Manual:Scripting-examples

From MikroTik Wiki
Revision as of 12:22, 15 April 2009 by Marisb (talk | contribs) (New page: <div class=manual> <h2>Scripting examples</h2> <p> This article contains some useful scripts and shows all available scripting features. Script examples used in this article were tested w...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Scripting examples

This article contains some useful scripts and shows all available scripting features. Script examples used in this article were tested with the latest 3.x version.

Strip netmask

This script is useful if you need ip address without netmask (for example to use it in firewall), but "/ip address get [id] address" returns ip address and netmask.
Code: 


:global ipaddress 10.1.101.1/24

:for i from=( [:len $ipaddress] - 1) to=0 do={ 
	:if ( [:pick $ipaddress $i] = "/") do={ 
		:put [:pick $ipaddress 0 $i]
	} 
}

Use string as function

Code: 

:global printA [:parse ":local A; :put \$A;" ];   
$printA

Check bandwidth and add limitations

This script checks if download on interface is more than 512kbps, if true then queue is added to limit speed to 256kbps.
Code: 

:foreach i in=[/interface find] do={
    /interface monitor-traffic $i once do={
        :if ($"received-bits-per-second" > 0 ) do={
            :local tmpIP [/ip address get [/ip address find interface=$i] address] ;
#            :log warning $tmpIP ;
            :for j from=( [:len $tmpIP] - 1) to=0 do={
                :if ( [:pick $tmpIP $j] = "/") do={
                    /queue simple add name=$i max-limit=256000/256000 dst-address=[:pick $tmpIP 0 $j] ;
                } 
            }
        }
    }
}


Block access to specific websites

This script is useful if you want to block certain web sites but you don't want to use web proxy.
This example looks entries "rapidshare" and "youtube" in dns cache and adds IPs to address list named "restricted".
Before you begin, you must set up router to catch all dns requests: 

/ip firewall nat
add action=redirect chain=dstnat comment=DNS dst-port=53 protocol=tcp to-ports=53
add action=redirect chain=dstnat dst-port=53 protocol=udp to-ports=53

and add firewall 

/ip firewall filter
add chain=forward dst-address-list=restricted action=drop

Code: 

:foreach i in=[/ip dns cache find] do={
    :local bNew "true";
    :local cacheName [/ip dns cache all get $i name] ;
#    :put $cacheName;

    :if (([:find $cacheName "rapidshare"] != 0) || ([:find $cacheName "youtube"] != 0)) do={

        :local tmpAddress [/ip dns cache get $i address] ;
#	:put $tmpAddress;

# if address list is empty do not check
        :if ( [/ip firewall address-list find ] = "") do={
            :log info ("added entry: $[/ip dns cache get $i name] IP $tmpAddress");
            /ip firewall address-list add address=$tmpAddress list=restricted disabled=no;
        } else={
            :foreach j in=[/ip firewall address-list find ] do={
                :if ( [/ip firewall address-list get $j address] = $tmpAddress ) do={
                    :set bNew "false";
                }
            }
            :if ( $bNew = "true" ) do={
                :log info ("added entry: $[/ip dns cache get $i name] IP $tmpAddress");
                /ip firewall address-list add address=$tmpAddress list=restricted disabled=no
            }
        }
    }
}

Parse file to add ppp secrets

This script requires that entries inside the file is in following format:
username,password,local_address,remote_address,profile,service
For example: 

janis,123,1.1.1.1,2.2.2.1,ppp_profile,myService
juris,456,1.1.1.1,2.2.2.2,ppp_profile,myService
aija,678,1.1.1.1,2.2.2.3,ppp_profile,myService

Code: 


:global content [/file get [/file find name=test.txt] contents] ;
:global contentLen [ :len $content ] ;

:global lineEnd 0;
:global line "";
:global lastEnd 0;


:do {
       :set lineEnd [:find $content "\r\n" $lastEnd ] ;
       :set line [:pick $content $lastEnd $lineEnd] ;
       :set lastEnd ( $lineEnd + 2 ) ;

       :local tmpArray [:toarray $line] ;
	:if ( [:pick $tmpArray 0] != "" ) do={
	:put $tmpArray;
         /ppp secret add name=[:pick $tmpArray 0] password=[:pick $tmpArray 1] local-address=[:pick $tmpArray 2] remote-address=[:pick $tmpArray 3] profile=[:pick $tmpArray 4] service=[:pick $tmpArray 5];
}
} while ($lineEnd < $contentLen)

Detect new log entry

This script is checking if new log entry is added to particular buffer.
In this example we will use pppoe logs: 

/system logging action
add name="pppoe"
/system logging
add action=pppoe topics=pppoe,info,!ppp,!debug

Log buffer will look similar to this one: 

[admin@mainGW] > /log print buffer=pppoe 
13:11:08 pppoe,info PPPoE connection established from 00:0C:42:04:4C:EE

Now we can write a script to detect if new entry is added.
Code: 

:global lastTime;

:global currentBuf [ :toarray [ /log find buffer=pppoe  ] ] ;
:global currentLineCount [ :len $currentBuf ] ;
:global currentTime [ :totime [/log get [ :pick $currentBuf ($currentLineCount -1) ] time   ] ];

:global message "";

:if ( $lastTime = "" ) do={ 
	:set lastTime $currentTime ; 
	:set message [/log get [ :pick $currentBuf ($currentLineCount-1) ] message];

} else={
	:if ( $lastTime < $currentTime ) do={ 
		:set lastTime $currentTime ; 
		:set message [/log get [ :pick $currentBuf ($currentLineCount-1) ] message];
	}
}

After new entry is detected, it is saved in "message" variable, which you can use later to parse log message, for example, to get pppoe clients mac address.


Auto upgrade script

Auto_upgrade_script_V3.x

Retrieved from "https://wiki.mikrotik.com/index.php?title=Manual:Scripting-examples&oldid=12050"