Code: Select all
[admin@MikroTik] > /ip firewall nat print [/ip firewall nat find dst-port="55882"]
expected end of command (line 1 column 24)
[admin@MikroTik] > /ip firewall nat print [/ip firewall nat find dst-port="55882"]
expected end of command (line 1 column 24)
/ip firewall nat print where dst-port="55882"
Thank you very much!Code: Select all/ip firewall nat print where dst-port="55882"
/ip firewall nat find where dst-port="55882"
:put [/ip firewall nat find where dst-port="55882"]
:put [/ip firewall nat get [/ip firewall nat find where dst-port="55882"]]]
:put [/ip firewall nat get [find where dst-port="55882"]]]
:put [/ip firewall nat get [find where dst-port="55882"] comment]]
That is a strange request.
Are you using winbox??
/ip firewall nat set to-ports="12345" where comment="TEST RULE"
/ip firewall nat set "rule number" to-port=12345
/ip firewall nat find where comment="TEST RULE"
/ip firewall nat set [/ip firewall nat find where comment="TEST RULE"] to-port=12345
/ip firewall nat set [find where comment="TEST RULE"] to-port=12345
This can be shorten some, since you already specify the path in the outer command.Code: Select all/ip firewall nat set [find where comment="TEST RULE"] to-port=12345
:if ([/ip firewall nat get [find where comment=pihole_bypass] disabled]=yes) do={
That is what a more properly worded question/requirement should look like.That is a strange request.
Are you using winbox??
No I'm using the command via SSH from another server to GET and SET a specific firewall rule
How would I edit the to-ports field for a given rule, egThanksCode: Select all/ip firewall nat set to-ports="12345" where comment="TEST RULE"
what mess... :))Is this argument corect?Seems, like the only thread discussing nat get find :DCode: Select all:if ([/ip firewall nat get [find where comment=pihole_bypass] disabled]=yes) do={
/ip fire nat
:if ( [get [find where comment="pihole_bypass"] disabled] = yes) do={
:put "pihole_bypass disabled"
} else={
:put "pihole_bypass enabled"
}
# *** or ***
/ip fire nat
:if ( [:len [find where comment="pihole_bypass" and disabled=yes] ] > 0) do={
:put "all or a least one pihole_bypass disabled"
} else={
:put "all pihole_bypass enabled or none exist"
}
/ip fire nat
:if ( [get [find where comment="pihole_bypass"] disabled] = yes) do={
:resolve google.com server=192.168.188.25;
} on-error={
:put "pihole_bypass enabled"
} else={
:resolve google.com server=192.168.188.25;
:put "pihole_bypass disabled"
}
Thank you , @rextended for clearing out the mess again :)) :D, Actually, that line was a part of fallback script. I am still ironing out again :DSorry for hijacking the thread :PCode: Select all/ip fire nat :if ( [get [find where comment="pihole_bypass"] disabled] = yes) do={ :resolve google.com server=192.168.188.25; } on-error={ :put "pihole_bypass enabled" } else={ :resolve google.com server=192.168.188.25; :put "pihole_bypass disabled" }
/ip fire nat
:if ( [get [find where comment="pihole_bypass"] disabled] = yes) do={
:local noerror true
:put "pihole_bypass is disabled, check if working"
:do { :resolve google.com server=192.168.188.25
} on-error={
:put "unresolvable, pihole still disabled"
:set $noerror false
}
:if ($noerror) do={
:put "but now is working, enable pihole_bypass"
set [find where comment="pihole_bypass"] disabled=no
}
} else={
:put "pihole_bypass is enabled, check if working"
:do { :resolve google.com server=192.168.188.25
} on-error={
:put "but now do not work and I disable pihole_bypass"
set [find where comment="pihole_bypass"] disabled=yes
}
}
:local piholeDown [/ip firewall nat print count-only where comment~"pihole_bypass" && disabled]
:local piholeDNS "192.168.188.25"
:local testDomain "www.google.com"
:if ($piholeDown > 0 ) do={
:do {
:resolve $testDomain server $piholeDNS
} on-error={
/ip firewall nat enable [find comment=pihole_bypass];
}
} else={
:do {
:resolve $testDomain server $piholeDNS
/ip firewall nat disable [find comment=pihole_bypass];
} on-error={}
}