| 
									
										
										
										
											2020-09-18 11:00:27 +02:00
										 |  |  | #!rsc by RouterOS | 
					
						
							| 
									
										
										
										
											2023-03-07 10:57:42 +01:00
										 |  |  | # RouterOS script: daily-psk.capsman | 
					
						
							| 
									
										
										
										
											2024-01-01 15:25:25 +01:00
										 |  |  | # Copyright (c) 2013-2024 Christian Hesse <mail@eworm.de> | 
					
						
							| 
									
										
										
										
											2019-03-06 14:43:44 +01:00
										 |  |  | #                         Michael Gisbers <michael@gisbers.de> | 
					
						
							| 
									
										
										
										
											2020-06-19 22:17:42 +02:00
										 |  |  | # https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md | 
					
						
							| 
									
										
										
										
											2018-07-05 15:29:26 +02:00
										 |  |  | # | 
					
						
							| 
									
										
										
										
											2023-11-15 21:31:18 +01:00
										 |  |  | # requires RouterOS, version=7.12 | 
					
						
							|  |  |  | # | 
					
						
							| 
									
										
										
										
											2018-07-05 15:29:26 +02:00
										 |  |  | # update daily PSK (pre shared key) | 
					
						
							| 
									
										
										
										
											2020-03-27 21:44:36 +01:00
										 |  |  | # https://git.eworm.de/cgit/routeros-scripts/about/doc/daily-psk.md | 
					
						
							| 
									
										
										
										
											2019-04-03 22:51:15 +02:00
										 |  |  | # | 
					
						
							| 
									
										
										
										
											2023-03-07 10:57:42 +01:00
										 |  |  | # !! Do not edit this file, it is generated from template! | 
					
						
							| 
									
										
										
										
											2018-07-05 15:29:26 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-02-18 14:52:47 +01:00
										 |  |  | :global GlobalFunctionsReady; | 
					
						
							|  |  |  | :while ($GlobalFunctionsReady != true) do={ :delay 500ms; } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-03-04 13:48:00 +01:00
										 |  |  | :local Main do={ | 
					
						
							|  |  |  |   :local ScriptName [ :tostr $1 ]; | 
					
						
							| 
									
										
										
										
											2018-07-05 15:29:26 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-03-04 13:48:00 +01:00
										 |  |  |   :global DailyPskMatchComment; | 
					
						
							|  |  |  |   :global DailyPskQrCodeUrl; | 
					
						
							|  |  |  |   :global Identity; | 
					
						
							| 
									
										
										
										
											2018-10-10 21:47:33 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-03-04 13:48:00 +01:00
										 |  |  |   :global FormatLine; | 
					
						
							|  |  |  |   :global LogPrintExit2; | 
					
						
							|  |  |  |   :global ScriptLock; | 
					
						
							|  |  |  |   :global SendNotification2; | 
					
						
							|  |  |  |   :global SymbolForNotification; | 
					
						
							|  |  |  |   :global UrlEncode; | 
					
						
							|  |  |  |   :global WaitForFile; | 
					
						
							|  |  |  |   :global WaitFullyConnected; | 
					
						
							| 
									
										
										
										
											2018-10-10 21:47:33 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-03-05 16:12:36 +01:00
										 |  |  |   :if ([ $ScriptLock $ScriptName ] = false) do={ | 
					
						
							|  |  |  |     :return false; | 
					
						
							|  |  |  |   } | 
					
						
							| 
									
										
										
										
											2024-03-04 13:48:00 +01:00
										 |  |  |   $WaitFullyConnected; | 
					
						
							| 
									
										
										
										
											2018-10-10 20:45:00 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-03-04 13:48:00 +01:00
										 |  |  |   # return pseudo-random string for PSK | 
					
						
							|  |  |  |   :local GeneratePSK do={ | 
					
						
							|  |  |  |     :local Date [ :tostr $1 ]; | 
					
						
							| 
									
										
										
										
											2018-10-10 20:45:00 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-03-04 13:48:00 +01:00
										 |  |  |     :global DailyPskSecrets; | 
					
						
							| 
									
										
										
										
											2018-10-10 20:45:00 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-03-04 13:48:00 +01:00
										 |  |  |     :global ParseDate; | 
					
						
							| 
									
										
										
										
											2018-10-10 20:45:00 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-03-04 13:48:00 +01:00
										 |  |  |     :set Date [ $ParseDate $Date ]; | 
					
						
							| 
									
										
											  
											
												global: variable names are CamelCase
            ___  _         ___     __
           / _ )(_)__ _   / _/__ _/ /_
          / _  / / _ `/  / _/ _ `/ __/
         /____/_/\_, /  /_/ \_,_/\__/
 _       __     /___/       _             __
| |     / /___ __________  (_)___  ____ _/ /
| | /| / / __ `/ ___/ __ \/ / __ \/ __ `/ /
| |/ |/ / /_/ / /  / / / / / / / / /_/ /_/
|__/|__/\__,_/_/  /_/ /_/_/_/ /_/\__, (_)
                                /____/
RouterOS has some odd behavior when it comes to variable names. Let's
have a look at the interfaces:
[admin@MikroTik] > / interface print where name=en1
Flags: D - dynamic, X - disabled, R - running, S - slave
 #     NAME                                TYPE       ACTUAL-MTU L2MTU
 0  RS en1                                 ether            1500  1598
That looks ok. Now we use a script:
{ :local interface "en1";
  / interface print where name=$interface; }
And the result...
[admin@MikroTik] > { :local interface "en1";
{...   / interface print where name=$interface; }
Flags: D - dynamic, X - disabled, R - running, S - slave
 #     NAME                                TYPE       ACTUAL-MTU L2MTU
 0  RS en1                                 ether            1500  1598
... still looks ok.
We make a little modification to the script:
{ :local name "en1";
  / interface print where name=$name; }
And the result:
[admin@MikroTik] > { :local name "en1";
{...   / interface print where name=$name; }
Flags: D - dynamic, X - disabled, R - running, S - slave
 #     NAME                                TYPE       ACTUAL-MTU L2MTU
 0  RS en1                                 ether            1500  1598
 1   S en2                                 ether            1500  1598
 2   S en3                                 ether            1500  1598
 3   S en4                                 ether            1500  1598
 4   S en5                                 ether            1500  1598
 5  R  br-local                            bridge           1500  1598
Ups! The filter has no effect!
That happens whenever the variable name ($name) matches the property
name (name=).
And another modification:
{ :local type "en1";
  / interface print where name=$type; }
And the result:
[admin@MikroTik] > { :local type "en1";
{...   / interface print where name=$type; }
Flags: D - dynamic, X - disabled, R - running, S - slave
 #     NAME                                TYPE       ACTUAL-MTU L2MTU
Ups! Nothing?
Even if the variable name ($type) matches whatever property name (type=)
things go wrong.
The answer from MikroTik support (in Ticket#2019010222000454):
> This is how scripting works in RouterOS and we will not fix it.
To get around this we use variable names in CamelCase. Let's hope
Mikrotik never ever introduces property names in CamelCase...
*fingers crossed*
											
										 
											2019-01-03 17:45:43 +01:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-03-04 13:48:00 +01:00
										 |  |  |     :local A ((14 - ($Date->"month")) / 12); | 
					
						
							|  |  |  |     :local B (($Date->"year") - $A); | 
					
						
							|  |  |  |     :local C (($Date->"month") + 12 * $A - 2); | 
					
						
							|  |  |  |     :local WeekDay (7000 + ($Date->"day") + $B + ($B / 4) - ($B / 100) + ($B / 400) + ((31 * $C) / 12)); | 
					
						
							|  |  |  |     :set WeekDay ($WeekDay - (($WeekDay / 7) * 7)); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     :return (($DailyPskSecrets->0->(($Date->"day") - 1)) . \ | 
					
						
							|  |  |  |       ($DailyPskSecrets->1->(($Date->"month") - 1)) . \ | 
					
						
							|  |  |  |       ($DailyPskSecrets->2->$WeekDay)); | 
					
						
							|  |  |  |   } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   :local Seen ({}); | 
					
						
							|  |  |  |   :local Date [ /system/clock/get date ]; | 
					
						
							|  |  |  |   :local NewPsk [ $GeneratePSK $Date ]; | 
					
						
							| 
									
										
										
										
											2018-10-09 13:32:45 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2024-03-04 13:48:00 +01:00
										 |  |  |   :foreach AccList in=[ /caps-man/access-list/find where comment~$DailyPskMatchComment ] do={ | 
					
						
							|  |  |  |     :local SsidRegExp [ /caps-man/access-list/get $AccList ssid-regexp ]; | 
					
						
							|  |  |  |     :local Configuration ([ /caps-man/configuration/find where ssid~$SsidRegExp ]->0); | 
					
						
							|  |  |  |     :local Ssid [ /caps-man/configuration/get $Configuration ssid ]; | 
					
						
							|  |  |  |     :local OldPsk [ /caps-man/access-list/get $AccList private-passphrase ]; | 
					
						
							|  |  |  |     :local Skip 0; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     :if ($NewPsk != $OldPsk) do={ | 
					
						
							|  |  |  |       $LogPrintExit2 info $ScriptName ("Updating daily PSK for " . $Ssid . " to " . $NewPsk . " (was " . $OldPsk . ")") false; | 
					
						
							|  |  |  |       /caps-man/access-list/set $AccList private-passphrase=$NewPsk; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |       :if ([ :len [ /caps-man/actual-interface-configuration/find where configuration.ssid=$Ssid !disabled ] ] > 0) do={ | 
					
						
							|  |  |  |         :if ($Seen->$Ssid = 1) do={ | 
					
						
							|  |  |  |           $LogPrintExit2 debug $ScriptName ("Already sent a mail for SSID " . $Ssid . ", skipping.") false; | 
					
						
							|  |  |  |         } else={ | 
					
						
							|  |  |  |           :local Link ($DailyPskQrCodeUrl . \ | 
					
						
							|  |  |  |               "?scale=8&level=1&ssid=" . [ $UrlEncode $Ssid ] . "&pass=" . [ $UrlEncode $NewPsk ]); | 
					
						
							|  |  |  |           $SendNotification2 ({ origin=$ScriptName; \ | 
					
						
							|  |  |  |             subject=([ $SymbolForNotification "calendar" ] . "daily PSK " . $Ssid); \ | 
					
						
							|  |  |  |             message=("This is the daily PSK on " . $Identity . ":\n\n" . \ | 
					
						
							|  |  |  |               [ $FormatLine "SSID" $Ssid ] . "\n" . \ | 
					
						
							|  |  |  |               [ $FormatLine "PSK" $NewPsk ] . "\n" . \ | 
					
						
							|  |  |  |               [ $FormatLine "Date" $Date ] . "\n\n" . \ | 
					
						
							|  |  |  |               "A client device specific rule must not exist!"); link=$Link }); | 
					
						
							|  |  |  |           :set ($Seen->$Ssid) 1; | 
					
						
							|  |  |  |         } | 
					
						
							| 
									
										
										
										
											2018-10-10 21:47:33 +02:00
										 |  |  |       } | 
					
						
							|  |  |  |     } | 
					
						
							| 
									
										
										
										
											2018-07-05 15:29:26 +02:00
										 |  |  |   } | 
					
						
							|  |  |  | } | 
					
						
							| 
									
										
										
										
											2024-03-04 13:48:00 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | $Main [ :jobname ]; |