Autoupdating Ips for tunlr DNS

RouterOS Scripting
1

Hello guys, so I have an idea for script that would automatically update current IPs of Tunlr DNS service.
The idea:

  1. Create a layer-7 filter for needed sites:
    /ip firewall layer7-protocol
    add comment=“Redirect DNS requests to tunlr.net DNS” name=tunlr-dns regexp="pa
    ndora.com|hulu.com|cbs.com|abc.com|go.com|mtv.com|mtvnservices.com|nbc.com
    |nbcuni.com|fox.com|theplatform.com|tv.com|pbs.com"2. mark DNS requests to needed services using layer-7 filtering
    /ip firewall mangle
    add action=mark-connection chain=prerouting comment=tunlr-dns dst-address=\ 172.31.2.1 dst-port=53 layer7-protocol=tunlr-dns new-connection-mark=\ tunlr-dns-cxn protocol=udp
    add action=mark-connection chain=prerouting comment=tunlr-dns dst-address=\ 172.31.2.1 dst-port=53 layer7-protocol=tunlr-dns new-connection-mark=\ tunlr-dns-cxn protocol=tcp172.31.2.1 - this is router IP
  2. reroute those DNS requests to Tunlr services
    /ip firewall nat
    add action=dst-nat chain=dstnat comment=tunlr-dns connection-mark=\ tunlr-dns-cxn to-addresses=69.197.169.9Pretty simple right? No scripting yet.
  3. Using Tunlr DNS Update API(http://tunlr.net/tunapi.php?action=getdns&version=1&format=json) get actual IPs for Tunlr service. There goes using /tool fetch
  4. Change direct declaration of IP in step 3 to adress list
  5. Update IPs in that list with newly fetched ones.

However I did not understand how do I parse json with Mikrotik after fetching it?

2

Okay, I've managed to fetch tunlr DNS IPs based on DynDNS external IP check :slight_smile:

get the current IPs of tunlr DNS

/tool fetch mode=http url="http://tunlr.net/tunapi.php?action=getdns&version=1&format=json" dst-path="/tunlr.dns.json"
:delay 1
:local result [/file get tunlr.dns.json contents]

parse the current IP result

:local resultLen [:len $result]
:local startLoc [:find $result "dns1" -1]
:set startLoc ($startLoc + 6)
:local endLoc [:find $result "," -1]
:local currentIP [:pick $result $startLoc $endLoc]
:log info "Current Tunlr primary DNS: currentIP = $currentIP"So my main problem that dst-nat does not accept and adress list in to-adresses. So I could not just put new IP to that list. So I need to recreate NAT rule (from step 3). But how could I delete current rule?

3

Nevermid, here's working script:

get the current IPs of tunlr DNS

/tool fetch mode=http url="http://tunlr.net/tunapi.php?action=getdns&version=1&format=json" dst-path="/tunlr.dns.json"
:delay 1
:local result [/file get tunlr.dns.json contents]

parse the current IP result

:local resultLen [:len $result]
:local startLoc [:find $result "dns1" -1]
:set startLoc ($startLoc + 7)
:local endLoc [:find $result "," -1]
:set endLoc ($endLoc - 1)
:local currentIP [:pick $result $startLoc $endLoc]
:log info "Current Tunlr primary DNS: $currentIP"

set updated ip to firewall nat rule

/ip firewall nat
:foreach a in=[find where comment="tunlr-dns-dst"] do={
set $a to-addresses=($currentIP)
:log info "Successfully set new tunlr DNS IP: $currentIP"
}Edits from previous version - bit of cleaning for log message, removal of quotes from parsed IP address and finally added updating of nat rule!
I'll add check to if IP was actually changed and then update first post.

4

great, thanks!