This works:
src-address = [:resolve mysite.com]
But I need scr-address to be **!**mysite.com
Tried these, all unsuccessful:
**!**src-address = [:resolve mysite.com]
src-address = [:resolve !mysite.com]
src-address = [:resolve ! mysite.com]
src-address = ![:resolve mysite.com]
src-address != [:resolve mysite.com]
src-address = "!".[:resolve mysite.com]
LOL, can’t seem to guess the right way, and googling for “!” doesn’t really go down that well.
hi
to say ,what you’re going to do
I want to change the src-address in a filter rule to the new dynamic IP Address of the given DNS.
Since RouterOS immediately resolve mysite.com when the rule is created, I need to periodically update the address.
Note: “mysite.com” is just a random DNS I use as an example, I’m actually using a dyndns.org account here, that’s why it’s a dynamic IP.
hi
See your filter rules
Wait for me to help you write a script
add a rule at [ip firewall filter] for example:
/ip firewall filter
add action=drop chain=forward comment=drop disabled=no src-address=10.10.10.10
the comment must be “drop” Of course you can modify their own
then copy the script to scheduler and set 1m-10m interval for exambple
the code is :
:do {
:local com "drop"
:local ip [:resolve mysite.com]
/ip firewall filter
:foreach a in=[find comment=$com] do={
:local cuip [get $a src-address];
:if ($cuip!=$ip) do={
set $a src-address=$ip
:log warning ("new ip is: ".$ip." src-address update is sucess")
}}};/;
Happy learning
Thank you for helping.
How would I encorporate a “!” into this script?
Will this work:
set $a src-address=!$ip
can not use the “!” so
My English is not good to express much
I’m so sorry
Ok, Thanks.
So how to use the “!” ?
/ip firewall filter
add action=drop chain=forward comment=drop disabled=no src-address=!10.10.10.10
With the use of script
That doesn’t work! This “!” disappears when running the Resolve Script.
use the code
:do {
:local com "drop"
:local ip [:resolve mysite.com]
/ip firewall filter
:foreach a in=[find comment=$com] do={
:local cuip [get $a src-address];
:set cuip [:pick $cuip ([:find $cuip "!"]+1) ([:len $cuip])]
:if ($cuip!=$ip) do={
set $a src-address=("!".$ip)
:log warning ("new ip is: ".$ip."src-address update is sucess")
}}};/;
Thanks, but this code seems like it only ignores the “!” in the comparison.
How do I SET the scr-address to have a “!” ??
:do {
:local com "drop"
:local ip [:resolve mysite.com]
:set ip ("!".$ip)
/ip firewall filter
:foreach a in=[find comment=$com] do={
:local cuip [get $a src-address];
:if ($cuip!=$ip) do={
set $a src-address=$ip
:log warning ("new ip is: ".$ip."src-address update is sucess")
}}};/;
Thank you huigezi
Here is my working solution:
:local dnsname "mysite.dyndns.org"
:local dnsip [:resolve $dnsname]
:set dnsip "!$dnsip"
#:log info ("DNSIP : "."$dnsip" );
:local currentip [/ip firewall filter get [find comment="MyFilterMarkerComment"] src-address]
#:log info ("Current IP: "."$dnsip" );
:if ($currentip != $dnsip) do={ /ip firewall filter set [find comment="MyFilterMarkerComment"] src-address=$dnsip ;
:log info ("DNS RESOLVED " . "mysite.dyndns.org" . " new IP = " . "$dnsip" );
}
}