Title says it all, basically a bunch of RG750r3 will be coming online as they are installed at various locations, I forgot to add a vlan off an interface,
The interface in question connects to a TP-Link AP that is broadcasting a guest network with splash pages and a secure network without. the secure network already has a vlan.
I want to run a perl script to check every 5 mins if a site came online and to add the requisite VLAN port and DHCP server required for the secure wifi network.
I normally just use /ip hotspot setup command and disable hotspot when finished as needed. I dont believe interaction is possible with Mikrotik::API library, so Im trying add everything manually.
Here’s what I have:
....
foreach my $site (keys %sites) {
if($sites{$site}{"status"} eq "up") {
my $con = MikroTik::API->new({
host => $sites{$site}{"ip"},
username => "stupidadmin",
password => "stupidpw",
port => 8728,
use_ssl => 0
}) or die "$!\n";
my ($retcode,@output) = $con->query('/interface/print',{},{});
if($retcode==1) {
my $skip = 0;
foreach my $val (@output) {
if($val->{"name"} eq "VLAN2") { print "$site already has VLAN2 added, assuming setup up correctly\n"; $skip = 1; }
}
if($skip==0) {
print "$site doesnt have VLAN 2, adding off ether5\n";
#/interface vlan add name=VLAN2 vlan-id=2 interface=ether5
$con->cmd("/interface/vlan/add",{"name"=>"VLAN2","vlan-id"=>"2","interface"=>"ether5"}) or die "$!\n";
#/ip address add address=2.2.2.1/24 interface=VLAN2
$con->cmd("/ip/address/add",{"address"=>"2.2.2.1/24","interface"=>"VLAN2"}) or die "$!\n";
#/ip pool add name="secure-pool" ranges="2.2.2.2-2.2.2.254"
$con->cmd("/ip/pool/add",{"name"=>"secure-pool","ranges"=>"2.2.2.2-2.2.2.254"}) or die "$!\n";
#/ip dhcp-server add name="dhcp5" address-pool="secure-pool" interface=VLAN2 add-arp=yes authoritative=yes use-radius=no lease-time=8h disabled=no
$con->cmd("/ip/dhcp-server/add",{"name"=>"dhcp5","address-pool"=>"secure-pool","interface"=>"VLAN2","add-arp"="yes","authoritative"=>"yes","use-radius"=>"no","lease-time"=>"8h","disabled"=>"no"}) or die "$!\n";
#/ip dhcp-server network add address="2.2.2.0/24" gateway="2.2.2.1"
$con->cmd("/ip/dhcp-server/network/add",{"address"=>"2.2.2.0/24","gateway"=>"2.2.2.1"}) or die "$!\n";
#/ip firewall nat add chain=srcnet action=masquerade src-address=2.2.2.0/24
$con->cmd("/ip/firewall/nat/add",{"chain"=>"srcnet","action"=>"masquerade", "src-address"=>"2.2.2.0/24"}) or die "$!\n";
}
}
else {
print "Error, site $site port 8728 appears open but unable to connect. Service port disabled?\n\n";
}
$con->logout();
print "Removing $site from list\n";
delete $sites{$site};
$size--;
}
}
This snippet of code is in a while loop that has a 5 min pause and continues looping until the hash %sites is empty. Before that I parse the output of nmap that scans static IP that are assigned to eth1 of each router. Will this code work? Is there anything I should be aware of?
EDIT: Anything I can do to improve the question? Anything I need to clarify?