elicro ревизий этого фрагмента . К ревизии
1 file changed, 5 insertions, 1 deletion
add-vpn-mangle.rsc
| @@ -10,10 +10,14 @@ | |||
| 10 | 10 | ||
| 11 | 11 | :do { | |
| 12 | 12 | :local vpnAcceptExists [:len [/ip/firewall/mangle/find where action="accept" and chain="prerouting" and dst-address-list="VPN" ]] | |
| 13 | - | :if ($vpnAcceptExists =0) do={ | |
| 13 | + | :local vpnAcceptDisabled [:len [/ip/firewall/mangle/find where action="accept" and chain="prerouting" and dst-address-list="VPN" and disabled=yes ]] | |
| 14 | + | :if ($vpnAcceptExists = 0 ) do={ | |
| 14 | 15 | /ip firewall mangle print | |
| 15 | 16 | /ip firewall mangle add action=accept chain=prerouting dst-address-list=VPN place-before=0 | |
| 16 | 17 | } | |
| 18 | + | :if ($vpnAcceptDisabled > 0) do={ | |
| 19 | + | /ip firewall mangle set [find where action=accept and chain=prerouting and dst-address-list=VPN ] disabled=no | |
| 20 | + | } | |
| 17 | 21 | } on-error={ | |
| 18 | 22 | :log warning "Errror creating VPN mangle rule" | |
| 19 | 23 | } | |
elicro ревизий этого фрагмента . К ревизии
1 file changed, 3 insertions, 2 deletions
add-vpn-mangle.rsc
| @@ -1,7 +1,8 @@ | |||
| 1 | 1 | :do { | |
| 2 | - | :local vpnAddressListExists [:len [/ip firewall address-list find where list="VPN" and address="192.168.99.0/24"]] | |
| 2 | + | :local vpnCidr "192.168.99.0/24" | |
| 3 | + | :local vpnAddressListExists [:len [/ip firewall address-list find where list="VPN" and address="$vpnCidr"]] | |
| 3 | 4 | :if ($vpnAddressListExists = 0) do={ | |
| 4 | - | /ip firewall address-list add address=192.168.99.0/24 disabled=no dynamic=no list=VPN | |
| 5 | + | /ip firewall address-list add address="$vpnCidr" disabled=no dynamic=no list=VPN | |
| 5 | 6 | } | |
| 6 | 7 | } on-error={ | |
| 7 | 8 | :log warning "Errror creating VPN address list" | |
elicro ревизий этого фрагмента . К ревизии
Без изменений
elicro ревизий этого фрагмента . К ревизии
1 file changed, 18 insertions
add-vpn-mangle.rsc(файл создан)
| @@ -0,0 +1,18 @@ | |||
| 1 | + | :do { | |
| 2 | + | :local vpnAddressListExists [:len [/ip firewall address-list find where list="VPN" and address="192.168.99.0/24"]] | |
| 3 | + | :if ($vpnAddressListExists = 0) do={ | |
| 4 | + | /ip firewall address-list add address=192.168.99.0/24 disabled=no dynamic=no list=VPN | |
| 5 | + | } | |
| 6 | + | } on-error={ | |
| 7 | + | :log warning "Errror creating VPN address list" | |
| 8 | + | } | |
| 9 | + | ||
| 10 | + | :do { | |
| 11 | + | :local vpnAcceptExists [:len [/ip/firewall/mangle/find where action="accept" and chain="prerouting" and dst-address-list="VPN" ]] | |
| 12 | + | :if ($vpnAcceptExists =0) do={ | |
| 13 | + | /ip firewall mangle print | |
| 14 | + | /ip firewall mangle add action=accept chain=prerouting dst-address-list=VPN place-before=0 | |
| 15 | + | } | |
| 16 | + | } on-error={ | |
| 17 | + | :log warning "Errror creating VPN mangle rule" | |
| 18 | + | } | |