Community discussions

MikroTik App
 
User avatar
BrateloSlava
Member Candidate
Member Candidate
Topic Author
Posts: 167
Joined: Mon Aug 09, 2021 10:33 am
Location: Ukraine, Kharkiv

Removing an IP address from one list in another list

Tue Sep 13, 2022 5:47 pm

There is a list of DNS names of routers, that are considered trusted. The list name is AllowedIP.
The list is filled with DNS names because the provider allocates dynamic IP addresses.
DNS names of this list = IP -> Cloud -> DNS Name.

There is a dynamic list of IP addresses, that are temporarily blocked for various reasons. The list name is BannedIP.
This list is filled with firewall rules.

Behind the routers, that are in the trusted list, are servers, that can exchange information with each other.

Problem - sometimes a situation arises, when the IP addresses of routers from the trusted list fall into the list of blocked ones.
Most often, this situation occurs, when a router is rebooted.

I remind, that the list of trusted ones = the list of DNS names.

When rebooting, a situation may arise, when this list does not have time to be filled with dynamic entries with IP addresses.
Firewall rules are triggered before the list is full.
If at this moment there is a call from another router and its IP address is not recognized, it is included in the list of blocked ones.

That is, a script is required, that will extract dynamic IP address entries from the AllowedIP list and remove them from the BannedIP list.

Thank in advance for help.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Removing an IP address from one list in another list  [SOLVED]

Tue Sep 13, 2022 7:15 pm

Just ask... [Сподіваюся, в Харкові все буде добре... 😢]
{
:local oklist "AllowedIP"
:local kolist "BannedIP"
/ip firewall address-list
    :foreach item in=[find where list=$oklist and ([:typeof [:toip $address]] = "ip")] do={
        remove [find where address=[get $item address] and list=$kolist]
    }
}
 
User avatar
BrateloSlava
Member Candidate
Member Candidate
Topic Author
Posts: 167
Joined: Mon Aug 09, 2021 10:33 am
Location: Ukraine, Kharkiv

Re: Removing an IP address from one list in another list

Tue Sep 13, 2022 8:37 pm

The solution looks very simple. Thank you so much. :)

Who is online

Users browsing this forum: No registered users and 20 guests