Community discussions

MUM Europe 2020
 
jet800
just joined
Topic Author
Posts: 3
Joined: Fri Jul 19, 2013 10:06 pm

Autoupdating Ips for tunlr DNS

Fri Jul 19, 2013 10:22 pm

Hello guys, so I have an idea for script that would automatically update current IPs of Tunlr DNS service.
The idea:
1. Create a layer-7 filter for needed sites:

ros code

/ip firewall layer7-protocol
add comment="Redirect DNS requests to tunlr.net DNS" name=tunlr-dns regexp="pa\
    ndora.com|hulu.com|cbs.com|abc.com|go.com|mtv.com|mtvnservices.com|nbc.com\
    |nbcuni.com|fox.com|theplatform.com|tv.com|pbs.com"
2. mark DNS requests to needed services using layer-7 filtering

ros code

/ip firewall mangle
add action=mark-connection chain=prerouting comment=tunlr-dns dst-address=\ 172.31.2.1 dst-port=53 layer7-protocol=tunlr-dns new-connection-mark=\ tunlr-dns-cxn protocol=udp
add action=mark-connection chain=prerouting comment=tunlr-dns dst-address=\ 172.31.2.1 dst-port=53 layer7-protocol=tunlr-dns new-connection-mark=\ tunlr-dns-cxn protocol=tcp
172.31.2.1 - this is router IP
3. reroute those DNS requests to Tunlr services

ros code

/ip firewall nat
add action=dst-nat chain=dstnat comment=tunlr-dns connection-mark=\ tunlr-dns-cxn to-addresses=69.197.169.9
Pretty simple right? No scripting yet.
4. Using Tunlr DNS Update API(http://tunlr.net/tunapi.php?action=getd ... ormat=json) get actual IPs for Tunlr service. There goes using /tool fetch
5. Change direct declaration of IP in step 3 to adress list
6. Update IPs in that list with newly fetched ones.

However I did not understand how do I parse json with Mikrotik after fetching it?
 
jet800
just joined
Topic Author
Posts: 3
Joined: Fri Jul 19, 2013 10:06 pm

Re: Autoupdating Ips for tunlr DNS

Tue Aug 13, 2013 12:55 am

Okay, I've managed to fetch tunlr DNS IPs based on DynDNS external IP check :)

ros code

# get the current IPs of tunlr DNS
/tool fetch mode=http url="http://tunlr.net/tunapi.php?action=getd ... ormat=json" dst-path="/tunlr.dns.json"
:delay 1
:local result [/file get tunlr.dns.json contents]

# parse the current IP result
:local resultLen [:len $result]
:local startLoc [:find $result "dns1" -1]
:set startLoc ($startLoc + 6)
:local endLoc [:find $result "," -1]
:local currentIP [:pick $result $startLoc $endLoc]
:log info "Current Tunlr primary DNS: currentIP = $currentIP"
So my main problem that dst-nat does not accept and adress list in to-adresses. So I could not just put new IP to that list. So I need to recreate NAT rule (from step 3). But how could I delete current rule?
 
jet800
just joined
Topic Author
Posts: 3
Joined: Fri Jul 19, 2013 10:06 pm

Re: Autoupdating Ips for tunlr DNS

Tue Aug 13, 2013 1:23 am

Nevermid, here's working script:

ros code

# get the current IPs of tunlr DNS
/tool fetch mode=http url="http://tunlr.net/tunapi.php?action=getd ... ormat=json" dst-path="/tunlr.dns.json"
:delay 1
:local result [/file get tunlr.dns.json contents]

# parse the current IP result
:local resultLen [:len $result]
:local startLoc [:find $result "dns1" -1]
:set startLoc ($startLoc + 7)
:local endLoc [:find $result "," -1]
:set endLoc ($endLoc - 1)
:local currentIP [:pick $result $startLoc $endLoc]
:log info "Current Tunlr primary DNS: $currentIP"
# set updated ip to firewall nat rule
/ip firewall nat
:foreach a in=[find where comment="tunlr-dns-dst"] do={
set $a to-addresses=($currentIP)
:log info "Successfully set new tunlr DNS IP: $currentIP"
}
Edits from previous version - bit of cleaning for log message, removal of quotes from parsed IP address and finally added updating of nat rule!
I'll add check to if IP was actually changed and then update first post.
 
ghi000
newbie
Posts: 30
Joined: Thu Jun 06, 2013 6:05 pm
Location: București, România
Contact:

Re: Autoupdating Ips for tunlr DNS

Fri Aug 16, 2013 8:38 pm

great, thanks!

Who is online

Users browsing this forum: No registered users and 15 guests