2025-01-20 09:57:22 +00:00
|
|
|
# -------------------------------------------------------------------------------
|
|
|
|
|
# Script to grab IPv6 Addresses from DNS an converting them to subnets
|
|
|
|
|
#
|
|
|
|
|
# by Philip 'ShokiNN' Henning <mail@philip-henning.com>
|
|
|
|
|
# RouterOS compatibility: 7+
|
|
|
|
|
# Version 1.0
|
|
|
|
|
# last update: 20.01.2025
|
|
|
|
|
# License: MIT
|
|
|
|
|
# -------------------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
# --- Define variables -----------------------------------------------------------------------------------------
|
|
|
|
|
# Enter all required variables and secrets here. -- All secrets are stored unencrypted!
|
|
|
|
|
## IPv6 address list (address list which will contain the resolved subnets)
|
|
|
|
|
## Data Type: String
|
|
|
|
|
## Example: "resolved_ipv6_subnets"
|
|
|
|
|
:local ipv6AddressList "";
|
|
|
|
|
|
|
|
|
|
## --- Comment prefix --------------------------------------------------------------------
|
|
|
|
|
# Comment Prefix
|
|
|
|
|
# If set, prefixes the comment for the address list
|
|
|
|
|
# Data Type: String
|
|
|
|
|
# Example: Access to service for
|
|
|
|
|
## ---------------------------------------------------------------------------------------
|
|
|
|
|
:local ipv6AddressListCommentPrefix "";
|
|
|
|
|
|
|
|
|
|
## --- Public domains to resolve --------------------------------------------------------------------
|
|
|
|
|
# Domain
|
|
|
|
|
# The Domain you want to resolve into an IPv6 subnet
|
|
|
|
|
# Data Type: String
|
|
|
|
|
# Example: "example.com";
|
|
|
|
|
|
|
|
|
|
# Subnet length
|
|
|
|
|
# The subnet length the resolved IP address should be reduced to
|
|
|
|
|
# Data Tupe: Integer
|
|
|
|
|
# Example: 64;
|
|
|
|
|
|
|
|
|
|
# Comment
|
|
|
|
|
# Comment for the Address list entry
|
|
|
|
|
# Data Type: String
|
|
|
|
|
# Example: "John Doe's public subnet";
|
|
|
|
|
## --------------------------------------------------------------------------------------------------
|
|
|
|
|
:local domainToIpv6Subnet {
|
|
|
|
|
{"example.com";64;"John Doe"}
|
|
|
|
|
};
|
|
|
|
|
# ---------------------------------------------------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
:local logPrefix "[DNS to IPv6 Subnet resolver]";
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Log "run of script"
|
|
|
|
|
:log info "$logPrefix running";
|
|
|
|
|
|
2025-01-20 11:13:57 +00:00
|
|
|
[/system/script/run "helperFunctions"; global safelyResolve];
|
2025-01-20 09:57:22 +00:00
|
|
|
:local index 0;
|
|
|
|
|
:foreach i in=$domainToIpv6Subnet do={
|
|
|
|
|
|
|
|
|
|
:local configDomain ("$($i->0)");
|
|
|
|
|
:local configSubnetLength ("$($i->1)");
|
|
|
|
|
:local configComment ("$ipv6AddressListCommentPrefix" . "$($i->2)");
|
|
|
|
|
:local dnsIp "";
|
|
|
|
|
:local startLogMsg "$logPrefix Start configuring domain:";
|
|
|
|
|
:local endLogMsg "$logPrefix Finished configuring domain:";
|
|
|
|
|
|
|
|
|
|
:log info "$startLogMsg $configDomain";
|
|
|
|
|
/ipv6/firewall/address-list/remove [/ipv6/firewall/address-list/find list="$ipv6AddressList" comment="$configComment"];
|
|
|
|
|
|
2025-01-20 11:13:57 +00:00
|
|
|
:set dnsIp [$safelyResolve $configDomain ipv6];
|
2025-01-20 09:57:22 +00:00
|
|
|
:if ($dnsIp != "") do={
|
|
|
|
|
/ipv6/firewall/address-list/add list="$ipv6AddressList" address="$dnsIp/$configSubnetLength" comment="$configComment";
|
|
|
|
|
:local addedSubnet [:pick [/ipv6/firewall/address-list/get [/ipv6/firewall/address-list/find list="$ipv6AddressList" comment="$configComment"]] 1];
|
2025-01-20 11:13:57 +00:00
|
|
|
:log info "$logPrefix domain: $configDomain - Set to: $addedSubnet";
|
2025-01-20 09:57:22 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
:log info "$endLogMsg $configDomain";
|
|
|
|
|
};
|
|
|
|
|
:set index;
|
|
|
|
|
|
|
|
|
|
:log info "$logPrefix finished";
|
