Community discussions

MikroTik App
 
Borage
Member Candidate
Member Candidate
Topic Author
Posts: 170
Joined: Sun Sep 26, 2004 10:19 pm

Add current dynamic IP address to a list

Mon Jul 02, 2007 8:23 am

I'm trying to add a dynamic IP address to a list, but I ran into a few issues. I can add a variable like the following to get the address.
:set wanip [/ip address get [/ip address find interface=ether1] address]
The problem when I'm trying to add the address with the following command is that the network address will be added instead of the IP address. I need to remove the Bit mask from the IP address, and I have no clue for the moment how I can do that.
/ip firewall address-list add list=wan_ip address=$wanip
Obviously, this command will simply add a new address when it changes, so I need to remove the old address before adding a new one. The simplest way would be to use the remove parameter, but I've not figured out the proper command.

I have in mind to use it with a nat rule, so people can browse the web server behind nat using the Public IP address. I want to get rid of one DNS server to simplify everything.


Here is the rules that made it possible to browse a web server behind nat using the Public IP address (frequently asked by many people in this forum). This feature has many names, for example: Nat Loopback, Nat Reflection, or Nat Bouncing.
/ ip firewall nat 
add chain=dstnat dst-address=<Public_IP_address> protocol=tcp dst-port=80 action=dst-nat to-addresses=<Web_Server_IP_address> \
    to-ports=0-65535 comment="" disabled=no
/ ip firewall nat 
add chain=srcnat dst-address=<Web_Server_IP_address> protocol=tcp dst-port=80 action=src-nat to-addresses=<Router_Internal_IP_address> \
    to-ports=0-65535 comment="" disabled=no
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7042
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: Add current dynamic IP address to a list

Mon Jul 02, 2007 10:08 am

1)find "/" in address
2)pick all characters form 0 to position found in step 1
3) set new value;
{ :global wanip ; :set wanip [ :pick $wanip 0 [:find $wanip "/" ] ]}
 
Borage
Member Candidate
Member Candidate
Topic Author
Posts: 170
Joined: Sun Sep 26, 2004 10:19 pm

Re: Add current dynamic IP address to a list

Wed Jul 04, 2007 12:58 am

Thanks for your help, it works from the console, but not if I run it from a script. The variable $wanip are unchanged after the script execution.
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7042
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: Add current dynamic IP address to a list

Thu Jul 05, 2007 9:53 am

It works for me on v2.9.44 and on 3.0 beta10;
Make sure you have set everything correctly.
 
Borage
Member Candidate
Member Candidate
Topic Author
Posts: 170
Joined: Sun Sep 26, 2004 10:19 pm

Re: Add current dynamic IP address to a list

Thu Jul 05, 2007 1:51 pm

Can you give me an example of a script to set a variable? I'm obviously doing something wrong.

Thanks
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7042
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: Add current dynamic IP address to a list

Thu Jul 05, 2007 3:19 pm

:global wanip "192.168.0.1/24";
:log info $wanip;
:set wanip [ :pick $wanip 0 [:find $wanip "/" ] ] ;
:log info $wanip;
 
Borage
Member Candidate
Member Candidate
Topic Author
Posts: 170
Joined: Sun Sep 26, 2004 10:19 pm

Re: Add current dynamic IP address to a list

Mon Jul 09, 2007 11:18 pm

Thanks a lot for your help mrz. I've been struggling with the system script feature for several days, and now I've accomplished the following:
  1. Check whether it is the first time the schedule job is running after the router has started (if the first time, run the initial script "dhcp_init").
  2. Check if the initial DHCP IP address has been set (if not, run the initial script).
  3. Identify the DHCP network interface and set the variable "dhcpinterface".
  4. Add the initial IP address to a list "wan_ip" (if NIC is bound).
  5. Check whether the IP address has changed.
  6. Run a script when the address has changed (optional).
  7. Replace the IP address in the list "wan_ip" after it has been changed.
Any enhancements?
# Script dhcp_init
:global dhcpinterface [ /ip dhcp-client get [/ip dhcp-client find status=bound ] interface ]
:global wanip [/ip address get [/ip address find interface=$dhcpinterface] address]
:set wanip [ :pick $wanip 0 [:find $wanip "/" ] ]
:if ($wanip != :nothing) do={/ip firewall address-list add address=$wanip list=wan_ip}
:if ($wanip != :nothing) do={:log info ("dhcp address: " . $wanip)}
# Script dhcp_check
:local optscript <script to run when the address has changed (optional)>
:if ([/system scheduler get dhcp_job run-count]<=1) do={/system script run dhcp_init}
:if ([:pick $wanip]=[:nothing]) do={/system script run dhcp_init}
:set newip [/ip address get [/ip address find interface=$dhcpinterface] address]
:set newip [ :pick $newip 0 [:find $newip "/" ] ]
:if ($wanip != $newip) do={:log info ("new dhcp address: " . [:set wanip $newip])
:if ($optscript != :nothing) do={/system script run $optscript}
:foreach a in=[/ip firewall address-list find list=wan_ip] do={/ip firewall address-list set $a address=$wanip}}
Schedule to run the script dhcp_check every 30 seconds.
/system scheduler add name=dhcp_job interval=30s on-event=dhcp_check
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7042
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: Add current dynamic IP address to a list

Tue Jul 10, 2007 1:11 pm

good :)

but there is no pint for using these two lines:
:if ([/system scheduler get dhcp_job run-count]<=1) do={/system script run dhcp_init}
:if ([:pick $wanip]=[:nothing]) do={/system script run dhcp_init}
use only this check, because your double check is useless anyway. Removing one check will make script a little bit faster, but still faster :)
:if ([:pick $wanip]=[:nothing]) do={/system script run dhcp_init}
 
Borage
Member Candidate
Member Candidate
Topic Author
Posts: 170
Joined: Sun Sep 26, 2004 10:19 pm

Re: Add current dynamic IP address to a list

Tue Jul 10, 2007 7:43 pm

I only used the first line until I realized that it will be problem if there is a delay in the dhcp lease when the router is rebooted, or the router does not get any IP address at all. But you're right, I only need the line you pointed out.

I just realized that I need another check. When the router reboots, the init script is trying to add the IP address to the address list. If the address has changed, then I'll have two addresses in the list, and that is something I don't want. I also found out that the same address can be added multiple times in the address list. This should not be possible, but sometimes it's possible to add an existing IP address multiple times (bug in the RouterOS?).


Anyhow, here is the line I want to do something about. I want to change the address if there is already an IP address in the list, and if the list does not exist, run the following line.
:if ($wanip != :nothing) do={/ip firewall address-list add address=$wanip list=wan_ip}
The easiest way would be to manually add the address in the beginning, and then use the following line to change the address. But why do it simple? I want to make it foolproof. :)
:foreach a in=[/ip firewall address-list find list=wan_ip] do={/ip firewall address-list set $a address=$wanip}}
 
mbezuidenhout
just joined
Posts: 1
Joined: Wed Nov 03, 2010 4:41 pm

Re: Add current dynamic IP address to a list

Sat Jul 31, 2021 1:05 pm

I created this script to get the list of interfaces from the /interface list members list then get their IP addresses and add it to the firewall addresses list.
  1. Get list of interfaces
  2. Get their addresses
  3. Add addresses to firewall list
  4. Remove old addresses from firewall list
:local iflist "WAN"
:local fwlist "public"
:local interfaces [/interface list member find where list=$iflist]
:local newaddrs

:foreach a in $interfaces do={
  :local ifname [/interface list member get number=$a value-name=interface]
  #:put $ifname
  :local ifaddrs [/ip address find where interface=$ifname]
  :foreach b in $ifaddrs do={
    :local ifaddr [/ip address get number=$b value-name=address]
    # Remove network mask
    :set ifaddr [:pick $ifaddr 0 [:find $ifaddr "/"]]
    #:put $ifaddr
    :set $newaddrs ($newaddrs, $ifaddr)
  }
}

# Add new addresses
:foreach a in $newaddrs do={
  :if ([/ip firewall address-list find where address=$a] = "") do={
    /ip firewall address-list add list=$fwlist address=$a
  }
}

# Remove old addresses
:foreach a in [/ip firewall address-list find where list=$fwlist] do={
  :local addr [/ip firewall address-list get number=$a value-name=address]
  #:put $addr
  :if ([:len [:find $newaddrs $addr]] = 0) do={
    /ip firewall address-list remove $a
  }
}
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Add current dynamic IP address to a list

Sun Aug 01, 2021 4:35 am

You resurrect a 2007 topic with this script,
but what is one useful way to use this script?,
considering that now in the firewall it is already possible
to specify the WAN list of the interfaces, without using the IPs?

the correct syntax want = betwen in and the variable
in $ => in=$

why ckeck if the address is used on any other list?
why you do not add the address if is on another list?
and why remove old addresses AFTER add new addres,
in so complicate way, first mix all old and new and then delete what is not just added?
Next time di point 4, then point 3...

And why do not direct create entry on address list, instead of create the array of addresses first, then add the addresses on the list?

Simply add the addresses after removing all first, ignoring if the addresses are used on other lists...

after some other corrections, for teaching purposes, simply do:
:local iflist "WAN"
:local fwlist "public"
/ip firewall address-list remove [find where list=$fwlist]
/interface list member 
:foreach memberid in=[find where list=$iflist] do={
    :local ifname [get $memberid interface]
    :foreach addressid in=[/ip address find where interface=$ifname] do={
        :local ifaddr [/ip address get $addressid address]
        :set ifaddr [:pick $ifaddr -1 [:find $ifaddr "/"]]
        /ip firewall address-list add list=$fwlist address=$ifaddr
    }
}

Who is online

Users browsing this forum: No registered users and 29 guests