Is there a way to find out when new WG and IPSEC clients are connected? or just run the script on a schedule?
Code: Select all
:local peerList
:foreach peerId in=[/interface wireguard peer find] do={
:local peerAddress [/interface/wireguard/peers/get $peerId current-endpoint-address]
:if ([:len $peerAddress] > 0) do={
:if ([:len [/ip firewall address-list find address=$peerAddress list=my-addresses]] = 0) do={
:local peerComment [/interface/wireguard/peers/get $peerId comment]
/ip firewall address-list add address=$peerAddress list=whitelist-addresses comment=("WG " . $peerComment) dynamic=yes timeout=1d
}
}
}
:foreach peerId in=[/ip ipsec active-peers find] do={
:local peerAddress [/ip ipsec active-peers get $peerId remote-address]
:if ([:len [/ip firewall address-list find address=$peerAddress list=my-addresses]] = 0) do={
:local peerComment [/ip ipsec active-peers get $peerId id]
/ip firewall address-list add address=$peerAddress list=whitelist-addresses comment=("IKE2 " . $peerComment) dynamic=yes timeout=1d
}
}
