=86.127.0.0/16 list=checklist
add address=192.168.0.0/16 list=checklist

:local logIp 86.127.55.66

:if ([:len [find where list=checklist and (($logIp in $address) or ($logIp = $address))]] > 0) do={
    :put "$logIp found inside one, or more, address pool in checklist"
}

diamuxin · December 3, 2022, 12:31pm

Of course we do.

What I would need is to apply in “:if” a condition that looks for those IPs in a address-list (/ip firewall address-list) because it is possible that I need to extend the range of IPs to apply that conditional. I’m sorry if I’m not making myself clear.

What I don’t understand is if I can put for the address-list the IPs 86.127.X.X or 79.116.X.X, etc.

BR.

rextended · December 3, 2022, 12:33pm

on my example you can add any IP or pool on the address-list “checklist”

diamuxin · December 3, 2022, 12:36pm

OPs, we’ve overlapped, hehe.

Yes, that’s the idea. Thanks for your efficiency!

BR.

diamuxin · December 3, 2022, 3:56pm

Rex,

has turned out great.

BEFORE:

:local logIp ""
:if ($logMessage~$message1) do={
    
    :set logIp [:toip [:pick $logMessage 0 [:find $logMessage " "]]]
    :if ( !( ($logIp~"^86.127.") or ($logIp~"^79.116.") or ($logIp~"^192.168.") or ($logIp~"^188.26.")) ) do={
        
        :if ([:len [/ip fire addr find where address=$logIp]] < 1) do={
            /ip fire addr add address=$logIp list="Blacklist" timeout=7d
            :log error message="IPSEC failed: add $logIp to blacklist because negotiation failed"

            # START Send Telegram Module
            :local MessageText "\E2\9A\A0 $DeviceName: $logIp added to blacklist because negotiation IPSEC failed."
            :local SendTelegramMessage [:parse [/system script  get MyTGBotSendMessage source]]
            $SendTelegramMessage MessageText=$MessageText
            # END Send Telegram Module
        }
    }
}

AFTER

:local logIp ""
:if ($logMessage~$message1) do={
        
    :set logIp [:toip [:pick $logMessage 0 [:find $logMessage " "]]]
    /ip firewall address-list
    :if ([:len [find where list=checklist and (($logIp in $address) or ($logIp = $address))]] = 0) do={ 
        
        :if ([:len [/ip fire addr find where address=$logIp]] < 1) do={
            /ip fire addr add address=$logIp list="Blacklist" timeout=7d
            :log error message="IPSEC failed: add $logIp to blacklist because negotiation failed"
            
            # START Send Telegram Module
            :local MessageText "\E2\9A\A0 $DeviceName: $logIp added to blacklist because negotiation IPSEC failed."
            :local SendTelegramMessage [:parse [/system script  get MyTGBotSendMessage source]]
            $SendTelegramMessage MessageText=$MessageText
            # END Send Telegram Module
        }
    }
}

Thanks!

BR.