mirror.MikroTik/eworm.routeros-scripts
1
0
Fork 0
mirror of https://git.eworm.de/cgit/routeros-scripts synced 2025-07-31 16:24:25 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

update-tunnelbroker: drop extra detection, use response from update

Browse source 
Why hammer on another service? The tunnelbroker response contains the
address we need. So send the update every time, and use that
information.
This commit is contained in:
Christian Hesse 2022-10-09 23:15:06 +02:00
parent e7995fa06b
commit 493d534706
1 changed files with 25 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

59
update-tunnelbroker
View file

@ -17,48 +17,39 @@
:global LogPrintExit2; :global LogPrintExit2;
:global ParseKeyValueStore; :global ParseKeyValueStore;
:if ([ $CertificateAvailable "Starfield Secure Certificate Authority - G2" ] = false || \ :if ([ $CertificateAvailable "Starfield Secure Certificate Authority - G2" ] = false) do={
[ $CertificateAvailable "R3" ] = false) do={
$LogPrintExit2 error $0 ("Downloading required certificate failed.") true; $LogPrintExit2 error $0 ("Downloading required certificate failed.") true;
} }
:local PublicAddress;
:do {
:set PublicAddress ([ /tool/fetch check-certificate=yes-without-crl \
"https://ipv4.showipv6.de/short" output=user as-value ]->"data");
} on-error={
$LogPrintExit2 error $0 ("Failed getting public address.") true;
}
:if ([ :len [ /ip/address find where address~("^" . $PublicAddress . "/") ] ] < 1) do={
$LogPrintExit2 warning $0 ("The address " . $PublicAddress . " is not configured on your device. NAT by ISP?") false;
}
:foreach Interface in=[ /interface/6to4/find where comment~"^tunnelbroker" !disabled ] do={ :foreach Interface in=[ /interface/6to4/find where comment~"^tunnelbroker" !disabled ] do={
:local I 0;
:local Response "";
:local InterfaceVal [ /interface/6to4/get $Interface ]; :local InterfaceVal [ /interface/6to4/get $Interface ];
:local Comment [ $ParseKeyValueStore ($InterfaceVal->"comment") ];
:while ($I < 3 && $Response = "") do={
:do {
:set Response ([ /tool/fetch check-certificate=yes-without-crl \
("https://ipv4.tunnelbroker.net/nic/update\?hostname=" . $Comment->"id") \
user=($Comment->"user") password=($Comment->"pass") output=user as-value ]->"data");
} on-error={
:delay 10s;
:set I ($I + 1);
}
}
:if (!($Response~"^(good|nochg) ")) do={
$LogPrintExit2 error $0 ("Failed sending the local address to tunnelbroker or unexpected response!") true;
}
:local PublicAddress [ :pick $Response ([ :find $Response " " ] + 1) [ :find $Response "\n" ] ];
:if ($PublicAddress != $InterfaceVal->"local-address") do={ :if ($PublicAddress != $InterfaceVal->"local-address") do={
:local I 0; :if ([ :len [ /ip/address find where address~("^" . $PublicAddress . "/") ] ] < 1) do={
:local Success false; $LogPrintExit2 warning $0 ("The address " . $PublicAddress . " is not configured on your device. NAT by ISP?") false;
:local Comment [ $ParseKeyValueStore ($InterfaceVal->"comment") ]; }
$LogPrintExit2 info $0 ("Local address changed, sending UPDATE to tunnelbroker! New address: " . $PublicAddress) false; $LogPrintExit2 info $0 ("Local address changed, updating tunnel configuration with address: " . $PublicAddress) false;
:while ($I < 3 && $Success = false) do={
:do {
/tool/fetch check-certificate=yes-without-crl \
("https://ipv4.tunnelbroker.net/nic/update\?hostname=" . $Comment->"id") \
user=($Comment->"user") password=($Comment->"pass") output=none as-value;
:set Success true;
} on-error={
:delay 10s;
:set I ($I + 1);
}
}
:if ($Success = false) do={
$LogPrintExit2 error $0 ("Failed sending the local address to tunnelbroker! Wrong credentials?") true;
}
/interface/6to4/set $Interface local-address=$PublicAddress; /interface/6to4/set $Interface local-address=$PublicAddress;
} else={
$LogPrintExit2 debug $0 ("All tunnelbroker configuration is up to date for interface " . $InterfaceVal->"name" . ".") false;
} }
} }