Merge branch 'ipv6-update'

This commit is contained in:
Christian Hesse 2020-12-18 15:32:51 +01:00
commit be75772256
6 changed files with 34 additions and 7 deletions

View file

@ -40,6 +40,15 @@ firewall rules, comment has to be "`ipv6-pool-`" and actual pool name:
/ ipv6 firewall address-list add address=2003:cf:2f0f:de00::/56 comment=ipv6-pool-isp list=extern;
As this entry is mandatory it is created automatically if it does not exist,
with the comment also set for list.
Address list entries for specific interfaces can be updated as well. The
interface needs to get its address from pool `isp` and the address list entry
has to be associated to an interface in comment:
/ ipv6 firewall address-list add address=2003:cf:2f0f:de01::/64 comment="ipv6-pool-isp, interface=br-local" list=local;
Static DNS records need a special comment to be updated. Again it has to
start with "`ipv6-pool-`" and actual pool name, followed by a comma,
"`interface=`" and the name of interface this address is connected to:

View file

@ -8,7 +8,7 @@
# Make sure all configuration properties are up to date and this
# value is in sync with value in script 'global-functions'!
:global GlobalConfigVersion 38;
:global GlobalConfigVersion 39;
# This is used for DNS and backup file.
:global Domain "example.com";

View file

@ -9,7 +9,7 @@
# Make sure all configuration properties are up to date and this
# value is in sync with value in script 'global-functions'!
# Comment or remove to disable change notifications.
:global GlobalConfigVersion 38;
:global GlobalConfigVersion 39;
# Copy configuration from global-config here and modify it.

View file

@ -47,4 +47,5 @@ $CertificateAvailable "R3";
36="Added support for installing updates automatically if seen in neighbor list.";
37="Implemented simple dependency model in 'netwatch-notify'.";
38="Imported new Let's Encrypt intermediate certificate 'R3'.";
39="Added support for interface specific address list entries in 'ipv6-update'.";
};

View file

@ -8,7 +8,7 @@
# https://git.eworm.de/cgit/routeros-scripts/about/
# expected configuration version
:global ExpectedConfigVersion 38;
:global ExpectedConfigVersion 39;
# global variables not to be changed by user
:global GlobalFunctionsReady false;

View file

@ -17,15 +17,32 @@
:local Pool [ / ipv6 pool get [ find where prefix=$PdPrefix ] name ];
:local AddrList [ / ipv6 firewall address-list find where comment=("ipv6-pool-" . $Pool) ];
:if ([ :len $AddrList ] = 0) do={
:log info ("Missing ipv6 address list entry for ipv6-pool-" . $Pool . ", adding.");
/ ipv6 firewall address-list add list=("ipv6-pool-" . $Pool) address=:: comment=("ipv6-pool-" . $Pool);
:set AddrList [ / ipv6 firewall address-list find where comment=("ipv6-pool-" . $Pool) ];
}
:local OldPrefix [ / ipv6 firewall address-list get $AddrList address ];
# give the interfaces a moment to receive their addresses
:delay 2s;
if ($OldPrefix != $PdPrefix) do={
:if ($OldPrefix != $PdPrefix) do={
:log info ("Updating IPv6 address list with new IPv6 prefix " . $PdPrefix);
/ ipv6 firewall address-list set address=$PdPrefix $AddrList;
# give the interfaces a moment to receive their addresses
:delay 2s;
:foreach ListEntry in=[ / ipv6 firewall address-list find where comment~("^ipv6-pool-" . $Pool . ",") ] do={
:local ListEntryVal [ / ipv6 firewall address-list get $ListEntry ];
:local Comment [ $ParseKeyValueStore ($ListEntryVal->"comment") ];
:local Address [ / ipv6 address find where from-pool=$Pool interface=($Comment->"interface") ];
:if ([ :len $Address ] = 1) do={
:set Address [ / ipv6 address get $Address address ];
:log info ("Updating IPv6 address list with new IPv6 prefix " . $Address . " from interface " . ($Comment->"interface"));
/ ipv6 firewall address-list set address=$Address $ListEntry;
}
}
:foreach Record in=[ / ip dns static find where comment~("^ipv6-pool-" . $Pool . ",") ] do={
:local RecordVal [ / ip dns static get $Record ];
:local Comment [ $ParseKeyValueStore ($RecordVal->"comment") ];