get IP

RouterOS Scripting
1

Hello, I need to get external IP of my phone connected to usb port of my Mikrotik router as backup connection, I’ve setup firewall rules on MT (add to address list, connection marking + route marking) for https://api.db-ip.com/v2/free/self/ipAddress and when I try from windows terminal with

curl "https://api.db-ip.com/v2/free/self/ipAddress"

I get correct reply but end up with empty variable when I try from MT terminal

:local curIP [/tool fetch url="https://api.db-ip.com/v2/free/self/ipAddress"]; :put $curIP

any help would be great
ty

2

To get output of a command into a variable in RouterOS, you always need “as-value”. /tool/fetch can output to a file or nothing, so output=user returns data to console (or variable via as-value) - so that’s also needed too here.

Since the output of /tool/fetch is an array with results and metadata (status, duration), and you likely want just the IP address, you need to dereference just the ([/tool/fetch…]->“data”) part that has what the web server actually returned as data.

{
:local dbip ([/tool fetch url="https://api.db-ip.com/v2/free/self/ipAddress" as-value output=user]->"data")
:put $dbip
}
3 
:local curIP ([/tool fetch url="https://api.db-ip.com/v2/free/self/ipAddress" output=user as-value]->"data"); :put $curIP

Edit: @Amm0 was faster… :slight_smile:

4

LOL. I couldn’t even proofread my text.

5

Thank you both its working but (there’s always some but with these things), as I mentioned in the original question when I make a request for current IP with

curl  "https://api.db-ip.com/v2/free/self/ipAddress"

I get desired result, path over secondary route but when I go to the same address from chrome browser on the same machine or from Mikrotik router primary route path is taken naturally resulting in unwanted response?
Can I somehow force route inside?

:local curIP ([/tool fetch url="https://api.db-ip.com/v2/free/self/ipAddress" output=user as-value]->"data"); :put $curIP

any ideas

6

IDK how you’re exactly doing to the FW and/or routing tables. But packet flow is different between “local process” (i.e. /tool/fetch on the RouterOS device with LTE backup) vs. a “forwarded” LAN user (i.e. the browser).

Without knowing the specifics, I’d imagine you need an output mangle rule for the api.db-ip.com address-list – e.g. I’m kinda assuming your doing the marking in “prerouting chain” for LAN, which is not used for packets coming from /tool/fetch. The RouterOS Packet Flow diagrams show this, but it is confusing. /tool/fetch uses “LOCAL OUT” in the PF diagrams:

and which be the Circle-K in this diagram (which doesn’t hit prerouting where marking for forward LAN clients is typically done):

7

Ammo you’re right there wasn’t any hits (counter) on prerouting mangle rule and when I added output rule I 've got hits but end up with “failure: connection timeout” and with traceroute I see that it doesn’t exits the router?
Strange thing is that browser from LAN also doesn’t hit prerouting mangle while cli tools from same machine does, in fact I just tried second browser (edge) and I remember that was the case with chrome also and that it hits prerouting mangle rule only on the FIRST try and doesn’t on any subsequent try ?
Here’s my fw rules
fw.rsc (13.1 KB)