2022-01-02 22:21:20 +01:00
|
|
|
#!rsc by RouterOS
|
|
|
|
|
# RouterOS script: netwatch-dns
|
|
|
|
|
# Copyright (c) 2022 Christian Hesse <mail@eworm.de>
|
|
|
|
|
# https://git.eworm.de/cgit/routeros-scripts/about/COPYING.md
|
|
|
|
|
#
|
|
|
|
|
# monitor and manage dns/doh with netwatch
|
|
|
|
|
# https://git.eworm.de/cgit/routeros-scripts/about/doc/netwatch-dns.md
|
|
|
|
|
|
|
|
|
|
:local 0 "netwatch-dns";
|
|
|
|
|
:global GlobalFunctionsReady;
|
|
|
|
|
:while ($GlobalFunctionsReady != true) do={ :delay 500ms; }
|
|
|
|
|
|
|
|
|
|
:global EitherOr;
|
|
|
|
|
:global LogPrintExit2;
|
|
|
|
|
:global ParseKeyValueStore;
|
|
|
|
|
:global ScriptLock;
|
|
|
|
|
|
|
|
|
|
$ScriptLock $0;
|
|
|
|
|
|
2022-05-10 15:11:33 +02:00
|
|
|
:if ([ /system/resource/get uptime ] < 5m) do={
|
2022-01-02 22:21:20 +01:00
|
|
|
$LogPrintExit2 info $0 ("System just booted, giving netwatch some time to settle.") true;
|
|
|
|
|
}
|
|
|
|
|
|
2022-07-13 11:35:18 +02:00
|
|
|
:local DnsServers ({});
|
|
|
|
|
:local DnsFallback ({});
|
2022-05-10 15:11:33 +02:00
|
|
|
:local DnsCurrent [ /ip/dns/get servers ];
|
2022-01-02 22:21:20 +01:00
|
|
|
|
2022-07-11 10:31:45 +02:00
|
|
|
:foreach Host in=[ /tool/netwatch/find where comment~"dns" !disabled ] do={
|
2022-05-10 15:11:33 +02:00
|
|
|
:local HostVal [ /tool/netwatch/get $Host ];
|
2022-01-02 22:21:20 +01:00
|
|
|
:local HostInfo [ $ParseKeyValueStore ($HostVal->"comment") ];
|
|
|
|
|
|
|
|
|
|
:if ($HostVal->"status" = "up" && $HostInfo->"disabled" != true) do={
|
|
|
|
|
:if ($HostInfo->"dns" = true) do={
|
|
|
|
|
:set DnsServers ($DnsServers, $HostVal->"host");
|
|
|
|
|
}
|
|
|
|
|
:if ($HostInfo->"dns-fallback" = true) do={
|
|
|
|
|
:set DnsFallback ($DnsFallback, $HostVal->"host");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
:if ([ :len $DnsServers ] > 0) do={
|
|
|
|
|
:if ($DnsServers != $DnsCurrent) do={
|
|
|
|
|
$LogPrintExit2 info $0 ("Updating DNS servers: " . [ :tostr $DnsServers ]) false;
|
2022-05-10 15:11:33 +02:00
|
|
|
/ip/dns/set servers=$DnsServers;
|
|
|
|
|
/ip/dns/cache/flush;
|
2022-01-02 22:21:20 +01:00
|
|
|
}
|
|
|
|
|
} else={
|
|
|
|
|
:if ([ :len $DnsFallback ] > 0) do={
|
|
|
|
|
:if ($DnsFallback != $DnsCurrent) do={
|
2022-07-06 11:36:16 +02:00
|
|
|
$LogPrintExit2 info $0 ("Updating DNS servers to fallback: " . \
|
|
|
|
|
[ :tostr $DnsFallback ]) false;
|
2022-05-10 15:11:33 +02:00
|
|
|
/ip/dns/set servers=$DnsFallback;
|
|
|
|
|
/ip/dns/cache/flush;
|
2022-01-02 22:21:20 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
:local DohServer "";
|
2022-05-10 15:11:33 +02:00
|
|
|
:local DohCurrent [ /ip/dns/get use-doh-server ];
|
2022-01-02 22:21:20 +01:00
|
|
|
|
2022-07-11 10:31:45 +02:00
|
|
|
:foreach Host in=[ /tool/netwatch/find where comment~"doh" !disabled ] do={
|
2022-05-10 15:11:33 +02:00
|
|
|
:local HostVal [ /tool/netwatch/get $Host ];
|
2022-01-02 22:21:20 +01:00
|
|
|
:local HostInfo [ $ParseKeyValueStore ($HostVal->"comment") ];
|
|
|
|
|
|
2022-07-06 11:36:16 +02:00
|
|
|
:if ($HostVal->"status" = "up" && $HostInfo->"doh" = true && \
|
|
|
|
|
$HostInfo->"disabled" != true && $DohServer = "") do={
|
|
|
|
|
:set DohServer [ $EitherOr ($HostInfo->"doh-url") \
|
|
|
|
|
("https://" . $HostVal->"host" . "/dns-query") ];
|
2022-01-02 22:21:20 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
:if ($DohServer != "") do={
|
|
|
|
|
:if ($DohServer != $DohCurrent) do={
|
|
|
|
|
$LogPrintExit2 info $0 ("Updating DoH server: " . $DohServer) false;
|
2022-05-10 15:11:33 +02:00
|
|
|
/ip/dns/set use-doh-server=$DohServer;
|
|
|
|
|
/ip/dns/cache/flush;
|
2022-01-02 22:21:20 +01:00
|
|
|
}
|
|
|
|
|
} else={
|
|
|
|
|
:if ($DohCurrent != "") do={
|
|
|
|
|
$LogPrintExit2 info $0 ("DoH server (" . $DohCurrent . ") is down, disabling.") false;
|
2022-05-10 15:11:33 +02:00
|
|
|
/ip/dns/set use-doh-server="";
|
|
|
|
|
/ip/dns/cache/flush;
|
2022-01-02 22:21:20 +01:00
|
|
|
}
|
|
|
|
|
}
|
