I want to put all Dynamic NAT rules in a variable for comparison. I need to execute the below script, in case Dynamic NAT entries have changes.
It is about this: http://wiki.mikrotik.com/wiki/UPnP_Multi-WAN
foreach i in=([/ip fi nat find dynamic])
do={/ip fi nat add chain=dstnat dst-address=“”
protocol=[/ip fi nat get $i protocol]
to-addresses=[/ip fi nat get $i to-addresses]
to-ports=[/ip fi nat get $i to-ports]
action=dst-nat dst-port=[/ip fi nat get $i dst-port]
comment=“UPnP_Cloned”}Thank you.
I found one solution like this: #global variable is loaded with IDs of Dynamic NAT entries
:global UPnPs [/ip firewall nat find dynamic]; #compares IDs with the ones from previous run
:if ($UPnPs != $UPnPz) do={ #copies current IDs to secondary variable UPnPz which will be used for comparison on next run
:global UPnPz; :set $UPnPz $UPnPs; #if the vars above are not same, first all old clones are cleaned
/ip firewall nat remove [/ip fi nat find comment=“UPnP_Cloned”];
:foreach i in=([/ip fi nat find dynamic]) do={ #set <WAN 2 IP> manually or can be also obtain from the interface by scripting
/ip fi nat add chain=dstnat dst-address=“<WAN 2 IP>” #copy TCP or UDP protocol setting from the current Dynamic rule that :foreach is cycling through
protocol=[/ip fi nat get $i protocol] #copy to address - this is the customers internal address
to-addresses=[/ip fi nat get $i to-addresses] #same port
to-ports=[/ip fi nat get $i to-ports]
action=dst-nat #same dst-port
dst-port=[/ip fi nat get $i dst-port]
comment=“UPnP_Cloned”}}You are welcome to contribute.
It would be preferable if instead of IDs - actual dst-address and dst-port are compared between each run.
If someone can help with this it will be highly appreciated.
Hi @NetworkPro,
I’m not sure if you can see this post, I’ve been reading your post at least 10 times(mostly I was redirected by google here), so I decided to register an account to ask you one question.
background:
I’m really new to Mikrotik RouterOS, so I’m not familiar with the ROS Script. in my country, we use pppoe to get the internet connection from ISP, and we’re also allowed create 3 different pppoe connections to get 3 different IPs, we can also get about 3 times bandwidth. so I created 3 PPPOE connection to make my internet faster.
question 1
in you script, you mentioned this
ip fi nat add chain=dstnat dst-address=“<WAN 2 IP>” \
is this "<WAN 2 IP> a public IP such as 8.8.8.8 or 8.8.4.4? or it’s a private IP such as 192.168.1.2 or 10.35.83.51?
question 2(followed by question 1)
if this <WAN 2 IP> is a public IP, since I get the IPs dynamicly(from a PPPOE connection), the WAN 2 IP changes every 48 hours, how can I get the IP address from a PPPOE?
Thank you very much for answering me, if someone else knows the answer, please post your answer when you get a chance, I’m really appreciated for that.