Join two scripts on only one

gilbertoandrade · September 12, 2014, 1:48am

Hello guys

I have the following idea, create a single script that checks with which a given ip User is connected to pppoe, compares with the ip ip firewall access-list and if not listed, add it in the access list.

I managed to create two scripts for this function but still can not connect the two.

First: Checks particular User and add the ip firewall access list with a comment

:foreach ID in=[/ppp active find name=bill] do={
:foreach IP in=[/ppp active get $ID address] do={
:global IP1 $IP;
}

}
}
}
}

Based on this comment the other script checks if there is any ip for him

:foreach i in=[/ip firewall address-list find] do={
:if ( [:find [/ip firewall address-list get $i comment] “bill” ] >= 0 ) do={
:global IP3 [/ip firewall address-list get $i address];

}

}

Would unite the two scripts and compare the results.
If there is no ip access-list in, add, and if there warn that already exists.

I tried but without success so

foreach ID in=[/ppp active find name=bill] do={
:foreach IP in=[/ppp active get $ID address] do={
:global IP1 $IP;

:foreach i in=[/ip firewall address-list find] do={
:if ( [:find [/ip firewall address-list get $i comment] “bill” ] >= 0 ) do={
:global IP2 [/ip firewall address-list get $i address];

if ($IP1 != $IP2) do={

/ip firewall address-list add list=clients comment=bill disabled=no address=$IP1;

}

}
}
}
}
}
}
}

psamsig · September 12, 2014, 9:48pm

Not quite clear to me what you try to achieve, but her is a go:

/ppp active {
    :foreach i in=[find name=bill] do={
        :foreach ip in=[get $i address] do={
            /ip firewall address-list {
                :if ([:len [find address=$ip comment~"bill"]] > 0) do={
                    :log info ($ip . " already exists in address-list")
                } else={
                    add list=clients comment=bill disabled=no address=$ip
                }
            }
        }
    }
}

gilbertoandrade · September 15, 2014, 7:03pm

Perfect my friend!!!

In a third case, that if the script would find the comment and the ip was different it found remove the ip and add the new.

I tried the following without success

/ppp active {
:foreach i in=[find name=bill] do={
:foreach ip in=[get $i address] do={
/ip firewall address-list {
:if ([:len [find address=$ip comment~“bill”]] > 0) do={
:log info ($ip . " already exists in address-list")

} else={

:if ( [:find [/ip firewall address-list get $i comment] “bill” ] >= 0 ) do={
remove list=clients $i
}
add list=clients comment=bill disabled=no address=$ip

}
}
}
}
}

psamsig · September 15, 2014, 8:13pm

The one i posted find all ppp connections by ‘bill’ and it adds the IP-address of these to a address-list names ‘clients’ with the comment ‘bill’ in case the don’t already exists, and logs a message in case they do. I don’t get your third case. Is it to remove entries from the address-list of ppp connection that no longer exists? If not then try to describe in words what you try to achieve.

gilbertoandrade · September 15, 2014, 9:02pm

For example:

Let’s assume that ip address and comment bill already exists in ip firewall address-list. If the IP of bill found in /ip firewall address-list is different from that found in /ppp active remove it and add the found in /ppp active

Working with dynamic ips so it may bill username connect different ips.

psamsig · September 15, 2014, 9:22pm

Then what about this then:

/ppp active {
    :foreach i in=[find name=bill] do={
        :foreach ip in=[get $i address] do={
            /ip firewall address-list {
                :local o [find list=clients comment=bill]
                :if ([:len $o] = 0) do={
                    add list=clients comment=bill disabled=no address=$ip
                } else={
                    :if ([get $o address] != $ip) do={
                        remove $o
                    }
                }
            }
        }
    }
}

gilbertoandrade · October 1, 2014, 12:45pm

Perfect!!!

Thanks