I'm currently using internet service from my ISP which is using dynamic IP, due to nature of dynamic IP, it difficult to access my network from internet if my modem rebooted, I know there are already tricks to access network from internet by using VPN as tunnel. My question is, is anybody here have scripts to grab current public IP from IP cloud, and use that IP to auto generate new dstnat and remove previous dstnat and send that information through telegram.
Sent from my Redmi 5 using Tapatalk
Re: [ask] Auto detect public ip and generate dstnat rule
Am not really sure i ve understood what you want to achieve...
The cloud will auto update when a change to the Public IP is detected...
What dst nat you mean ?
The cloud will auto update when a change to the Public IP is detected...
What dst nat you mean ?
Re: [ask] Auto detect public ip and generate dstnat rule
MikroTik DDNS service didn't work for me, each time ISP changed the address, MTiK service didn't update it.
I created a script (below), it's running every 5 minutes and sending an email with OLD and NEW IP address
I created a script (below), it's running every 5 minutes and sending an email with OLD and NEW IP address
Code: Select all
delay 5;
:if ([:len [/file find name=currentIP.txt]] = 0) do={
:local myfile "currentIP.txt";
/file print file=$myfile;
:delay 3;
:local cont "1.1.1.1";
/file set $myfile contents=$cont;
}
:if ([:len [/file find name=currentIP.txt]] > 0) do={
:local filename "currentIP.txt";
:local ip [/file get currentIP.txt contents];
:delay 1;
:local cip ([:resolve myip.opendns.com server=208.67.222.222]);
:delay 1;
:local sub ("New WAN address: $cip");
:local bod ("old WAN IP = $ip new WAN IP = $cip");
:delay 3;
:if ($ip != $cip) do={/tool e-mail send to="YOUR.EMAIL@gmail.com" subject="$sub" body="$bod";
:delay 4;
/file set $filename contents=$cip;
}
}
-
-
gotsprings
Forum Guru
- Posts: 2122
- Joined:
Re: [ask] Auto detect public ip and generate dstnat rule
Here are a few ways to get the public IP address
Pick IP From Route (add WAN to your WAN connection name. ie. ether1-WAN)
:global Stat [/ip route get [find gateway~"WAN"] pref-src]
Pick IP from Address (add WAN to your WAN connection name. ie. ether1-WAN)
:global OnEtherSub [/ip address get [find interface~"WAN"] address]
:global OnEther [:pick $OnEtherSub 0 [:find $OnEtherSub "/"]]
Pick IP from DHCP-Client (add WAN to your WAN connection name. ie. ether1-WAN)
:global OnEtherSub [/ip dhcp-client get [find interface~"WAN"] address]
:global OnEther [:pick $OnEtherSub 0 [:find $OnEtherSub "/"]]
Get Public IP from IP Cloud
:global ipCloud [/ip cloud get public-address]
Resolve your current DNS name
:global RESOLVED [:resolve something.whatever.com]
Pick IP From Route (add WAN to your WAN connection name. ie. ether1-WAN)
:global Stat [/ip route get [find gateway~"WAN"] pref-src]
Pick IP from Address (add WAN to your WAN connection name. ie. ether1-WAN)
:global OnEtherSub [/ip address get [find interface~"WAN"] address]
:global OnEther [:pick $OnEtherSub 0 [:find $OnEtherSub "/"]]
Pick IP from DHCP-Client (add WAN to your WAN connection name. ie. ether1-WAN)
:global OnEtherSub [/ip dhcp-client get [find interface~"WAN"] address]
:global OnEther [:pick $OnEtherSub 0 [:find $OnEtherSub "/"]]
Get Public IP from IP Cloud
:global ipCloud [/ip cloud get public-address]
Resolve your current DNS name
:global RESOLVED [:resolve something.whatever.com]
Re: [ask] Auto detect public ip and generate dstnat rule
Why do i see scripts when the cloud works just perfect ? 
What is your ROS version ?
What is your ROS version ?
Re: [ask] Auto detect public ip and generate dstnat rule
For me it worked only once during initial setup and nothing after.
-
-
nescafe2002
Forum Veteran
- Posts: 897
- Joined:
- Location: Netherlands
Re: [ask] Auto detect public ip and generate dstnat rule
IP Cloud will update properly if your device has public IP. If MT is behind another router, you can force a periodic update using ddns-update-interval. No scripting required.
Also, no scripting required for dstnat entries. Assuming you currently have set dst-address instead of in-interface(-list) to be able to reach your servers from inside, you can use dst-address-type=local instead.
This entry will:
- forward incoming connections from outside to [external ip] ports 80,443 to 192.168.88.123
- forward incoming connections from inside to [external ip] ports 80,443 to 192.168.88.123 - hairpin nat rule still required
- NOT forward incoming connections to [internal ip] ports 80,443
- NOT forward outgoing connections
Code: Select all
/ip cloud
set ddns-enabled=yes ddns-update-interval=10m
Also, no scripting required for dstnat entries. Assuming you currently have set dst-address instead of in-interface(-list) to be able to reach your servers from inside, you can use dst-address-type=local instead.
Code: Select all
/ip firewall nat
add action=dst-nat chain=dstnat dst-address=!192.168.88.0/24 dst-address-type=local dst-port=80,443 protocol=tcp to-addresses=192.168.88.123
This entry will:
- forward incoming connections from outside to [external ip] ports 80,443 to 192.168.88.123
- forward incoming connections from inside to [external ip] ports 80,443 to 192.168.88.123 - hairpin nat rule still required
- NOT forward incoming connections to [internal ip] ports 80,443
- NOT forward outgoing connections
-
-
sopyan0807
newbie
- Posts: 39
- Joined:
- Location: Indonesia
- Contact:
Re: [ask] Auto detect public ip and generate dstnat rule
Create a scheduler to add ip from DDNS to the address list
then use the address list in the rule you want
Code: Select all
:local public;
:set public [/ip cloud get public-address];
/ip firewall address-list add address=$public list=public timeout=00:10:00Who is online
Users browsing this forum: abbio90, qwertykolea and 92 guests