├── FTP_Backup_Template.rsc ├── README.md ├── RouterOS_All_Software_Download.rsc ├── RouterOS_Array_Append.rsc ├── RouterOS_Auto_Firmware_Upgrade.rsc ├── RouterOS_Auto_Software_Upgrade.rsc ├── RouterOS_Cloud_Backup.rsc ├── RouterOS_Config_Check.rsc ├── RouterOS_Config_Fetch.rsc ├── RouterOS_Create_Directory.rsc ├── RouterOS_Dual_WAN_Failover.rsc ├── RouterOS_Enable_Console.rsc ├── RouterOS_Eth_Errors_Handling.rsc ├── RouterOS_FTP_Backup.rsc ├── RouterOS_File_Logging.rsc ├── RouterOS_File_Screening.rsc ├── RouterOS_Format_Drive.rsc ├── RouterOS_Function_Template.rsc ├── RouterOS_LCD_Change.rsc ├── RouterOS_Load_Script.rsc ├── RouterOS_Log_Filtering.rsc ├── RouterOS_Log_To_Alert.rsc ├── RouterOS_Low_Disk_Space.rsc ├── RouterOS_Mail_Backup.rsc ├── RouterOS_Measure_Execution_Time.rsc ├── RouterOS_Modulo.rsc ├── RouterOS_PPP_Disconnect_Active_Sessions.rsc ├── RouterOS_PortKnock.rsc ├── RouterOS_RB750GR3_DUDE_Setup.rsc ├── RouterOS_R_ARP.rsc ├── RouterOS_Radius_Monitor.rsc ├── RouterOS_Recreate_Bridge.rsc ├── RouterOS_Renew_License.rsc ├── RouterOS_Reset_Interface.rsc ├── RouterOS_Script_Fetch.rsc ├── RouterOS_String_Generator.rsc ├── RouterOS_Substring_Variable.rsc ├── RouterOS_System_Status.rsc └── RouterOS_User_Alert.rsc /FTP_Backup_Template.rsc: -------------------------------------------------------------------------------- 1 | /system scheduler 2 | add interval=10h name=backup on-event="system backup save name=today.backup" \ 3 | policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \ 4 | start-date=jan/01/1970 start-time=08:00:00 5 | add interval=10h name=config_backup on-event="export file=config.rsc" policy=\ 6 | ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \ 7 | start-date=jan/01/1970 start-time=08:00:00 8 | /system backup save name=today.backup 9 | /export file=config.rsc 10 | /user group 11 | add name=ftp policy="ftp,read,sensitive,!local,!telnet,!ssh,!reboot,!write,!policy,!test,!winbox,!password,!web,!sniff,!api,!romon,!dude" 12 | /user 13 | add address=0.0.0.0/0 comment="FTP backup" disabled=no group=ftp name="ftp" 14 | /user 15 | set [find name="ftp"] password="password" -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ## RouterOS_Useful_Scripts 2 | > MikroTik RouterOS Scripts for various use and shared among different projects. Repository contains ready to use scripts as well functions ready to use in larger projects. 3 | **Check also another repository with scripts related strictly to MikroTik CAPsMAN automation :link: [CAPsMAN Automation Scripts](https://github.com/gbudny93/MikroTik_CAPsMAN_Automation).** 4 | **Here you can find script template that I use :link: [RouterOS_Script_Template](https://gist.github.com/gbudny93/8ad0899576407e5efe9323febb368796).** 5 | 6 | ![](https://img.shields.io/badge/scripting-routeros-important.svg) 7 | ![](https://img.shields.io/badge/mikrotik-routerBOARD-yellow) 8 | ![](https://img.shields.io/badge/network-automation-informational) 9 | 10 | #### Change log 11 | - 7/3/2020 12 | - RouterOS_All_Software_Download.rsc - typos fix 13 | - RouterOS_Array_Append.rsc 14 | 15 | - 4/19/2020 16 | - RouterOS_All_Software_Download.rsc 17 | - RouterOS_Dual_WAN_Failover.rsc 18 | 19 | - 23/3/2020 20 | - RouterOS_Config_Fetch.rsc 21 | - RouterOS_Measure_Execution_Time.rsc 22 | - RouterOS_RB750GR3_DUDE_Setup.rsc 23 | 24 | - 15/2/2020 25 | - RouterOS_Cloud_Backup.rsc 26 | - RouterOS_FTP_Backup.rsc 27 | - RouterOS_Function_Template.rsc 28 | - RouterOS_PPP_Disconnect_Active_Sessions.rsc 29 | - RouterOS_Recreate_Bridge.rsc 30 | 31 | - 12/4/2019 32 | - RouterOS_RadiusMonitor.rsc 33 | - RouterOS_User_Alerts.rsc 34 | 35 | - 12/4/2019 36 | - RouterOS_Auto_Firmware_Upgrade.rsc 37 | - RouterOS_Port_Knock.rsc 38 | 39 | - 11/24/2019 40 | - RouterOS_R_ARP.rsc 41 | - RouterOS_Format_Drive.rsc 42 | - RouterOS_Substring_Variable.rsc 43 | - RouterOS_System_Status.rsc 44 | 45 | - 10/14/2019 46 | - RouterOS_Mail_Backup.rsc 47 | - RouterOS_Cloud_Backup.rsc 48 | - RouterOS_File_Screening.rsc 49 | - RouterOS_Renew_License.rsc 50 | - RouterOS_Script_Fetch.rsc - Update 51 | - RouterOS_Auto_Upgrade.rsc - Update/Clean ups 52 | 53 | - 10/1/2019 54 | - RouterOS_Auto_Upgrade.rsc 55 | - Fixed missing auto check for updates to get variables values at first 56 | 57 | - 8/21/2019 58 | - RouterOS_Script_Fetch.rsc 59 | - Fetches script from git to RouterOS directory 60 | 61 | - 8/14/2019 62 | - RouterOS_Auto_Upgrade.rsc 63 | - Upgrades RouterOS if new package found when run 64 | 65 | - 8/3/2019 66 | - RouterOS_String_Generator.rsc 67 | - Generates 6 char string based on dictionary 68 | - RouterOS_Reset_Interface.rsc 69 | - Resets interface if particular IP does not respond 70 | 71 | - 7/29/2019 72 | - RouterOS_Modulo.rsc 73 | - Modulo operation 74 | - RouterOS_Load_Script.rsc 75 | - Loads RouterOS script to environment. If file is missing adds log entry 76 | 77 | - 7/19/2019 78 | - FTP_Backup_Template.rsc 79 | - Schedules generation of *.backup* and *.rsc* file on RouterOS. Create FTP user dedicated for automatic backups. More on automatic RouterOS 80 | backups can be found under dedicated project: :link: [Backup_mt by gbudny93](https://github.com/gbudny93/Backup_mt) 81 | - RouterOS_Auto_Upgrade.rsc 82 | - in progress 83 | - RouterOS_Create_Directory.rsc 84 | - Creates directory with specific name in RouterOS 85 | - RouterOS_Log_Filtering.rsc 86 | - Filters logs based on specified criteria: time or message and put in desired output 87 | - RouterOS_Log_To_Alert.rsc 88 | - Sends an email alert based on log message match 89 | - RouterOS_Send_Email.rsc 90 | - Sends email via SMTP server with common email parameters as function parameters 91 | - RouterOS_File_Logging.rsc 92 | - Adds log entry if file was added or removed 93 | - RouterOS_LCD_Change.rsc (Applies only to physical devices with LCD) 94 | - Changes LCD mode from dark to light and vice versa based on schedule set up 95 | - RouterOS_Low_Disk_Space.rsc 96 | - Sends email alert if disk space is under specified treshhold 97 | - RouterOS_File_Screening.rsc 98 | - in progress 99 | - RouterOS_Eth_Errors_Handling.rsc 100 | - in progress 101 | - RouterOS_Config_Check.rsc 102 | - in progress 103 | 104 | - 6/14/2019 first release 105 | - FTP_Backup_Template.rsc 106 | - Schedules generation of *.backup* and *.rsc* file on RouterOS. Create FTP user dedicated for automatic backups. More on automatic RouterOS 107 | backups can be found under dedicated project: :link: [Backup_mt by gbudny93](https://github.com/gbudny93/Backup_mt) 108 | - RouterOS_Auto_Upgrade.rsc 109 | - in progress 110 | - RouterOS_Create_Directory.rsc 111 | - Function that creates directory with specific name in RouterOS 112 | - RouterOS_Log_Filtering.rsc 113 | - in progress 114 | - RouterOS_Log_To_Alert.rsc 115 | - in progress 116 | - RouterOS_Send_Email.rsc 117 | - Fucntion sending email via SMTP server with common email parameters as function parameters 118 | 119 | ### Prerequisites 120 | 121 | - :white_check_mark: RouterOS v6.40 or higher 122 | - :white_check_mark: MikroTik CRS or CCR with LCD for RouterOS_LCD_Change.rsc 123 | 124 | ### How to use 125 | > Use the following scripts to make your RouterOS management easier or use them in various larger scripts or projects 126 | :+1: 127 | 128 | #### FTP_Backup_Template.rsc 129 | > This script creates two files via RouterOS scheduler as well creates FTP user and group: 130 | - *.backup* file 131 | - *.rsc* file 132 | 133 | Script is a part of :link: [Backup_mt by gbudny93](https://github.com/gbudny93/Backup_mt) project. 134 | 135 | #### RouterOS_All_Software_Download.rsc 136 | > Automated download of all latest RouterOS standard packages. Tool recommended for CAPsMANs and DUDE servers 137 | 138 | ### RouterOS_Array_Append.rsc 139 | > Wrapper to append array elements 140 | 141 | #### RouterOS_Auto_Firmware_Upgrade.rsc 142 | > Checks if latest firmware is available. Installs it and sends email notification 143 | 144 | **Example** 145 | ``` 146 | $AutoFirmwareUpgrade smtpServer=smtpServer smtpPort=smtpPort domain=example.com \ 147 | recipient=recipient@example.com; 148 | ``` 149 | 150 | #### RouterOS_Auto_Software_Upgrade.rsc 151 | > Checks if latest package is available. Downloads it, installs and sends email notification 152 | 153 | **Example** 154 | ``` 155 | $PackageAutoDownload userName=userName password=password packagePath=path \ 156 | smtpServer=ipAddress smtpPort=poty domain=@example.com \ 157 | recipient=recipient@example.com; 158 | ``` 159 | 160 | #### RouterOS_Cloud_Backup.rsc 161 | > Creates new backup file and uploads it to MikroTik Cloud 162 | 163 | **Example** 164 | ``` 165 | $CloudBackup password=password; 166 | ``` 167 | 168 | #### RouterOS_Create_Directory.rsc 169 | > RouterOS function that creates directory with defined name in the system. Can be used just to create directory or be a part of larger project. 170 | 171 | **Example** 172 | ``` 173 | $CreateDirecotry userName=UserName password=Password directoryName=DirectoryName; 174 | ``` 175 | 176 | #### RouterOS_Dual_WAN_Failover.rsc 177 | > Simple setup for DUAL WAN failover. Main WAN must be commented as WAN1. Secondary WAN must be commented as WAN2 178 | 179 | #### RouterOS_Log_Filtering.rsc 180 | > RouterOS function for log messages filtering based on message or time match stored in chosen output. 181 | 182 | **Example** 183 | ``` 184 | $LogFilter; 185 | ``` 186 | 187 | #### RouterOS_Log_To_Alert.rsc 188 | > RouterOS function sending mail alert if log entry matches message criteria. 189 | 190 | **Example** 191 | ``` 192 | $LogToAlert message="message" fileName="fileName" smtpServer=smtpServer smtpPort=smtpPort domain="@example.com" \ 193 | recipient="recipient@example.com"; 194 | ``` 195 | 196 | #### RouterOS_Send_Email.rsc 197 | > RouterOS function to send email via SMTP server. Function contains all common email fields like *to*, *cc*, *subject*, *body* and more. Function can be called itself in RouterOS or by other script. 198 | 199 | **Example** 200 | ``` 201 | $SendEmail smtpServer=SMTPServer smtpPort=SMTPPort from=From to=To subject=Subject body=Body; 202 | ``` 203 | 204 | #### RouterOS_File_Logging.rsc 205 | > RouterOS function adding log entry if file was added or removed. 206 | 207 | **Example** 208 | ``` 209 | $FileToLog; 210 | ``` 211 | 212 | #### RouterOS_LCD_Change.rsc 213 | > RouterOS function changing LCD mode from dark to light and vice versa based on schedule setup. 214 | 215 | **Example** 216 | ``` 217 | $ChangeLcd lightModeStartTime="08:00:00" darkModeStartTime="17:00:00"; 218 | ``` 219 | 220 | #### RouterOS_Low_Disk_Space.rsc 221 | > RouterOS function generating mail alert if disk space is below defined treshhold. 222 | 223 | **Example** 224 | ``` 225 | $LowDiskSpace treshhold=free_disk_space_in_%; 226 | ``` 227 | 228 | #### RouterOS_Mail_Backup.rsc 229 | > Creates RouterOS backup and config file and sends them via email 230 | 231 | **Example** 232 | ``` 233 | $MailBackup configName=configName backupName=backupName smtpServer=smtpServer smtpPort=smtpPort domain=@example.com \ 234 | recipient=recipient@example.com; 235 | ``` 236 | 237 | #### RouterOS_File_Screening.rsc 238 | > Removes files by specific name or file extansion 239 | 240 | **Example** 241 | ``` 242 | $FileScreening keyWord=".txt"; 243 | ``` 244 | 245 | #### RouterOS_Format_Drive.rsc 246 | > Formats RouterOS additional drive 247 | 248 | **Example** 249 | ``` 250 | $FormatDrive drive=0 fileSystem=ext3 label=data; 251 | ``` 252 | 253 | #### RouterOS_Modulo.rsc 254 | >Modulo function. 255 | 256 | **Example** 257 | ``` 258 | $Modulo number=number_to_be_devided modulo=modulo_value; 259 | ``` 260 | 261 | #### RouterOS_Port_Knock.rsc 262 | > Port Knock from RouterOS 263 | 264 | **Example** 265 | ``` 266 | :global knockBase {"sourceIP1"="port23"; \ 267 | "sourceIP2"="port22" \ 268 | }; 269 | 270 | $PortKnock base=$knockBase destinationAddress=destinationIP; 271 | ``` 272 | 273 | #### RouterOS_R_ARP.rsc 274 | > ARP/RARP Function (shortange syntax) 275 | 276 | **Example** 277 | ``` 278 | $R_ARP mode=mode; 279 | ``` 280 | 281 | #### RouterOS_Radius_Monitor.rsc 282 | > Sends Radius statistics via email 283 | 284 | **Example** 285 | ``` 286 | $RadiusMonitor smtpServer=smtpServer smtpPort=smtpPort domain="@example.com" recipient="recipient@example.com"; 287 | ``` 288 | 289 | #### RouterOS_Renew_License.rsc 290 | > Renews RouterOS License 291 | 292 | **Example** 293 | ``` 294 | $RenewLicense account=account password=password level=level; 295 | ``` 296 | 297 | #### RouterOS_Load_Script.rsc 298 | > Loads function to RouterOS environment 299 | 300 | **Example** 301 | ``` 302 | $LoadScript scriptName=scriptName.rsc; 303 | ``` 304 | 305 | #### RouterOS_String_Generator.rsc 306 | > Generates 6 char string based on dictionary 307 | 308 | **Example** 309 | ``` 310 | $GenerateString; 311 | ``` 312 | 313 | #### RouterOS_Reset_Interface.rsc 314 | > Resets interface if particular IP does not respond 315 | 316 | **Example** 317 | ``` 318 | $ResetInterface ipAddress=ipAddress_To_Monitor interfaceName=interface_name; 319 | ``` 320 | 321 | #### RouterOS_Script_Fetch.rsc 322 | > Fetches script from git to RouterOS directory 323 | 324 | **Example** 325 | ``` 326 | $FetchScript url="https://example.repo.com" destinationPath="FolderName" destinationFileName="ScriptName" 327 | 328 | $FetchScript url="https://example.repo.com" destinationPath="FolderName" destinationFileName="ScriptName" isRun=true 329 | 330 | $FetchScript url="https://example.repo.com" destinationPath="FolderName" destinationFileName="ScriptName" isSchedule=true\ 331 | interval="24" taskName="TaskName" startTime="startup" 332 | ``` 333 | 334 | #### RouterOS_Substring_Variable.rsc 335 | > Substrings variable 336 | 337 | **Example** 338 | ``` 339 | $Substring findMode=true string="string" signA="A" signB "b"; 340 | ``` 341 | 342 | #### RouterOS_User_alert.rsc 343 | > After defined number of logon failure attempts in 1 hour sends email alert and blocks source IP on firewall 344 | 345 | **Example** 346 | ``` 347 | $UserAlert message="message" treshhold=3 fileName="fileName" smtpServer=smtpServer smtpPort=smtpPort domain="@example.com" \ 348 | recipient="recipient@example.com"; 349 | ``` 350 | 351 | #### RouterOS_FTP_Backup.rsc 352 | > Creates backup files and sends them via FTP to FTP server 353 | 354 | **Example** 355 | ``` 356 | $FTPBackup configName=configName backupName=backupName smtpServer=smtpServer smtpPort=smtpPort domain=@example.com \ 357 | recipient=recipient@example.com destPath=destPath ftpUser=user ftpPassword=password ftpServer=ftpserver; 358 | ``` 359 | 360 | #### RouterOS_Function_Template.rsc 361 | > Function template that I use 362 | 363 | #### RouterOS_PPP_Disconnect_Active_Sessions.rsc 364 | > Disconnects all PPP active sessions at once 365 | 366 | **Example** 367 | ``` 368 | $DisconnectPPPActveSessions; 369 | ``` 370 | 371 | #### RouterOS_Recreate_Bridge.rsc 372 | > Recreates bridge if broken or misconfigured 373 | 374 | #### More scripts comming soon :) 375 | 376 | ### Authors 377 | 378 | - Grzegorz Budny -------------------------------------------------------------------------------- /RouterOS_All_Software_Download.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Fucntion 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.1 4 | # Last update: 2020-07-03 10:07:02 5 | # Automated download of all latest RouterOS standard packages. 6 | # Tool recommended to CAPsMAN and DUDE servers 7 | 8 | :global AutoSoftwareDownload do={ 9 | 10 | /system package update check-for-updates; 11 | 12 | :local packageLatest [/system package update get latest-version]; 13 | 14 | :local packages {"mipsbe"; "smips"; "tile"; "powerpc"; "arm"; "x86"; "mmips"}; 15 | 16 | :foreach package in=$packages do={ 17 | 18 | /tool fetch http-method=get mode=https url=("https://download.mikrotik.com/routeros/".$packageLatest."/routeros-".("$package")."-".$packageLatest.".npk") dst-path=($destinationPath."/routeros-".("$package")."-".$packageLatest.".npk"); 19 | :log info ("...:::Downloading "."/routeros-".("$package")."-".$packageLatest.".npk"); 20 | 21 | } 22 | } 23 | 24 | #Example: 25 | #$AutoSoftwareDownload destinationPath=destination_path -------------------------------------------------------------------------------- /RouterOS_Array_Append.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Fucntion 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2020-04-19 19:02:12 5 | # Array append value wrapper 6 | 7 | :global ArrayAppend do={ 8 | 9 | :set ($array->([:len $array])) $value; 10 | 11 | } 12 | -------------------------------------------------------------------------------- /RouterOS_Auto_Firmware_Upgrade.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Fucntion 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # Checks if latest firmware is available. Installs it and sends email notification 6 | 7 | :global AutoFirmwareUpgrade do={ 8 | 9 | :local currentFirmware [system routerboard get current-firmware]; 10 | :local upgradeFirmware [system routerboard get upgrade-firmware]; 11 | :local systemName [/system identity get value-name=name]; 12 | 13 | :if ($currentFirmware != $upgradeFirmware) do={ 14 | 15 | :log info ("...:::New firmware version found. Upgrading from ".$currentFirmware." to ".$upgradeFirmware.":::..."); 16 | /system routerboard upgrade; 17 | 18 | :delay 2; 19 | 20 | /tool e-mail send server=$smtpServer port=$smtpPort from=($systemName.$domain) \ 21 | to=$recipient subject=("Update available on ".$systemName) \ 22 | body=($systemName." is upgrading to ".$upgradeFirmware.". \ 23 | \nfirmware version. System is rebooting."); 24 | 25 | :delay 2; 26 | 27 | /system reboot; 28 | 29 | } 30 | } 31 | 32 | $AutoFirmwareUpgrade smtpServer=smtpServer smtpPort=smtpPort domain=example.com \ 33 | recipient=recipient@example.com; 34 | -------------------------------------------------------------------------------- /RouterOS_Auto_Software_Upgrade.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Fucntion 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # Checks if latest package is available. Downloads it, installs and sends email notification 6 | 7 | :global PackageAutoDownload do={ 8 | 9 | /system package update check-for-updates; 10 | 11 | :local packageCurrent [/system package update get installed-version]; 12 | :local packageLatest [/system package update get latest-version]; 13 | :local packageName [/system package get value-name=name number=0]; 14 | :local systemName [/system identity get value-name=name]; 15 | 16 | :if ($packageCurrent != $packageLatest) do={ 17 | 18 | :log info ("...:::New package available - ".$packageLatest." Downloading:::..."); 19 | 20 | /system package update download; 21 | 22 | :log info ("...:::".$packageName." ".$packageLatest." downloaded:::..."); 23 | :delay 2; 24 | 25 | /tool e-mail send server=$smtpServer port=$smtpPort from=($systemName.$domain) \ 26 | to=$recipient subject=("Update available on ".$systemName) \ 27 | body=($systemName." downloaded latest package ".$packageLatest.". \ 28 | \nInstalling package. System is rebooting."); 29 | 30 | /system reboot; 31 | 32 | }\ 33 | else={ 34 | 35 | :log info ("...:::No updates found. ".$packageCurrent." is the latest version...:::"); 36 | 37 | /tool e-mail send server=$smtpServer port=$smtpPort from=($systemName.$domain) \ 38 | to=$recipient subject=("No update available on ".$systemName) \ 39 | body=($systemName." has installed the latest package ".$packageLatest); 40 | 41 | 42 | } 43 | } 44 | 45 | $PackageAutoDownload userName=userName password=password packagePath=path \ 46 | smtpServer=ipAddress smtpPort=poty domain=@example.com \ 47 | recipient=recipient@example.com; -------------------------------------------------------------------------------- /RouterOS_Cloud_Backup.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.2 4 | # Last update: 3/15/2020 5 | # Creates new backup file and uploads it to MikroTik Cloud 6 | 7 | :global CloudBackup do={ 8 | 9 | :local systemName [/system identity get value-name=name]; 10 | :local backupNumber [/system backup cloud print count-only]; 11 | 12 | :if ($backupNumber = 0) do={ 13 | 14 | :log info "...:::No Cloud Backup Present!:::..."; 15 | :log info "...:::Cloud backup process started:::..."; 16 | 17 | /system backup cloud upload-file action=create-and-upload name=$systemName password=$password; 18 | 19 | :log info "...:::Cloud Backup Created:::..."; 20 | 21 | } 22 | 23 | :if ($backupNumber > 0) do={ 24 | 25 | :log warning "...:::Cloud Backup Present!:::..."; 26 | :log info "...:::Cloud backup process started:::..."; 27 | 28 | :log warning "...:::Removing current slot!:::..."; 29 | /system backup cloud remove-file 0; 30 | :log warning "...:::Slot removed:::..."; 31 | 32 | :log info "...:::Cloud backup process started:::..."; 33 | /system backup cloud upload-file action=create-and-upload name=$systemName password=$password; 34 | 35 | :log info "...:::Cloud Backup Created:::..."; 36 | 37 | } 38 | } 39 | 40 | $CloudBackup password=password -------------------------------------------------------------------------------- /RouterOS_Config_Check.rsc: -------------------------------------------------------------------------------- 1 | #Basic config and security MT check with some basic statistics 2 | 3 | -------------------------------------------------------------------------------- /RouterOS_Config_Fetch.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 22/22/2020 5 | # Fetches RouterOS script (dedicated for initial config) adds scheduler entry to start it on startup 6 | 7 | :global FetchConfig do={ 8 | 9 | :log info "...:::Configuration fetch process started:::..."; 10 | 11 | :do { 12 | 13 | /tool fetch address=$repositoryIP user=$userName password=$password \ 14 | port=21 mode=ftp src-path=($sourcePath.$sourceFileName) dst-path=($destinationPath.$destinationFileName); 15 | 16 | } on-error={ 17 | 18 | :put "An error occured when dowloading configuration file!"; 19 | :log critical "...:::An error occured when dowloading configuration file!:::..."; 20 | 21 | }; 22 | 23 | :if($isRun)do={ 24 | 25 | :do { 26 | 27 | :log info "...:::Configuration import started:::..."; 28 | /import ($destinationPath.$destinationFileName); 29 | 30 | } on-error={ 31 | 32 | :put "An error occured during configuration import!"; 33 | :log critical "...:::An error occured during configuration import!:::..."; 34 | 35 | }; 36 | 37 | :delay 5; 38 | :log warning "...:::Import secessful. Rebooting device:::..."; 39 | /system reboot; 40 | 41 | }\ 42 | else={ 43 | 44 | :log info "...:::Configuring import on startup:::..."; 45 | 46 | :do { 47 | 48 | /system scheduler \ 49 | add interval=($interval.h) name=$taskName on-event=("system script run ".($destinationPath.$destinationFileName)) \ 50 | policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \ 51 | start-date=jan/01/1970 start-time=$startTime; 52 | 53 | } on-error={ 54 | 55 | :put "An error occured during import job schedule!"; 56 | :log critical "...:::An error occured during import job schedule!:::..."; 57 | 58 | } 59 | 60 | :log info "...:::Configuration job scheduled for next startup!:::..."; 61 | 62 | } 63 | } 64 | 65 | FetchConfig isRun=true; -------------------------------------------------------------------------------- /RouterOS_Create_Directory.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # Creates directory in RouterOS 6 | 7 | :global CreateDirecotry do={ 8 | 9 | :global userName; 10 | :global password; 11 | :global directoryName; 12 | :global tempFileName temp.rsc; 13 | 14 | /system identity export file=$tempFileName; 15 | /tool fetch address=127.0.0.1 src-path=$tempFileName user=$userName password=$password \ 16 | dst-path=($directoryName."/".$tempFileName) mode=ftp port=21; 17 | 18 | /file remove ($directoryName."/".$tempFileName); 19 | /file remove $tempFileName; 20 | 21 | :log info ("New directory created - ".$directoryName); 22 | 23 | } 24 | 25 | $CreateDirecotry userName=UserName password=Password directoryName=DirectoryName; 26 | 27 | 28 | -------------------------------------------------------------------------------- /RouterOS_Dual_WAN_Failover.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 4/19/2020 5 | # Simple setup for DUAL WAN failover. Main WAN must be commented as WAN1. Secondary WAN must be commented as WAN2 6 | 7 | :global DualWanFailover do={ 8 | 9 | 10 | /ip route add dst-address=8.8.8.8 gateway=[/ip route get value-name=gateway [find distance=1 dst-address=0.0.0.0/0]]; 11 | /ip route add dst-address=8.8.4.4 gateway=[/ip route get value-name=gateway [find distance=2 dst-address=0.0.0.0/0]]; 12 | 13 | /tool netwatch add host=8.8.8.8 interval=00:00:10 \ 14 | up-script="/ip route enable [find comment=WAN1 /ip firewall connection remove [find]" down-script="/ip route disable [find comment=WAN1 /ip firewall connection remove [find]"; 15 | 16 | /tool netwatch add host=8.8.4.4 interval=00:00:10 \ 17 | up-script="/ip route enable [find comment=WAN2 /ip firewall connection remove [find]" down-script="/ip route disable [find comment=WAN2 /ip firewall connection remove [find]"; 18 | 19 | } 20 | 21 | $DualWanFailover 22 | 23 | -------------------------------------------------------------------------------- /RouterOS_Enable_Console.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Enables Console port 4 | 5 | :global EnableConsole do={ 6 | 7 | /system console disable 0 8 | /port set serial0 baud-rate=19200 data-bits=8 parity=none stop-bits=1 9 | 10 | :log info "...:::Console Enabled. System needs to be rebooted:::..." 11 | 12 | #/port set serial0 baud-rate=auto 13 | 14 | } -------------------------------------------------------------------------------- /RouterOS_Eth_Errors_Handling.rsc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/gbudny93/RouterOS_Useful_Scripts/10050ae71d85d199179e7edbc1b87f4505349487/RouterOS_Eth_Errors_Handling.rsc -------------------------------------------------------------------------------- /RouterOS_FTP_Backup.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/14/2020 5 | # Makes device backup and configuration backup, sends files to FTP server 6 | 7 | :global FTPBackup do={ 8 | 9 | :local systemName [/system identity get value-name=name]; 10 | 11 | :log info "...:::FTP backup job started:::..."; 12 | 13 | /export file=$configName; 14 | /system backup save name=$backupName; 15 | 16 | /tool fetch src-path=$configName mode=ftp dst-path=$destPath \ 17 | user=$ftpUser password=$ftpPassword port=21 upload=yes \ 18 | address=$ftpServer; 19 | 20 | /tool fetch src-path=$backupName mode=ftp dst-path=$destPath \ 21 | user=$ftpUser password=$ftpPassword port=21 upload=yes \ 22 | address=$ftpServer; 23 | 24 | /tool e-mail send server=$smtpServer port=$smtpPort from=($systemName.$domain) \ 25 | to=$recipient subject=($systemName." FTP backup job completed") body=("FTP backup job completed to ".$ftpServer) \ 26 | 27 | :log info ("...:::Backup files sent to".$recipient.":::..."); 28 | } 29 | 30 | $FTPBackup configName=configName backupName=backupName smtpServer=smtpServer smtpPort=smtpPort domain=@example.com \ 31 | recipient=recipient@example.com destPath=destPath ftpUser=user ftpPassword=password ftpServer=ftpserver; -------------------------------------------------------------------------------- /RouterOS_File_Logging.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # Adds log entry if file is removed or added 6 | 7 | :global FileToLog do={ 8 | 9 | :local fileName "FilesCount.txt"; 10 | :local fileCountOld; 11 | :local fileCountCurrent; 12 | 13 | :if ([:len [/file find name=$fileName]] <= 0) do={ 14 | 15 | /file print file=$fileName; 16 | :delay 5; 17 | /file set $fileName contents=[/file print count-only]; 18 | 19 | }\ 20 | else={ 21 | 22 | :set $fileCountOld [/file get $fileName contents]; 23 | :set $fileCountCurrent [/file print count-only]; 24 | 25 | :if ($fileCountCurrent > $fileCountOld) do={ 26 | 27 | :log warning "File has been added"; 28 | /file set $fileName contents=$fileCountCurrent; 29 | 30 | } 31 | :if ($fileCountCurrent < $fileCountOld) do={ 32 | 33 | :log warning "File has been removed"; 34 | /file set $fileName contents=$fileCountCurrent; 35 | 36 | } 37 | 38 | } 39 | } 40 | 41 | $FileToLog; -------------------------------------------------------------------------------- /RouterOS_File_Screening.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # Removes files by specific name or file extansion 6 | 7 | :global FileScreening do={ 8 | 9 | :local systemName [/system identity get name]; 10 | :local filesNumber [/file print count-only]; 11 | 12 | :local fileName; 13 | 14 | :for i from=0 to=$filesNumber step=1 do= \ 15 | { 16 | 17 | :set fileName [/file get value-name=name number=$i]; 18 | 19 | :if ($fileName ~ $keyWord) do={ 20 | 21 | /file remove $fileName; 22 | 23 | :log warning ("...:::".$fileName." removed. Matched ".$keyWord.":::..."); 24 | :set fileName; 25 | 26 | } 27 | } 28 | } 29 | 30 | $FileScreening keyWord=".txt"; 31 | -------------------------------------------------------------------------------- /RouterOS_Format_Drive.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # Formats RouterOS additional drive 6 | 7 | :global FormatDrive do={ 8 | 9 | :local driveLabel [/disk get number=$drive label]; 10 | 11 | :log warning ("...:::Drive ".$drive." ".$driveLabel." will be formatted!"); 12 | 13 | /disk eject-drive $drive; 14 | /disk format-drive $drive file-system=$fileSystem label=$label; 15 | 16 | :log info ("...:::Drive ".$drive." has been formatted to ".$fileSystem." with label ".$label); 17 | 18 | } 19 | 20 | $FormatDrive drive=0 fileSystem=ext3 label=data; 21 | -------------------------------------------------------------------------------- /RouterOS_Function_Template.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function/Script 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # Description of this what script/function does 6 | 7 | # Function definition 8 | :global RouterOS_Function do={ 9 | 10 | # DEFINITIONS 11 | # Getters section 12 | # Global variables definition - split out defined and undefined variables during declaring 13 | :global globalDefinedVariable [/system identity get value-name=name]; 14 | :global globalDefinedVariable2 [/system identity get value-name=name]; 15 | 16 | :global globalUndefinedVariable; 17 | :global globalUndefinedVariable2; 18 | 19 | # Local variables definition - split out defined and undefined variables during declaring 20 | :local localDefinedVariable [/system identity get value-name=name]; 21 | :local localDefinedVariable2 [/system identity get value-name=name]; 22 | 23 | :local localUndefinedVariable; 24 | :local localUndefinedVariable2; 25 | 26 | # Setters section 27 | :set $globalUndefinedVariable [/system identity get value-name=name]; 28 | :set $localUndefinedVariable [:toarray $localUndefinedVariable]; 29 | 30 | # MAIN SCRIPT 31 | :log info ("This is my script with ".$localDefinedVariable2."\n"); 32 | /system reboot; 33 | 34 | } 35 | 36 | # Example 37 | RouterOS_Function functionParameter=parameterDefinition; -------------------------------------------------------------------------------- /RouterOS_LCD_Change.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # Changes LCD mode based on time schedule 6 | 7 | :global ChangeLcd do={ 8 | 9 | :local systemTime [/system clock get value-name=time]; 10 | :local lcdMode [/lcd get color-scheme]; 11 | 12 | :local lightModeStart $lightModeStartTime; 13 | :local darkModeStart $darkModeStartTime; 14 | 15 | :if ($systemTime = $lightModeStart && $lcdMode = "dark") do={ 16 | 17 | /lcd set color-scheme=light; 18 | /log info "..::Changed LCD mode to LIGHT::.." 19 | 20 | } 21 | :if ($systemTime = $darkModeStart && $lcdMode = "light") do={ 22 | 23 | /lcd set color-scheme=light; 24 | /log info "..::Changed LCD mode to DARK::.." 25 | 26 | } 27 | } 28 | 29 | $ChangeLcd lightModeStartTime="08:00:00" darkModeStartTime="17:00:00"; -------------------------------------------------------------------------------- /RouterOS_Load_Script.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # Loads function to RouterOS environment 6 | 7 | :global LoadScript do={ 8 | 9 | 10 | :if ([:len [/file find name=$scriptName]] <= 0) do={ 11 | 12 | :log info ($scriptName." not found, make sure file exists!"); 13 | 14 | } 15 | 16 | :if ([:len [/file find name=$scriptName]] > 0) do={ 17 | 18 | :log info ($scriptName." found. Executing!"); 19 | /system script run $scriptName; 20 | 21 | } 22 | 23 | } 24 | 25 | $LoadScript scriptName=scriptName.rsc; 26 | 27 | 28 | 29 | -------------------------------------------------------------------------------- /RouterOS_Log_Filtering.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Script 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # Filters logs to desired output for specified match 6 | 7 | :global LogFilter do={ 8 | 9 | :local message #message 10 | :local time #time 11 | :local topics #topic 12 | :local isFile false 13 | :local fileName #fileName 14 | :local isFilterByMessage true 15 | :local isFilterByTime false 16 | :local isFiltereByTopic false 17 | 18 | :if($isFile) do={ 19 | 20 | :if($isFilterByMessage) do={ 21 | 22 | :log print file=$fileName where message~$message 23 | 24 | } 25 | 26 | :if($isFilterByTime) do={ 27 | 28 | :log print file=$fileName where time~$time 29 | 30 | } 31 | 32 | :if($isFiltereByTopic) do={ 33 | 34 | :log print file=$fileName where topic~$topic 35 | 36 | } 37 | 38 | else={ 39 | 40 | :log print file=$fileName 41 | 42 | } 43 | 44 | } 45 | else={ 46 | 47 | :if($isFilterByMessage) do={ 48 | 49 | :log print where message~$message 50 | 51 | } 52 | 53 | :if($isFilterByTime) do={ 54 | 55 | :log print where time~$time 56 | 57 | } 58 | 59 | :if($isFiltereByTopic) do={ 60 | 61 | :log print where topic~$topic 62 | 63 | } 64 | 65 | else={ 66 | 67 | :log print 68 | 69 | } 70 | } 71 | } 72 | -------------------------------------------------------------------------------- /RouterOS_Log_To_Alert.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # Generates mail alarm based on log message match 6 | 7 | :global LogToAlert do={ 8 | 9 | :local logMessage $message; 10 | 11 | :local logFoundCount; 12 | :local logArray; 13 | :local alarmText; 14 | 15 | :local logCount [/log print count-only where message~$logMessage]; 16 | :local systemName [/system identity get value-name=name]; 17 | 18 | :if ($logCount > 0) do={ 19 | 20 | :set $logArray [/log find where message~$logMessage]; 21 | :toarray value=$logArray; 22 | :set logFoundCount [:len value=$logArray]; 23 | 24 | :log print file=$fileName where .id=($logArray->($logFoundCount-1)); 25 | 26 | :set alarmText [/log print where .id=($logArray->($logFoundCount-1))]; 27 | 28 | :log warning "$systemName triggered mail alarm"; 29 | 30 | /tool e-mail send server=$smtpServer port=$smtpPort from=($systemName.$domain) \ 31 | to=$recipient subject=($systemName." triggered an alarm!") body="Enclosed detected alarm log message" \ 32 | file=$fileName; 33 | } 34 | } 35 | 36 | $LogToAlert message="message" fileName="fileName" smtpServer=smtpServer smtpPort=smtpPort domain="@example.com" \ 37 | recipient="recipient@example.com"; -------------------------------------------------------------------------------- /RouterOS_Low_Disk_Space.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # Generates log alert when free disk space reach specified treshhold 6 | 7 | :global LowDiskSpace do={ 8 | 9 | :local alertSpace $treshhold; 10 | 11 | :local freeSpace [/system resource get free-hdd-space]; 12 | :local totalSpace [/system resource get total-hdd-space]; 13 | 14 | :local diskUsage (($freeSpace * 100)/$totalSpace); 15 | 16 | :if ($diskUsage < $treshhold) do={ 17 | 18 | /log warning ("Disk space reached ".$treshhold." % treshold. Free disk space is ".$diskUsage."%"); 19 | 20 | } 21 | } 22 | 23 | $LowDiskSpace treshhold=free_disk_space_in_%; -------------------------------------------------------------------------------- /RouterOS_Mail_Backup.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # Creates RouterOS backup and config file and sends them via email 6 | 7 | :global MailBackup do={ 8 | 9 | :local systemName [/system identity get name]; 10 | 11 | :log info "...:::Mail backup started:::..."; 12 | 13 | /export file=$configName; 14 | /system backup save name=$backupName; 15 | 16 | /tool e-mail send server=$smtpServer port=$smtpPort from=($systemName.$domain) \ 17 | to=$recipient subject=($systemName." mail config backup") body="Enclosed backup files" \ 18 | file=$configName; 19 | 20 | /tool e-mail send server=$smtpServer port=$smtpPort from=($systemName.$domain) \ 21 | to=$recipient subject=($systemName." mail backup") body="Enclosed backup files" \ 22 | file=$backupName; 23 | 24 | :log info ("...:::Backup files sent to".$recipient.":::..."); 25 | } 26 | 27 | $MailBackup configName=configName backupName=backupName smtpServer=smtpServer smtpPort=smtpPort domain=@example.com \ 28 | recipient=recipient@example.com; 29 | -------------------------------------------------------------------------------- /RouterOS_Measure_Execution_Time.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 3/22/2020 5 | # Measures script execution time 6 | 7 | :global MeasureExecutionTime do={ 8 | 9 | :local timeDifferance; 10 | :local startTime [/system clock get time]; 11 | 12 | /system script run $scriptName; 13 | 14 | :local endTime [/system clock get time] 15 | :set $timeDifferance ($endTime-$startTime); 16 | 17 | :if($return) do={ 18 | 19 | :return $timeDifferance; 20 | 21 | }\ 22 | else={ 23 | 24 | :put ("Script executed in : ".$timeDifferance); 25 | 26 | } 27 | 28 | :set $timeDifferance; 29 | 30 | } 31 | 32 | $MeasureExecutionTime scriptName=scriptName return=true; -------------------------------------------------------------------------------- /RouterOS_Modulo.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # Modulo function 6 | 7 | :global Modulo do={ 8 | 9 | :local truncated; 10 | :local reminder; 11 | 12 | :set $truncated ($number / $modulo); 13 | :set $reminder ($number - ($modulo * $truncated)); 14 | 15 | :return $reminder 16 | } 17 | 18 | $Modulo number=number_to_be_devided modulo=modulo_value; -------------------------------------------------------------------------------- /RouterOS_PPP_Disconnect_Active_Sessions.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 3/15/2020 5 | # Disconnects all active PPP sessions at once 6 | 7 | :global DisconnectActivePPPSesssions do={ 8 | 9 | :local pppSessions [/ppp active print count-only]; 10 | 11 | :for i from=0 to=$pppSessions step=1 do= \ 12 | { 13 | 14 | /ppp active remove numbers=$i; 15 | :log info ("...:::Removing PPP Sesion no ".$i.":::..."; 16 | 17 | } 18 | 19 | :log info ("...:::Removed PPP sessions: ".$pppSessions); 20 | 21 | } 22 | 23 | $DisconnectActivePPPSesssions; -------------------------------------------------------------------------------- /RouterOS_PortKnock.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # Port Knock from RouterOS 6 | 7 | :global PortKnock do={ 8 | 9 | 10 | :foreach sourceAddress, destinationPort in $base do={ 11 | 12 | :log info "...:::Port Knocking Sequance Started:::..."; 13 | :log warning ("Knocking to ".$destinationAddress." on port ".$destinationPort." from ".$sourceAddress); 14 | 15 | /system ssh src-address=$sourceAddress port=$destinationPort address=$destinationAddress; 16 | 17 | 18 | } 19 | 20 | :log info ("...:::Port Knocking Finished check access to ".$destinationAddress); 21 | 22 | } 23 | 24 | :global knockBase {"sourceIP1"="port23"; \ 25 | "sourceIP2"="port22" \ 26 | }; 27 | 28 | $PortKnock base=$knockBase destinationAddress=destinationIP; -------------------------------------------------------------------------------- /RouterOS_RB750GR3_DUDE_Setup.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 3/23/2020 5 | # DUDE Server initial setup on RB750GR3 with microSD or USB drive 6 | 7 | :global SetupDudeRB750GR3 do={ 8 | 9 | :local isDude [/system packages find name=dude]; 10 | 11 | :if ($isDude) do={ 12 | 13 | :log info "...:::Started DUDE Server Setup:::..."; 14 | :log warning "...:::Formatting drive:::..."; 15 | 16 | /disk eject-drive $driveNumber; 17 | 18 | :do { 19 | 20 | /disk format-drive $driveNumber file-system=ext3 label=$driveLabel; 21 | 22 | } on-error={ 23 | 24 | :log critical "...:::Formatting failed. Check your drive:::..."; 25 | 26 | } 27 | 28 | :log info "...:::Formatting finished:::..."; 29 | 30 | /dude set data-directory=$dudeDirectory; 31 | /dude set enabled=yes; 32 | 33 | }\ 34 | else={ 35 | 36 | :log critical "...:::Setup failed. Install DUDE package first:::..."; 37 | 38 | } 39 | } 40 | 41 | 42 | $SetupDudeRB750GR3 driveNumber=driveNumber driveLabel=driveLabel dudeDirectory=directoryName; -------------------------------------------------------------------------------- /RouterOS_R_ARP.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # ARP/RARP Function (shortange syntax) 6 | 7 | :global R_ARP do={ 8 | 9 | :if ($mode="ARP") do={ 10 | 11 | :return [/ip arp print where mac-address=$ip]; 12 | 13 | } 14 | 15 | :if ($mode="RARP") do={ 16 | 17 | :return [/ip arp print where mac-address=$mac]; 18 | 19 | } 20 | } 21 | 22 | $R_ARP mode=mode; 23 | -------------------------------------------------------------------------------- /RouterOS_Radius_Monitor.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # Sends Radius statistics via email 6 | 7 | :global RadiusMonitor do={ 8 | 9 | :local systemName [/system identity get value-name=name]; 10 | 11 | :local service [/radius get value-name=service number=0]; 12 | :local address [/radius get value-name=address number=0]; 13 | :local protocol [/radius get value-name=protocol number=0]; 14 | :local authPort [/radius get value-name=authentication-port number=0]; 15 | :local acccPort [/radius get value-name=accounting-port number=0]; 16 | :local timeout [/radius get value-name=timeout number=0]; 17 | :local srcAddress [/radius get value-name=src-address number=0]; 18 | 19 | :local radiusStatus [/radius monitor numbers=0 once as-value]; 20 | 21 | :set $radiusStatus [:tostr $radiusStatus;] 22 | 23 | :log info "...:::Generating status report and sending:::..."; 24 | 25 | /tool e-mail send server=$smtpServer port=$smtpPort from=($systemName.$domain) \ 26 | to=$recipient subject=($systemName." Radius Stats") \ 27 | body=($systemName." Radius Stats. \n\n" \ 28 | ."Service: ".$service."\n" \ 29 | ."Address: ".$address."\n" \ 30 | ."Protocol ".$protocol."\n" \ 31 | ."Auth Port: ".$authPort."\n" \ 32 | ."Acc Port: ".$acccPort."\n" \ 33 | ."Timeout: ".$timeout."\n" \ 34 | ."Src Address: ".$srcAddress."\n\n" \ 35 | ."Overall Stats: \n\n\n" \ 36 | .$radiusStatus); 37 | 38 | :log warning "...:::Resetting Radius Counters:::..."; 39 | 40 | /radius reset-counters 41 | 42 | } 43 | 44 | $RadiusMonitor smtpServer=smtpServer smtpPort=smtpPort domain="@example.com" recipient="recipient@example.com"; -------------------------------------------------------------------------------- /RouterOS_Recreate_Bridge.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/12/2020 5 | # Recreates issued bridge in running config 6 | 7 | 8 | :global RecreateBridge do={ 9 | 10 | /interface bridge remove $bridgeName; 11 | 12 | /interface bridge add name=$bridgeName mtu=auto actual-mtu=1500 l2mtu=1592 arp=enabled \ 13 | arp-timeout=auto protocol-mode=none \ 14 | fast-forward=yes igmp-snooping=no auto-mac=no \ 15 | ageing-time=5m vlan-filtering=yes ether-type=0x8100 pvid=1 \ 16 | frame-types=admit-all ingress-filtering=yes dhcp-snooping=yes \ 17 | add-dhcp-option82=yes; 18 | 19 | } 20 | -------------------------------------------------------------------------------- /RouterOS_Renew_License.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Script 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # Renews RouterOS License 6 | 7 | :global RenewLicense do={ 8 | 9 | :local currentLicenseLevel [/system license get value-name=level]; 10 | 11 | :if ($currentLicenseLevel = "free") do={ 12 | 13 | /system license renew account=$account password=$password level=$level; 14 | :log info ("Renewing license for ".$account." to ".$level); 15 | 16 | } 17 | } 18 | 19 | $RenewLicense account=account password=password level=level; -------------------------------------------------------------------------------- /RouterOS_Reset_Interface.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # Reset interface if particular IP does not respond 6 | 7 | :global ResetInterface do={ 8 | 9 | :if ([/ping $ipAddress interval=1 count=4] > 0) do={ 10 | 11 | :log info "...:::Interface healthcheck. Status OK:::..." 12 | 13 | }\ 14 | else={ 15 | 16 | :log error ("...:::Monitor detected ".$interfaceName." down. Resetting:::..."); 17 | /interface ethernet disable $interfaceName; 18 | :delay 3; 19 | /interface ethernet enable $interfaceName; 20 | 21 | } 22 | } 23 | 24 | $ResetInterface ipAddress=ipAddress_To_Monitor interfaceName=interface_name; -------------------------------------------------------------------------------- /RouterOS_Script_Fetch.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # Fetches RouterOS script from external https location and runs it or creates schedule task 6 | 7 | :global FetchScript do={ 8 | 9 | :foreach url,destinationFileName in=$urls do={ 10 | 11 | /tool fetch mode=https http-method=get url=$url dst-path=($destinationPath."/".$destinationFileName); 12 | :log info "...:::Scripts fetched:::..."; 13 | 14 | :if ($isRun) do={ 15 | 16 | /system script run ($destinationPath.$destinationFileName); 17 | :log info "...:::Script loaded to environment:::..."; 18 | 19 | } 20 | :if ($isSchedule) do={ 21 | 22 | /system scheduler \ 23 | add interval=($interval.h) name=$taskName on-event=("system script run ".($destinationPath."/".$destinationFileName)) \ 24 | policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \ 25 | start-date=jan/01/1970 start-time=$startTime; 26 | :log info "...:::Script joined to scheduler:::..."; 27 | 28 | } 29 | } 30 | } 31 | 32 | #Example 33 | :global urlsBase {"URL1"="script1"; \ 34 | "URL2"="script2" \ 35 | }; 36 | 37 | $FetchScript urls=$urlsBase destinationPath="destinationPath" destinationFileName=$urlsBase; -------------------------------------------------------------------------------- /RouterOS_String_Generator.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # Generates random string based on dictionary of six chars length 6 | 7 | :global GenerateString do={ 8 | 9 | :global generatedString; 10 | 11 | :local characters q,w,e,r,t,y,u,i,o,p,l,k,j,h,g,f,1,2,3,4,5,6,7,8,9,0,d,s,a,z,x,c,v,b,n,m,M,N,B,V,C,X,Z,A,S,D,F,G,H,J,K,L,P,O,I,U,Y,T,R,E,W,Q; 12 | 13 | :local hour [:pick [/system clock get time] 0 2]; 14 | :local minute [:pick [/system clock get time] 3 5]; 15 | :local second [:pick [/system clock get time] 6 8]; 16 | 17 | :if ((:pick $hour 0) = 0) do={ 18 | 19 | :set $hour [:pick $hour 1]; 20 | 21 | } 22 | :if ((:pick $minute 3) = 0) do={ 23 | 24 | :set $minute [:pick $minute 4]; 25 | 26 | } 27 | :if ((:pick $second 6) = 0) do={ 28 | 29 | :set $second [:pick $second 7]; 30 | 31 | }\ 32 | else={ 33 | 34 | :log warning "Something's wrong with system time. Check system time and NTP settings."; 35 | 36 | } 37 | 38 | :set $generatedString ($generatedString.([:pick $characters $hour].[:pick $characters $minute].[:pick $characters $second].\ 39 | [:pick $characters ($hour/2)].[:pick $characters ($minute/2)].[:pick $characters ($second/2)])); 40 | 41 | :log info "...:::Random string generated:::..." 42 | 43 | :return ($generatedString); 44 | 45 | } 46 | 47 | $GenerateString; -------------------------------------------------------------------------------- /RouterOS_Substring_Variable.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # Substrings variable 6 | 7 | :global Subtring do={ 8 | 9 | :global substring; 10 | 11 | :if ($findMode=true) do={ 12 | 13 | :set $substring [:pick $string [:find $string $signA] [:find $string $signB]]; 14 | :return $substring; 15 | 16 | }\ 17 | else={ 18 | 19 | :set $substring [:pick $string $signA $signB]; 20 | :return $substring; 21 | 22 | } 23 | } 24 | 25 | $Substring findMode=true string="string" signA="A" signB "b"; 26 | -------------------------------------------------------------------------------- /RouterOS_System_Status.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # Send system general status to email 6 | 7 | :global SystemStatus do={ 8 | 9 | :local systemName [/system identity get value-name=name]; 10 | :local uptime [/system resource get uptime]; 11 | :local FreeMemory [/system resource get free-memory]; 12 | :local TotalMemory [/system resource get total-memory]; 13 | :local cpu [/system resource get cpu]; 14 | :local cpuCount [/system resource get cpu-count]; 15 | :local cpuFrequency [/system resource get cpu-frequency]; 16 | :local cpuLoad [/system resource get cpu-load]; 17 | :local freeHdd [/system resource get free-hdd-space]; 18 | :local totalHdd [/system resource get total-hdd-space]; 19 | :local architectureName [/system resource get architecture-name]; 20 | :local license [/system license get level]; 21 | :local boardName [/system resource get board-name]; 22 | :local version [/system resource get version]; 23 | 24 | 25 | /tool e-mail send server=$smtpServer port=$smtpPort from=($systemName.$domain) \ 26 | to=$recipient subject=($systemName." status") \ 27 | body=($systemName." status: \n\n" \ 28 | ."Uptime: ".$uptime."\n" \ 29 | ."Free Memory: ".$FreeMemory." B \n" \ 30 | ."Total Memory: ".$TotalMemory." B \n" \ 31 | ."CPU ".$cpu."\n" \ 32 | ."CPU Count: ".$cpuCount."\n" \ 33 | ."CPU Frequency: ".$cpuFrequency."MHz\n" \ 34 | ."CPU Load: ".$cpuLoad." % \n" \ 35 | ."Free HDD Space: ".$freeHdd." B \n" \ 36 | ."Total HDD Space:".$totalHdd." B \n" \ 37 | ."Architecture: ".$achritecture." \n" \ 38 | ."License Level: ".$license." \n" \ 39 | ."Board Name: ".$boardName." \n" \ 40 | ."Version: ".$version); 41 | } 42 | 43 | $SystemStatus smtpServer=smtpServer smtpPort=smtpPort domain=domain recipient=recipient@example.com; -------------------------------------------------------------------------------- /RouterOS_User_Alert.rsc: -------------------------------------------------------------------------------- 1 | # RouterOS Function 2 | # Copyright (c) Grzegorz Budny 3 | # Version 1.0 4 | # Last update: 2/8/2020 5 | # After defined number of logon failure attempts in 1 hour sends email alert and blocks source IP on firewall 6 | 7 | :global UserAlert do={ 8 | 9 | :local logMessage $message; 10 | 11 | :local logFoundCount; 12 | :local logArray; 13 | :local alarmText; 14 | 15 | :local hour [:pick [/system clock get time] 0 2]; 16 | :local logCount [/log print count-only where message~$logMessage]; 17 | :local systemName [/system identity get value-name=name]; 18 | 19 | :if ($logCount > $treshhold) do={ 20 | 21 | :set $logArray [/log find where message~$logMessage time~$hour]; 22 | :toarray value=$logArray; 23 | :set logFoundCount [:len value=$logArray]; 24 | 25 | :log print file=$fileName where .id=($logArray->($logFoundCount-1)); 26 | 27 | :set alarmText [/log print where .id=($logArray->($logFoundCount-1))]; 28 | 29 | :log warning "$systemName triggered an alarm"; 30 | 31 | /tool e-mail send server=$smtpServer port=$smtpPort from=($systemName.$domain) \ 32 | to=$recipient subject=($systemName." triggered an alarm!") body="Enclosed detected alarm log message" \ 33 | file=$fileName; 34 | } 35 | } 36 | 37 | $UserAlert message="message" treshhold=3 fileName="fileName" smtpServer=smtpServer smtpPort=smtpPort domain="@example.com" \ 38 | recipient="recipient@example.com"; --------------------------------------------------------------------------------