I have three bridges configured:
- LAN Bridge
- WAN Primary Bridge
- WAN Secondary Bridge
I then have two address lists configured:
- "LAN Address" - contains any IP addresses configured on LAN Bridge
- "WAN Address" - contains any IP addresses configured on either WAN Primary Bridge, or WAN Secondary Bridge
Each bridge interface can have zero or more IP addresses. I have two scripts, each running every 5 minutes, which should check for any IP address changes (adds, removals or changes) and updates the address lists accordingly.
The LAN Bridge script works well - it'll detect an addition/removal, and will delete the entire address list & re-add it. If it detects a change, it'll add a new record to the address list (I haven't yet got round to updating the address list record). Below is the script:
Code: Select all
:global LANIPs;
:local NewLANIPs;
:log info ".................................................................."
:set NewLANIPs "$[/ip address find interface="LAN Bridge"]"
:if ($LANIPs != $NewLANIPs) do={
:log info "Not equal. Updating LANIPs";
:set LANIPs $NewLANIPs;
/ip firewall address-list remove [find list="LAN Address"]
}
:foreach i in=$NewLANIPs do={
/ip firewall address-list add list="LAN Address" address=[/ip address get $i address] comment="Dynamic Add from Script"
}
The WAN script however, isn't behaving as I'd hoped. If I create two IP addresses, one for WAN Primary Bridge, and one for WAN Secondary Bridge, and then run the script, the address list gets populated as expected. If I modify the WAN Secondary Bridge IP address (the last IP address created), the script does add a new address list record. However, if I modify anything other than the last IP address created (on either bridge interface), the script doesn't update anything. Below is the script:
Code: Select all
:global WANIP;
:local NewWANIPs;
:set NewWANIPs "$[/ip address find interface~"^(WAN).*(Bridge)"]"
:if ($WANIP != $NewWANIPs) do={
:log info "Not equal. Updating WANIPs";
:set WANIP $NewWANIPs;
/ip firewall address-list remove [find list="WAN Address"]
}
:foreach i in=$NewWANIPs do={
/ip firewall address-list add list="WAN Address" address=[/ip address get $i address] comment="Dynamic Add from Script"
}
I'm out of ideas, any help would be really appreciated!