If else commands scripting.

briane · July 30, 2010, 2:32pm

Hi,

I am new at scripting, and have what I believe is a small problem.

Pseudo code:

If wlan1 is enabled, do nothing and exit script
else enable wlan1 and exit script

Basically, I do not want to just enable everytime the script runs, because if wlan1 is enabled, and the script enables again, it breaks the link for about 2 seconds as it disconnects and reconnects.

Thanks
Brian

Chupaka · July 30, 2010, 2:49pm

if ([/interface get wlan1 disabled] = yes) do={ /interface enable wlan1 }

briane · July 30, 2010, 3:55pm

Thank you kindly

Brian

EarthStation · September 4, 2010, 9:09am

Hi,

Taking this a step further…

I have a Netwatch command that reads:

/ip route set [find comment="Group B"] gateway=10.254.254.255;

I would like that command above to first check if /ip route [find comment=“Group B”] gateway=10.254.254.250 and if this is so, then run:

/ip route set [find comment="Group B"] gateway=10.254.254.255;

otherwise do nothing…

This is used as part of a load balancing/failover script, the two gateways being defaulted to 10.254.254.250 (GroupA) and 10.254..254.255 (GroupB), and only if one gateway goes down, then both groups are routed to the remaining “open” gateway.

Thanks
Brian
(also briane on this forum)

Chupaka · September 4, 2010, 5:26pm

:local gw;
/ip route
:foreach i in=[find] do={
  :set gw [get $i gateway];
  if ($gw = "10.254.254.250") do={
    set $i gateway=10.254.254.255;
  }
}

p.s. .255?..

briane · September 4, 2010, 8:14pm

Thanks Chupaka,

Maybe I am not following, this will change any gw with 250 to 255, then both load groups go via gw 255. Now can not separate them again, as they identical Both gateways area active (load balancing), unless one falls over then, the failed GW is routed to the remaining active gateway, which is why I thought searching it on the “Comment” or maybe even “routing mark” field would be the easiest…

If the changes are made purely on the GW IP address, once they are the same, will never be able to separate them. Maybe routing mark as the selection field?

What I am trying to accomplish is via the netwatch on GroupB, once it comes up, from a down situation, the script must test if it is set at 255 or 250. If it is 255, then do nothing, if group B is 250 and netwatch shows it is “up”, then set to 255. Hope this makes the intention clearer.

Please explain the “255?” ? It has been working for 3 months so far, could this be causing problems I am unaware of?

Regards and many thanks
Brian

fewi · September 4, 2010, 8:46pm

Often IP addresses that end in .255 are broadcast addresses and cannot be gateways. Yours might be OK since we don’t know the subnet mask of your IP address on that network.

briane · September 5, 2010, 9:04am

My AP’s are configured with IP addresses as per image below…

Each Client unit has a different network (and the same broadcast) setting, and on the Client Unit, the IP is set with the network and broadcast the same as the AP IP address, so effectively each client has it’s own network. 255 is never used on the wireless network as a common broadcast IP.

The Client unit associated with the first IP in the image above, has these settings for it’s IP’s…

Regards
Brian

Chupaka · September 5, 2010, 5:27pm

then use your

:foreach i in=[find comment="Group B"]

instead of

:foreach i in=[find]

I just showed you an example =)

mandobasha · November 2, 2014, 3:58am

i need help with this code

:set datadown [/ip hotspot active get $counter bytes-out]
:if ([/ip hotspot active get $counter bytes-out] =“0”) do={

i only want to check if this user is already limited or not so if not i will auto limit him .. thats it

p3rad0x · August 4, 2016, 10:35am

Hi,

Could anyone help me to do the same but with default authenticate and forward?

if they are enabled disable them, else do nothing

p3rad0x · August 4, 2016, 1:02pm

Ok I solved it without using a if statement.

:foreach i in=[interface wireless find default-forwarding=yes] do={/interface wireless set $i default-forwarding=no}
:foreach i in=[interface wireless find default-authentication=yes] do={/interface wireless set $i default-authentication=no}
:foreach i in=[interface wireless find hide-ssid=no] do={/interface wireless set $i hide-ssid=yes}

Chupaka · August 4, 2016, 1:16pm

this should do the same:

/interface wireless set [find] default-forwarding=no default-authentication=no hide-ssid=yes

p3rad0x · August 10, 2016, 8:33am

Thanks,

I have ran into a different issue.

When I try and add a script via the terminal

/system script add name=test source=":foreach i in=[interface wireless find default-forwarding=yes] do={/interface wireless set $i default-forwarding=no}"

The script gets added,but the $i doesn’t get added, then the last part looks like this

do={/interface wireless set default-forwarding=no}

Why is it losing the $i?

Reason for using the foreach is that some of the sectors have more than one virual ap

p3rad0x · August 10, 2016, 11:39am

Ok problem solved.

All I did is manually add a script, then I exported the config to a file.

Now it works 100%

soheiliz · August 10, 2020, 7:19am

Dears,

I am trying to use this script to check two-parameter but it just executes without any action.

:foreach i in=[ip firewall nat find action=masquerade chain=srcnat src-address-list=no dst-address-list=no ] do={/ip firewall nat set src-address-list=AllowedSrc dst-address-list=AllowedDst}
I’d like to check inside of my NAT if the “src-address-list & dst-address-list” exist do nothing and IF they are not specified and not exist add “src-address-list=AllowedSrc” & dst-address-list=AllowedDst

I would be very grateful if someone helps me with this issue.

CZFan · August 10, 2020, 8:19am

I take no responsibility, so do backup of config before!!
Have not tested, but try below in terminal window after doing above

{
:foreach i in=[ip firewall nat find where action="masquerade" && chain="srcnat" && src-address-list="no" && dst-address-list="no"]
do={/ip firewall nat set src-address-list=AllowedSrc dst-address-list=AllowedDst}
}

soheiliz · August 10, 2020, 10:15am

Dear CZFan

Many thanks for your response, Unfortunately, it didn’t solve the issue.
If I use below script I have to add number but I cant because I have many Mikrotik routers with several NAT I have to add src and dst address list by one script.
:if [/ip firewall nat find action=masquerade chain=srcnat] do={/ip firewall nat set src-address-list=“AllowedSrc” dst-address-list=“AllowedDst”}

Best Regards,

msatter · August 10, 2020, 11:07am

{
/ip firewall nat
set [find action=masquerade chain=srcnat] src-address-list="AllowedSrc" dst-address-list="AllowedDst"
}

My guess and have RouterOS do the work. If dst/src address already exists then those are overwritten by the new values.

If you only want to apply to lines that have no src-address-list active:

{
/ip firewall nat
set [find action=masquerade chain=srcnat src-address-list=""] src-address-list="AllowedSrc" dst-address-list="AllowedDst"
}

soheiliz · August 10, 2020, 11:28am

Dear msatter,
BINGO!!! That is a good solution and answered. Thanks a million for your idea. It helps me a lot.
But the point is that it set src-address-list=AllowedSrc and dst-address-list=AllowedDst for all the existed NAT. I have several NAT which one of them should be changed and I am searching for somthing that compare and check the parameters and at last change as my need.

Best Regards,