Community discussions

MikroTik App
 
elico
Member Candidate
Member Candidate
Topic Author
Posts: 143
Joined: Mon Nov 07, 2016 3:23 am

Removing ip addresses in a list based on another

Sat Dec 12, 2020 11:49 pm

I have a set of lists I want to cleanup a specific IP from another address list.
It's not working.. What am I doing wrong?
:local lists {"test1"; "test2"; "test3";};

:foreach ip in=[/ip firewall address-list find where list="CLEANUP"] do={
    :local ipAddresss [/ip firewall address-list get $ip address];
    :foreach list in=$lists do={
        /log info "$ipAddresss";
        /log info "$list";
        /ip firewall remove [/ip firewall address-list [find list=$list address=$ipAddress]]
    }
}

/log info "Ended Script";
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: Removing ip addresses in a list based on another

Sun Dec 13, 2020 5:03 am

There's no "/ip firewall remove". This works for me:
/ip firewall address-list remove [/ip firewall address-list find list="test" address="1.2.3.4"]
but only when I write list name and address like this, I can't find a way how to make it work with variables. I assume it's possible, somehow, but if I ever understand RouterOS scripting, it will be a miracle.
 
elico
Member Candidate
Member Candidate
Topic Author
Posts: 143
Joined: Mon Nov 07, 2016 3:23 am

Re: Removing ip addresses in a list based on another

Thu Dec 17, 2020 2:22 pm

There's no "/ip firewall remove". This works for me:
/ip firewall address-list remove [/ip firewall address-list find list="test" address="1.2.3.4"]
but only when I write list name and address like this, I can't find a way how to make it work with variables. I assume it's possible, somehow, but if I ever understand RouterOS scripting, it will be a miracle.
I asusme it's lua scripting because many work with this but still...
I will try..
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: Removing ip addresses in a list based on another

Thu Dec 17, 2020 7:11 pm

It's not Lua, it's MikroTik's custom thing (they briefly had Lua in some beta version, but it didn't make it to final). It wouldn't be that bad, it's slightly unintuitive, but it would be possible to get used to it. Main problem is that it doesn't have any useful feedback, typo in code means silent death, without any indication what's wrong. And then there's things like this. I usually have no problem doing small things even in programming languages I don't know, but not with RouterOS scripting, I get stuck all the time.

If I try simplified script:
:local list "test1";
:local ip "1.0.0.0";
:log info $list
:log info $ip
/log info [/ip firewall address-list find list="test1" address="1.0.0.0"];
/log info [/ip firewall address-list find list="test1" address=$ip];
/log info [/ip firewall address-list find list=$list address="1.0.0.0"];
/log info [/ip firewall address-list find list=$list address=$ip];
then I get:
18:04:43 script,info test1 
18:04:43 script,info 1.0.0.0 
18:04:43 script,info *5 
18:04:43 script,info *5 
18:04:43 script,info *5;*7;*8;*b 
18:04:43 script,info *5;*7;*8;*b
So variables have expected values and *5 is correct id for item I'm searching for. It means that second command with address=$ip works fine too. But next two find 1.0.0.0 in all address lists, so there's some problem with list=$list. But what could it be?
 
User avatar
eworm
Forum Guru
Forum Guru
Posts: 1070
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: Removing ip addresses in a list based on another

Sat Dec 19, 2020 12:03 am

But next two find 1.0.0.0 in all address lists, so there's some problem with list=$list. But what could it be?
Have a look at this commit, it explains the issue:
https://git.eworm.de/cgit/routeros-scri ... 8bbde9651a

Short conclusion: You are safe if your variable names are not lower case.
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: Removing ip addresses in a list based on another

Sat Dec 19, 2020 1:52 am

You're right. It's actually documented:

https://wiki.mikrotik.com/wiki/Manual:S ... able_names

So on one hand I can't complain, but on the other it confirms what I'm saying, this whole thing is not intuitive (to me at least), because who would expect all property names to be reserved as variable names? :)
 
User avatar
eworm
Forum Guru
Forum Guru
Posts: 1070
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: Removing ip addresses in a list based on another

Sat Dec 19, 2020 11:22 am

Ah, did not know it is documented... Found it the hard way myself. 😆
 
elico
Member Candidate
Member Candidate
Topic Author
Posts: 143
Joined: Mon Nov 07, 2016 3:23 am

Re: Removing ip addresses in a list based on another

Mon Dec 28, 2020 5:03 pm

OK Now I got it.
I will try it later and see how it goes.
 
Siri
just joined
Posts: 4
Joined: Fri Apr 15, 2022 5:11 am

Re: Removing ip addresses in a list based on another

Mon Jul 18, 2022 8:10 pm

I know this is a old thread, but
@elico can you fix your script mentioned on 1st post. I really need a script like this but i have zero knowledge of programming .

Thank you
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3279
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: Removing ip addresses in a list based on another

Tue Jul 19, 2022 7:35 am

Here is a script that I do use.
If an IP are found in access list "Whitelist_IP" and also fond in access list "Block_list", remove it from "Block_list"
Then send a pushbullet message to my phone. (Can be any type of message, logging, email, telegram etc)

# Remove ip from block list if its white listed
# Jotne

# 1.1  get IP before used in loop to speed up seach. 29.05.2022
# 1.2  Added Pusbullet info 21.06.2022

/ip firewall address-list
:foreach id in=[find where list="Whitelist_IP"] do={
	:local IP [get $id address]
	:local Comment [get $id comment]
	:local IPFound [find where list="Block_list" address=$IP]
	:if ([:len $IPFound] > 0) do={
		remove $IPFound
		/tool fetch mode=https url="https://api.pushbullet.com/v2/pushes" http-method=post http-data="type=note&body=Unblock $IP $Comment" user="xxxxxxxxxxxxxx"
	}
}
 
Siri
just joined
Posts: 4
Joined: Fri Apr 15, 2022 5:11 am

Re: Removing ip addresses in a list based on another

Tue Jul 19, 2022 3:48 pm

Here is a script that I do use.
If an IP are found in access list "Whitelist_IP" and also fond in access list "Block_list", remove it from "Block_list"
Then send a pushbullet message to my phone. (Can be any type of message, logging, email, telegram etc)

# Remove ip from block list if its white listed
# Jotne

# 1.1  get IP before used in loop to speed up seach. 29.05.2022
# 1.2  Added Pusbullet info 21.06.2022

/ip firewall address-list
:foreach id in=[find where list="Whitelist_IP"] do={
	:local IP [get $id address]
	:local Comment [get $id comment]
	:local IPFound [find where list="Block_list" address=$IP]
	:if ([:len $IPFound] > 0) do={
		remove $IPFound
		/tool fetch mode=https url="https://api.pushbullet.com/v2/pushes" http-method=post http-data="type=note&body=Unblock $IP $Comment" user="xxxxxxxxxxxxxx"
	}
}


thank you for your kindness. your script working well & you also gave me an idea to record removed IPs. I have replaced pushbullet with google sheet to record all removed ips to google spreadsheet.


not related to this thread, do you have a script to remove static IPs from the address list if it older than 30 days ( based on creation time).
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3279
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: Removing ip addresses in a list based on another

Tue Jul 19, 2022 11:38 pm

This sript moves static IP that has more than 100 days of no use. You can see have I calculate days to get an idea on how to use it.
# Created Jotne 2021 v1.0
# Remove all static DHCP and corresponding DNS leases more than 100 week old
:local counter 0
/ip dhcp-server lease
:foreach id in=[find where dynamic=no last-seen~"^1[0-9][0-9]"] do={
	:local ip [get $id address]
	:set counter ($counter+1)
	# delete DNS entry with that IP
	/ip dns static remove [find where address=$ip]
	# remove DHCP entry
	remove $id
}
:log info message="script=dhcp_clean Number of static DHCP older>100weeks removed $counter"
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11968
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Removing ip addresses in a list based on another

Tue Jul 19, 2022 11:49 pm

not related to this thread, do you have a script to remove static IPs from the address list if it older than 30 days ( based on creation time).
You can not easily read the creation time "jul/19/2022 22:37:42" and compare with something.
Is a string, you can not compare if that string are 30 days less the current date.
Is extremely complicated (not impossible, ok) to do that.

Use timeout on item added on address-list and is auto purged after specified time.
If you do that, you do not use internal storage, the list is not exported on backup, and is not keeped on reboot.

Else, add Unix Epoch when is not present on static addres-list,
and check every day/hour if the numeric Epoch are 30 day (× 24h × 60m × 60s) less than current Epoch.
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 3279
Joined: Sat Dec 24, 2016 11:17 am
Location: Magrathean

Re: Removing ip addresses in a list based on another

Wed Jul 20, 2022 8:47 am

You can not easily read the creation time "jul/19/2022 22:37:42" and compare with something.
This has been discussed for many many years. I did hope with v7.x that MikroTik would use a standard time format.
For example EPOCH time.

Here are some help to do that.
viewtopic.php?t=75555

Who is online

Users browsing this forum: aoravent, Ellaham and 25 guests