Convert IP to format cidr

diamuxin · November 12, 2022, 6:17pm

Hello everyone,

I am trying to extract from a list called Blacklist an IP address and convert it to cidr format.

Ex. 194.243.25.13 → 194.243.25.0/24

:foreach id in=[ip firewall address-list find list="Blacklist" address~"^[0-9\\.]*\$"] do={
    local ipAddr [/ip firewall address-list get $id address];do {
    /ip firewall address-list add address=($ipAddr."/24") list=BlacklistIPSEC comment=IPSec timeout=7d
    
    :local filenameIP "BlacklistIPSEC.txt"
    /file
    :if ([:len [find where name="flash" and type="disk"]] = 1) do={:set filenameIP "flash/$filenameIP"}
    :if ([:len [find where name=$filenameIP]] = 0) do={print file="$filenameIP"; :delay 5s; set $filenameIP contents=""}
    :delay 5s
    :local filecontent [get $filenameIP contents]
    :local newfilecontent "($ipAddr.$cidr)\r\n$filecontent"
    set $filenameIP contents=$newfilecontent
    
    } on-error={
    # log info message="duplicate address found"}
    }
}

I create a new address list called BlacklistIPSEC and the address in cidr format is created correctly.

But then I try to save those new IP addresses in BlacklistIPSEC also line by line in a file called BlacklistIPSEC.txt, but I didn’t succeed.

Any help please?

rextended · November 12, 2022, 10:40pm

pleas do not start to paste also the “Translated with”…

rextended · November 12, 2022, 10:44pm

This set everytime to 0 last Byte

:put (194.243.25.13 & 255.255.255.0)

From
http://forum.mikrotik.com/t/rextended-fragments-of-snippets/151033/1

{
:local sourceip    194.243.25.13
:local sourcesub   255.255.255.0 ; # /24

:local ip        [:toip $sourceip]
:local submask   [:toip $sourcesub]

:local network   ($ip & $submask)

:put "  Network* IP: $network"
}

rextended · November 12, 2022, 11:20pm

Better fix something inside:

:foreach id in=[/ip firewall address-list find where list="Blacklist" and [:typeof [:toip $address]]="ip"] do={
    /ip firewall address-list
    :local ipAddr [:toip [get $id address]]
    :if ([:len [find where list=BlacklistIPSEC and ("$ipAddr" in address)]] = 0) do={
        :local addthis "$($ipAddr & 255.255.255.0)/24"
        add address=$addthis list=BlacklistIPSEC comment=IPSec timeout=7d

        :local filenameIP "BlacklistIPSEC.txt"
        /file
        :if ([:len [find where name="flash" and type="disk"]] = 1) do={:set filenameIP "flash/$filenameIP"}
        :if ([:len [find where name=$filenameIP]] = 0) do={print file="$filenameIP"; :delay 2s; set $filenameIP contents=""; :delay 2s}
        :local filecontent [get $filenameIP contents]
        :local newfilecontent "$addthis\r\n$filecontent"
        set $filenameIP contents=$newfilecontent; :delay 1s
    } else={
        # do nothing, already exist or already inside another present interval
    }
}

Notice:
Do not check inside a file if is already present duplicate or overlapped IP and RouterOS support at max ~4KB file

diamuxin · November 12, 2022, 11:52pm

Sorry....

diamuxin · November 13, 2022, 12:26am

Wow, it works perfect.

Thanks for helping us to understand the code, this was the key:

:local addthis "$($ipAddr & 255.255.255.0)/24"

And to add a check if that IP exists in the BlacklistIPSEC list

:if ([[:len [find where list=BlacklistIPSEC and ("$ipAddr" in address)]] = 0) do={

I love the ability you have to solve any problem with scripting, we still have a lot to learn.

Grazie mille!
(and sorry for my bad English)

BR.