2020-09-18 11:00:27 +02:00
|
|
|
#!rsc by RouterOS
|
2018-07-10 14:01:41 +02:00
|
|
|
# RouterOS script: collect-wireless-mac.local
|
2021-01-01 21:33:52 +01:00
|
|
|
# Copyright (c) 2013-2021 Christian Hesse <mail@eworm.de>
|
2020-06-19 22:17:42 +02:00
|
|
|
# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
|
2018-07-05 15:29:26 +02:00
|
|
|
#
|
|
|
|
|
# collect wireless mac adresses in access list
|
2020-03-27 21:43:01 +01:00
|
|
|
# https://git.eworm.de/cgit/routeros-scripts/about/doc/collect-wireless-mac.md
|
2018-07-05 15:29:26 +02:00
|
|
|
#
|
2021-07-15 12:47:05 +02:00
|
|
|
# provides: lease-script, order=40
|
2021-06-23 00:53:19 +02:00
|
|
|
#
|
2018-07-09 16:44:44 +02:00
|
|
|
# !! Do not edit this file, it is generated from template!
|
2018-07-05 15:29:26 +02:00
|
|
|
|
2021-02-22 15:14:10 +01:00
|
|
|
:local 0 "collect-wireless-mac.local";
|
2021-02-18 14:52:47 +01:00
|
|
|
:global GlobalFunctionsReady;
|
|
|
|
|
:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
|
|
|
|
|
|
global: variable names are CamelCase
___ _ ___ __
/ _ )(_)__ _ / _/__ _/ /_
/ _ / / _ `/ / _/ _ `/ __/
/____/_/\_, / /_/ \_,_/\__/
_ __ /___/ _ __
| | / /___ __________ (_)___ ____ _/ /
| | /| / / __ `/ ___/ __ \/ / __ \/ __ `/ /
| |/ |/ / /_/ / / / / / / / / / / /_/ /_/
|__/|__/\__,_/_/ /_/ /_/_/_/ /_/\__, (_)
/____/
RouterOS has some odd behavior when it comes to variable names. Let's
have a look at the interfaces:
[admin@MikroTik] > / interface print where name=en1
Flags: D - dynamic, X - disabled, R - running, S - slave
# NAME TYPE ACTUAL-MTU L2MTU
0 RS en1 ether 1500 1598
That looks ok. Now we use a script:
{ :local interface "en1";
/ interface print where name=$interface; }
And the result...
[admin@MikroTik] > { :local interface "en1";
{... / interface print where name=$interface; }
Flags: D - dynamic, X - disabled, R - running, S - slave
# NAME TYPE ACTUAL-MTU L2MTU
0 RS en1 ether 1500 1598
... still looks ok.
We make a little modification to the script:
{ :local name "en1";
/ interface print where name=$name; }
And the result:
[admin@MikroTik] > { :local name "en1";
{... / interface print where name=$name; }
Flags: D - dynamic, X - disabled, R - running, S - slave
# NAME TYPE ACTUAL-MTU L2MTU
0 RS en1 ether 1500 1598
1 S en2 ether 1500 1598
2 S en3 ether 1500 1598
3 S en4 ether 1500 1598
4 S en5 ether 1500 1598
5 R br-local bridge 1500 1598
Ups! The filter has no effect!
That happens whenever the variable name ($name) matches the property
name (name=).
And another modification:
{ :local type "en1";
/ interface print where name=$type; }
And the result:
[admin@MikroTik] > { :local type "en1";
{... / interface print where name=$type; }
Flags: D - dynamic, X - disabled, R - running, S - slave
# NAME TYPE ACTUAL-MTU L2MTU
Ups! Nothing?
Even if the variable name ($type) matches whatever property name (type=)
things go wrong.
The answer from MikroTik support (in Ticket#2019010222000454):
> This is how scripting works in RouterOS and we will not fix it.
To get around this we use variable names in CamelCase. Let's hope
Mikrotik never ever introduces property names in CamelCase...
*fingers crossed*
2019-01-03 17:45:43 +01:00
|
|
|
:global Identity;
|
2018-07-05 15:29:26 +02:00
|
|
|
|
2021-07-06 22:37:49 +02:00
|
|
|
:global EitherOr;
|
2018-12-27 00:48:56 +01:00
|
|
|
:global GetMacVendor;
|
2021-02-22 15:14:10 +01:00
|
|
|
:global LogPrintExit2;
|
2019-02-21 18:37:19 +01:00
|
|
|
:global ScriptLock;
|
2021-04-27 20:33:05 +02:00
|
|
|
:global SendNotification2;
|
2020-09-18 13:11:33 +02:00
|
|
|
:global SymbolForNotification;
|
2019-02-21 18:37:19 +01:00
|
|
|
|
2021-06-28 00:07:59 +02:00
|
|
|
$ScriptLock $0 false 10;
|
2018-10-09 15:50:37 +02:00
|
|
|
|
2020-08-26 09:23:56 +02:00
|
|
|
:if ([ :len [ / interface wireless access-list find where comment="--- collected above ---" disabled ] ] = 0) do={
|
2020-01-17 10:36:03 +01:00
|
|
|
/ interface wireless access-list add comment="--- collected above ---" disabled=yes;
|
2021-02-22 15:14:10 +01:00
|
|
|
$LogPrintExit2 warning $0 ("Added disabled access-list entry with comment '--- collected above ---'.") false;
|
2018-07-05 15:29:26 +02:00
|
|
|
}
|
2021-01-03 20:33:32 +01:00
|
|
|
:local PlaceBefore ([ / interface wireless access-list find where comment="--- collected above ---" disabled ]->0);
|
2018-07-05 15:29:26 +02:00
|
|
|
|
2021-07-06 16:44:36 +02:00
|
|
|
:foreach Reg in=[ / interface wireless registration-table find ] do={
|
|
|
|
|
:local RegVal;
|
2021-07-01 09:56:34 +02:00
|
|
|
:do {
|
2021-07-06 16:44:36 +02:00
|
|
|
:set RegVal [ / interface wireless registration-table get $Reg ];
|
2021-07-01 09:56:34 +02:00
|
|
|
} on-error={
|
|
|
|
|
$LogPrintExit2 debug $0 ("Device already gone... Ignoring.") false;
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-11 22:21:47 +02:00
|
|
|
:if ([ :len ($RegVal->"mac-address") ] > 0) do={
|
|
|
|
|
:local AccessList ([ / interface wireless access-list find where mac-address=($RegVal->"mac-address") ]->0);
|
|
|
|
|
:if ([ :len $AccessList ] > 0) do={
|
|
|
|
|
$LogPrintExit2 debug $0 ("MAC address " . $RegVal->"mac-address" . " already known: " . \
|
|
|
|
|
[ / interface wireless access-list get $AccessList comment ]) false;
|
|
|
|
|
}
|
2021-07-01 09:56:34 +02:00
|
|
|
|
2021-07-11 22:21:47 +02:00
|
|
|
:if ([ :len $AccessList ] = 0) do={
|
|
|
|
|
:local Address "no dhcp lease";
|
|
|
|
|
:local DnsName "no dhcp lease";
|
|
|
|
|
:local HostName "no dhcp lease";
|
|
|
|
|
:local Lease ([ / ip dhcp-server lease find where mac-address=($RegVal->"mac-address") dynamic=yes status=bound ]->0);
|
|
|
|
|
:if ([ :len $Lease ] > 0) do={
|
|
|
|
|
:set Address [ / ip dhcp-server lease get $Lease address ];
|
|
|
|
|
:set HostName [ $EitherOr [ / ip dhcp-server lease get $Lease host-name ] "no hostname" ];
|
|
|
|
|
:set DnsName "no dns name";
|
|
|
|
|
:local DnsRec ([ / ip dns static find where address=$Address ]->0);
|
|
|
|
|
:if ([ :len $DnsRec ] > 0) do={
|
|
|
|
|
:set DnsName [ / ip dns static get $DnsRec name ];
|
|
|
|
|
}
|
2019-11-25 17:07:45 +01:00
|
|
|
}
|
2021-07-11 22:21:47 +02:00
|
|
|
:set ($RegVal->"ssid") [ / interface wireless get [ find where name=($RegVal->"interface") ] ssid ];
|
|
|
|
|
:local DateTime ([ / system clock get date ] . " " . [ / system clock get time ]);
|
|
|
|
|
:local Vendor [ $GetMacVendor ($RegVal->"mac-address") ];
|
|
|
|
|
:local Message ("MAC address " . $RegVal->"mac-address" . " (" . $Vendor . ", " . $HostName . ") " . \
|
|
|
|
|
"first seen on " . $DateTime . " connected to SSID " . $RegVal->"ssid" . ", interface " . $RegVal->"interface");
|
|
|
|
|
$LogPrintExit2 info $0 $Message false;
|
|
|
|
|
/ interface wireless access-list add place-before=$PlaceBefore comment=$Message mac-address=($RegVal->"mac-address") disabled=yes;
|
|
|
|
|
$SendNotification2 ({ origin=$0; \
|
|
|
|
|
subject=([ $SymbolForNotification "mobile-phone" ] . $RegVal->"mac-address" . " connected to " . $RegVal->"ssid"); \
|
|
|
|
|
message=("A device with unknown MAC address connected to " . $RegVal->"ssid" . " on " . $Identity . ".\n\n" . \
|
|
|
|
|
"Controller: " . $Identity . "\n" . \
|
|
|
|
|
"Interface: " . $RegVal->"interface" . "\n" . \
|
|
|
|
|
"SSID: " . $RegVal->"ssid" . "\n" . \
|
|
|
|
|
"MAC: " . $RegVal->"mac-address" . "\n" . \
|
|
|
|
|
"Vendor: " . $Vendor . "\n" . \
|
|
|
|
|
"Hostname: " . $HostName . "\n" . \
|
|
|
|
|
"Address: " . $Address . "\n" . \
|
|
|
|
|
"DNS name: " . $DnsName . "\n" . \
|
|
|
|
|
"Date: " . $DateTime) });
|
2018-07-05 15:29:26 +02:00
|
|
|
}
|
2021-07-11 22:21:47 +02:00
|
|
|
} else={
|
|
|
|
|
$LogPrintExit2 debug $0 ("No mac address available... Ignoring.") false;
|
2018-07-05 15:29:26 +02:00
|
|
|
}
|
|
|
|
|
}
|