RouterOS.Script (Basic 02-02)

...

# RB.QoSChange% (xRB): ------------------------------------------ [ x Rate+Bytes ]

# Name: RB.QoSChange% (xRB)

# comment="Rx: ( Rb.QoSChange% (xRate y Bytes) )";

# Limite para /queue tree max-limit=(4294M)

# -----------------------------------------------

# Función agrega caracteres (Izq/Der) hasta len: (Var, Donde, Char, Long)

:local AddCToLen do={:if ([len $1]<$4) do={:for r from=[len $1] to=($4-1) do={:if ($2=”Izq.”) do={:set $1 ($3.$1)} else={:set $1 ($1.$3)}}}; :return ($1)};

# -----------------------------------------------

# Función IP.Test: (IP,PacketSend,PacketLossLimit,AvgLimit,PacketSize,Proceso)

:local TestConn do={:local PLoss ($3+1); :local AvgRTT ($4+1); :local MaxRTT; :local PRecibidos; :local PEnviados; :local LogMsg; :local DisabledIP (false); :if ([/ip firewall address-list find (address=$1 and list=”A-ICMPWANSRC.List”)]="") do={/ip firewall address-list add address=$1 list=“A-ICMPWANSRC.List“ comment=”T+: (TemporalIP x ICMP)” timeout=1m disable=no;} else={:if ([/ip firewall address-list get value-name=disabled [find (address=$1 and list=”A-ICMPWANSRC.List”)]]) do={/ip firewall address-list enable [/ip firewall address-list find (address=$1 and list=”A-ICMPWANSRC.List”)]; :set DisabledIP (true);}}; delay 10ms; /tool flood-ping $1 count=$2 size=$5 do={:if ($sent=$2) do={:set AvgRTT ($”avg-rtt”); :set MaxRTT ($”max-rtt”); :set PEnviados $sent; :set PRecibidos $received;}}; :if ($DisabledIP) do={/ip firewall address-list disable [/ip firewall address-list find (address=$1)];}; :set PLoss (100-(($PRecibidos*100)/$PEnviados)); :set LogMsg ("[ $6 – ping ( $1 – $5 b ) ]: latencia media ( $([:tostr $AvgRTT])ms ) – latencia maxima: ( $([:tostr $MaxRTT])ms ) – paquetes perdidos: ( $([:tostr $PLoss])% )"); :if ($PLoss<=$3 and $AvgRTT<=$4) do={:log info message=($LogMsg); :return (“OK”)} else={:log error message=($LogMsg); :return (“KO”)}};

# Nota: Asegurarse que IP este en address-list.

# ------------------------------------------------------

:local MinLimitAt 512;              # (no usado) Minimo limit-at para (QT.Bytes=0)

:local MinRate 256;                         # (no usado) Minimo rate para (QT.Rate=0)

:local PLimitAt 75;                                        # % limit-at (75%) de max-limit

:local PWAN 25;                       # % WAN.max-limit (25%) de LANs.max-limit

:local ABMTLAN1 100;                          # AB.Max de Dw (en Mbps) x RB.LAN1

:local ABMTLAN2 75;                            # AB.Max de Dw (en Mbps) x RB.LAN2

:local ABMTLAN3 0;                              # AB.Max de Dw (en Mbps) x RB.LAN3

:local ABMTWAN1 ((($ABMTLAN1+$ABMTLAN2+$ABMTLAN3)*$PWAN)/100); # AB.Max de Up x RBX.WAN1

# ------------------------------------------------------

:local AuxSMPacket;

:local AuxSQTEtherA;

:local AuxSQTEtherD;

:local PCalc;

:local Comment;

:local BytesAEtherX;

:local BytesDEtherX;

:local RateAEtherX;

:local RateDEtherX;

:local MPacket “”;                                                                           # M.packet

:local MPBytes 0;                                                            # M.bytes del paquete

:local LimitAt 0;

:local MaxLimit 0;

# ------------------------------------------------------

/queue tree disable [/queue tree find];                        # All Queue.Tree disabled

/ip firewall mangle disable [/ip firewall mangle find];   # All Mangle.Rule disabled

# ------------------------------- [QoS.Mangle-Stat: (SMPacket, TMPBytes)]

:global SMPacket “”;                                             # Str, M.packet”=”bytes”*”

:local TMPBytes 0;                                     # Sumatoria (M.bytes) x all paquetes

:foreach x in=[/ip firewall mangle find (action=mark-packet)] do={:set MPBytes ([/ip firewall mangle get $x bytes]); :set TMPBytes ($TMPBytes+$MPBytes); :set MPacket ([/ip firewall mangle get $x new-packet-mark]); :if ([/queue tree find (packet-mark=$MPacket)]!=””) do={:set SMPacket ($SMPacket.$MPacket.”=”.$MPBytes.”*”);} else={:log error message=(”[QoS.Error (MangleRule inexistente en QT): $MPacket]”);}};

# ------------------------------- [Mangle-Rule.SetComment%]

:set AuxSMPacket ($SMPacket); :while ([len $AuxSMPacket]>0) do={:set MPacket ([pick $AuxSMPacket 0 ([find $AuxSMPacket ”=”])]); :set MPBytes ([pick $AuxSMPacket ([find $AuxSMPacket ”=”]+1) ([find $AuxSMPacket ”*”])]); :set Comment ([/ip firewall mangle get value-name=comment [find new-packet-mark=$MPacket]]); :set PCalc (([:tonum $MPBytes]*100)/[:tonum $TMPBytes]); :if (([len $Comment]-[find $Comment “::”])<145) do={/ip firewall mangle set [find new-packet-mark=$MPacket] comment=($Comment.([$AddCToLen ([:tostr $PCalc]) "Izq." "0" 2])."%");} else={/ip firewall mangle set [find new-packet-mark=$MPacket] comment=(([:pick $Comment 0 ([:find $Comment “::”]+3)]).([$AddCToLen ([:tostr $PCalc]) "Izq." "0" 2])."%");}; :set AuxSMPacket ([pick $AuxSMPacket ([find $AuxSMPacket ”*”]+1) [len $AuxSMPacket]]);};

# Nota: (145=48hs scheduler.1h).

# ------------------------------------------------------ [QoS.QT-Stat]

:global SQTPacket “”;    # Str, QT.packet (ID”=”bytes” ”ID”=”bytes“ ”…)”*”

# Nota: Los SQTEtherX, guardan totales por interfaces (RB.Act y RB.Disp).

:set AuxSMPacket ($SMPacket); :while ([len $AuxSMPacket]>0) do={:set MPacket ([pick $AuxSMPacket 0 ([find $AuxSMPacket ”=”])]); :set SQTPacket ($SQTPacket.$MPacket.” (“); :foreach y in=[/queue tree find (packet-mark=$MPacket)] do={:set SQTPacket ($SQTPacket.([/queue tree get $y name]).”=“.([/queue tree get $y bytes]).”+“.([/queue tree get $y rate]).” “);}; :set SQTPacket ($SQTPacket.”)*“); :set AuxSMPacket ([pick $AuxSMPacket ([find $AuxSMPacket ”*”]+1) [len $AuxSMPacket]]);};

# ------------------------------------------------------ [QoS.QT-ChangeStat]

:global SQTEtherA “”;        # Str, {QT.name: ID[0-6].Abu}”=”bytes”+”rate”*”

:global SQTEtherD (“010000=$($ABMTWAN1*1000000)+0*020000=$($ABMTLAN1*1000000)+0*030000=$($ABMTLAN2*1000000)+0*040000=$($ABMTLAN3*1000000)+0*”); # AB.Disp (xEtherX.Ordenada).: Str, {QT.name: ID[0-6].Abu}”=”bytes”+”rate”*”

:foreach y in=[/queue tree find (name~”0000”)] do={:set SQTEtherA ($SQTEtherA.([pick ([/queue tree get $y name]) 0 6]).”=“.([/queue tree get $y bytes]).”+“.([/queue tree get $y rate]).”*”);};

# ------------------------------------------------------ [QoS.Email-Stat]

:if (([len $SQTPacket]+[len $SMPacket]+29)<=4000) do={:if ([len [/file find name=”qtstat.txt”]]=0)  do={/file print file=”qtstat.txt”; :delay 2s; /file set [find name=”qtstat.txt”] contents="";}; :if (([/file get [/file find name=”qtstat.txt”] value-name=size]+[len $SQTPacket]+[len $SMPacket]+29)>4000) do={

# ----------------------------------------------- [Test.Connection]

:if ([$TestConn "8.8.8.8" 10 30 100 64 ”RB.QoS-Stat”]=”OK”) do={

# ----------------------------------------------- [Test.Connection]

:local Subjet (([/user get [find name=user(x)] comment]).([pick ([/system scrip get [find name=”RB.QoSChange% (xRB)”] comment]) 4 ([len ([/system scrip get [find name=”RB.QoSChange% (xRB)”] comment])])])); /tool e-mail send to="xxx@gmail.com" subject=$Subjet body=“System       : ($[/system identity get name]) \r\nFecha        : ($[/system clock get date]) \r\nHora         : ($[/system clock get time]) \r\nModelo       : ($[/system resource get board-name])” file=qtstat.txt; :delay 5s;}; /file set [find name=”qtstat.txt”] contents="";}; /file set ”qtstat.txt” contents=([/file get ”qtstat.txt” contents].”SMPacket:\r\n$SMPacket\r\n\r\nSQTPacket:\r\n$SQTPacket\r\n\r\n”);} else={:log error message=(”[QoS.Error (Registro>4k, imposible enviar en un solo email)]”);};

# ------------------------------------------------------ [QoS.Modific-Stat]

:set AuxSQTEtherA ($SQTEtherA); :set AuxSQTEtherD ($SQTEtherD); :foreach y in=[/queue tree find] do={:if (!([/queue tree get $y name]~”0000”)) do={:set Comment ([/queue tree get $y comment]); :set PCalc (([/queue tree get $y bytes]*100)/[:tonum $BytesAEtherX]); :set MaxLimit ([tonum (($PCalc*$BytesDEtherX)/100)]); :set LimitAt ([tonum (($MaxLimit*$PLimitAt)/100)]); /queue tree set $y limit-at=0; /queue tree set $y max-limit=0; /queue tree set $y max-limit=($MaxLimit); /queue tree set $y limit-at=($LimitAt);

# ------------------------------- [QT-Rule.SetComment%]

:if (([len $Comment]-[find $Comment “::”])<144) do={/queue tree set $y comment=($Comment.([$AddCToLen ([:tostr $PCalc]) "Izq." "0" 2])."%");} else={/queue tree set $y comment=(([:pick $Comment 0 ([:find $Comment “::”]+3)]).([$AddCToLen ([:tostr $PCalc]) "Izq." "0" 2])."%");};

# -------------------------------

} else={:set BytesAEtherX ([tonum [pick $AuxSQTEtherA ([find $AuxSQTEtherA “=”]+1) ([find $AuxSQTEtherA “+”])]]); :set RateAEtherX ([tonum [pick $AuxSQTEtherA ([find $AuxSQTEtherA “+”]+1) ([find $AuxSQTEtherA “*”])]]); :set AuxSQTEtherA ([pick $AuxSQTEtherA ([find $AuxSQTEtherA “*”]+1) [len $AuxSQTEtherA]]); :set BytesDEtherX ([tonum [pick $AuxSQTEtherD ([find $AuxSQTEtherD “=”]+1) ([find $AuxSQTEtherD “+”])]]); :set RateDEtherX ([tonum [pick $AuxSQTEtherD ([find $AuxSQTEtherD “+”]+1) ([find $AuxSQTEtherD “*”])]]); :set AuxSQTEtherD ([pick $AuxSQTEtherD ([find $AuxSQTEtherD “*”]+1) [len $AuxSQTEtherD]]); /queue tree set $y limit-at=0; /queue tree set $y max-limit=0; /queue tree set $y max-limit=($BytesDEtherX); /queue tree set $y limit-at=(($BytesDEtherX*$PLimitAt)/100);};};

# Nota: Desestimo los (QT.Bytes=0), puesto que, serán acotados al consumir.

# ------------------------------------------------------

/system script environment remove [find name="PWAN"];

/system script environment remove [find name="PLimitAt"];

/system script environment remove [find name="SMPacket"];

/system script environment remove [find name="SQTPacket"];

/system script environment remove [find name="SQTEtherA"];

/system script environment remove [find name="SQTEtherD"];

/queue tree reset-counters-all;                      # reset all Queue.Tree contadores

/ip firewall mangle reset-counters-all;                   # reset all Mangle contadores

/queue tree enable [/queue tree find];                          # All Queue.Tree enabled

/ip firewall mangle enable [/ip firewall mangle find];     # All Mangle.Rule enabled

# Nota: (considerar QueueTree.Rate (tasa promedio de transferencia), en el calculo de mark-pack.%).

# RB.QoSChange% (xDB): ------------------------------------------ [ x Drop.Bytes ]

# Name: RB.QoSChange% (xDB)

# comment="Cx: ( RB.QoSChange% (xDrop.Bytes) )";

# Limite para /queue tree max-limit=(4294M)

# ---------------------------------------------------

:global QoSDropList;                           # Dejar public y no remover x email diario

:local QoSDropName;

:local Increment 0;

:local TIncrement 0;

:local PIncMaxLimit 10;                                               # %.Inc de (max-limit)

:local MaxLimit;

:local LimitAt;

:local Comment;

:local NroRegla;

:local DLAux;

:local DLRest;

:local TDrop;

:local NodoID;

:local CountProcc 0;

:foreach x in [/system script job find (script="RB.QoSChange% (xDB)")] do {:set CountProcc ($CountProcc+1);};                 # Cant de éste proc activos

:if ($CountProcc=1) do={

:foreach x in=[/queue tree find (dropped>1000)] do={:set QoSDropName ([/queue tree get $x name]); :set MaxLimit ([/queue tree get [find name=$QoSDropName] value-name=max-limit]); :set LimitAt ([/queue tree get [find name=$QoSDropName] value-name=limit-at]); :set Comment ([/queue tree get [find name=$QoSDropName] value-name=comment]); :set Increment (($MaxLimit*$PIncMaxLimit)/100); :if ($Increment<1000) do={:set Increment (1000);}; :if ($MaxLimit+$Increment<4294000000) do={:if ($QoSDropList~$QoSDropName) do={:set DLAux ($QoSDropList); :set QoSDropList ([pick $QoSDropList 0 ([find $QoSDropList $QoSDropName]-1)]); :set DLAux ([pick $DLAux ([find $DLAux $QoSDropName]-1) [len $DLAux]]); :set DLRest ([pick $DLAux ([find $DLAux ”)”]+1) [len $DLAux]]); :set TDrop ([tonum ([pick $DLAux ([find $DLAux “=”]+1) ([find $DLAux “+”]-1)])]); :set TDrop ([tostr ($TDrop+(([/queue tree get $x dropped])/1000))].”k”); :set TIncrement ([tonum ([pick $DLAux ([find $DLAux “+”]+1) ([find $DLAux “)”]-1)])]); :set TIncrement ([tostr ($TIncrement+(($Increment)/1000))].”k”); :set QoSDropList ($QoSDropList.”(“.$QoSDropName.”=”.$TDrop.”+”.$TIncrement.”)”.$DLRest);} else={:set TDrop ([tostr (([/queue tree get $x dropped])/1000)].”k”); :set TIncrement ([tostr (($Increment)/1000)].”k”); :set QoSDropList ($QoSDropList.”(“.($QoSDropName).”=”.$TDrop.”+”.$TIncrement.”)”);}; /queue tree set [find name=$QoSDropName] max-limit=($MaxLimit+$Increment); /queue tree set [find name=$QoSDropName] limit-at=($LimitAt+$Increment); :if ([pick $QoSDropName 4 6]!=”00”) do={:set NodoID ([pick $QoSDropName 0 4].”00”); :set MaxLimit ([/queue tree get [find name~$NodoID] value-name=max-limit]); :set LimitAt ([/queue tree get [find name~$NodoID] value-name=limit-at]); /queue tree set [find name~$NodoID] max-limit=($MaxLimit+$Increment); /queue tree set [find name~$NodoID] limit-at=($LimitAt+$Increment);}; :set NodoID ([pick $QoSDropName 0 2].”0000”); :set MaxLimit ([/queue tree get [find name~$NodoID] value-name=max-limit]); :set LimitAt ([/queue tree get [find name~$NodoID] value-name=limit-at]); /queue tree set [find name~$NodoID] max-limit=($MaxLimit+$Increment); /queue tree set [find name~$NodoID] limit-at=($LimitAt+$Increment); :set NroRegla ([tonum [pick $Comment 0 3]]-1); /queue tree reset-counters numbers=($NroRegla);} else={:log error message=("[RB.QoSChange% (xDB), QT.Name: (".($QoSDropName).") – QT.Bytes-Drop: (".([/queue tree get $x dropped]).")]");}}};

# /system script environment remove [find name="QoSDropList"];

# Nota: /queue tree reset-counters-all (resetea all contadores x next-Tarea).

# ----------------------------------------------------------------------------------- [INI]

# -------------------------------- [TOOLS/Netwatch] ---------------------------------

# -------------------------------------------------------------------------------------------

# Alert.LinkChange (ISP.Link): ------------------------------------------ [NetWatch]

# Name: Alert.LinkChange-ISPLink

# comment="R: ( Alert.LinkChange-ISPLink )";

# --------------------------------------------------- [ x RB.BGP ]

/tool netwatch add down-script="global TelegramMessage \"[Enlace.ST-AP (DW)]\"; :log error message=(\"[Enlace.ST-AP (DW)]\");\r\n/system script run RB.Telegram-MessageAlert" host=xxx.duckdns.org interval=1m up-script="global TelegramMessage \"[Enlace.ST-AP (UP)]\"; :log warning message=(\"[Enlace.ST-AP (UP)]\");\r\n/system script run RB.Telegram-MessageAlert" comment=("R: ( Netwhatch.Enlace [ ST-AP ] )") disable=yes;

# ----------------------------------------------------------------------------------- [FIN]

# -------------------------------- [TOOLS/Netwatch] ---------------------------------

# -------------------------------------------------------------------------------------------

# Alert.LinkChange (RBLink): -----------------------------------------------------------

# ------------------------------------------------------------- [Independiente del script]

:global AntFlagDDNS01 (“OK”);                      # No copiar dentro del script

:global AntFlagDDNS02 (“OK”);                      # No copiar dentro del script

:global AntFlagDDNS03 (“OK”);                      # No copiar dentro del script

# ------------------------------------------------------------- [Independiente del script]

# Name: Alert.LinkChange-RBLink

# comment="R: ( Alert.LinkChange-RBLink )";

# Función IP.Test: (IP,PacketSend,PacketLossLimit,AvgLimit,PacketSize,Proceso)

:local TestConn do={:local PLoss ($3+1); :local AvgRTT ($4+1); :local MaxRTT; :local PRecibidos; :local PEnviados; :local LogMsg; :local DisabledIP (false); :if ([/ip firewall address-list find (address=$1 and list=”A-ICMPWANSRC.List”)]="") do={/ip firewall address-list add address=$1 list=“A-ICMPWANSRC.List“ comment=”T+: (TemporalIP x ICMP)” timeout=1m disable=no;} else={:if ([/ip firewall address-list get value-name=disabled [find (address=$1 and list=”A-ICMPWANSRC.List”)]]) do={/ip firewall address-list enable [/ip firewall address-list find (address=$1 and list=”A-ICMPWANSRC.List”)]; :set DisabledIP (true);}}; delay 10ms; /tool flood-ping $1 count=$2 size=$5 do={:if ($sent=$2) do={:set AvgRTT ($”avg-rtt”); :set MaxRTT ($”max-rtt”); :set PEnviados $sent; :set PRecibidos $received;}}; :if ($DisabledIP) do={/ip firewall address-list disable [/ip firewall address-list find (address=$1)];}; :set PLoss (100-(($PRecibidos*100)/$PEnviados)); :set LogMsg ("[ $6 – ping ( $1 – $5 b ) ]: latencia media ( $([:tostr $AvgRTT])ms ) – latencia maxima: ( $([:tostr $MaxRTT])ms ) – paquetes perdidos: ( $([:tostr $PLoss])% )"); :if ($PLoss<=$3 and $AvgRTT<=$4) do={:log info message=($LogMsg); :return (“OK”)} else={:log error message=($LogMsg); :return (“KO”)}};

# Nota: Asegurarse que IP este en address-list (do={:beep frequency=550 length=494ms;}).

# ---------------------------------------------------

:local FlagDDNS01 ([$TestConn ([resolve "xxx-1.duckdns.org"]) 10 30 100 XXX ”RB.AlertLinkChange”]=”OK”);

:local FlagDDNS02 ([$TestConn ([resolve "xxx-2.duckdns.org"]) 10 30 100 XXX ”RB.AlertLinkChange”]=”OK”);

:local FlagDDNS03 ([$TestConn ([resolve "xxx-3.duckdns.org"]) 10 30 100 XXX ”RB.AlertLinkChange”]=”OK”);

:if ($FlagDDNS01!=$AntFlagDDNS01) do={:if ($FlagDDNS01=”KO”) do={:global TelegramMessage (“[ xxx-R1.DuckDNS.org (DW) ]”); :log error message=("[xxx-R01.DuckDNS.org (DW)]"); /system script run RB.Telegram-MessageAlert;} else={:global TelegramMessage (“[xxx-R1.DuckDNS.org (UP)]”); :log error message=("[xxx-R01.DuckDNS.org (UP)]"); /system script run RB.Telegram-MessageAlert;}};

:if ($FlagDDNS02!=$AntFlagDDNS02) do={:if ($FlagDDNS02=”KO”) do={:global TelegramMessage (“[xxx-R2.DuckDNS.org (DW)]”); :log error message=("[xxx-R02.DuckDNS.org (DW)]"); /system script run RB.Telegram-MessageAlert;} else={:global TelegramMessage (“[xxx-R2.DuckDNS.org (UP)]”); :log error message=("[xxx-R02.DuckDNS.org (UP)]"); /system script run RB.Telegram-MessageAlert;}};

:if ($FlagDDNS03!=$AntFlagDDNS03) do={:if ($FlagDDNS03=”KO”) do={:global TelegramMessage (“[VCI-xxx-R3.DuckDNS.org (DW)]”); :log error message=("[xxx-R03.DuckDNS.org (DW)]"); /system script run RB.Telegram-MessageAlert;} else={:global TelegramMessage (“[xxx-R3.DuckDNS.org (UP)]”); :log error message=("[xxx-R03.DuckDNS.org (UP)]"); /system script run RB.Telegram-MessageAlert;}};

:global AntFlagDDNS01 ($FlagDDNS01); :global AntFlagDDNS02 ($FlagDDNS02); :global AntFlagDDNS03 ($FlagDDNS03);

# RB.Telegram-MessageAlert: -----------------------------------------------------------

# Name: RB.Telegram-MessageAlert

# comment="R: ( RB.Telegram-MensageAlert )";

# --------------------------------------------------- [Telegram proccess]

# Find: @botfather (/newbot, ej: xxx_telegram_bot, vci_telegram_bot)

# Copy.BotID: (ej: <<< Paste1 >>>)

# Create Grup: (ej: xxx.Chat, add vci_telegram_bot, find and add @getidbot)

# Copy.ChatID: (ej: <<< Paste2 >>>)

# ------------------------------------------------------------ [Copy-Paste en consola]

/system script add dont-require-permissions=yes name=RB.Telegram-MessageAlert policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="# Name: RB.Telegram-MessageAlert\r\n# comment=\"R: ( RB.Telegram-MensageAlert )\";\r\n# --------------------------------------------------- [Telegram proccess]\r\n# Find: @botfather (/newbot, xxx_telegram_bot, vci_telegram_bot)\r\n# Copy.BotID: (ej: <<< Paste1 >>>)\r\n# Create Grup: (ej: xxx.Chat, add vci_telegram_bot, find and add @getidbot)\r\n# Copy.ChatID: (ej: <<< Paste2 >>>)\r\n# ------------------------------------------------------------------------------\r\n:global TelegramMessage;\r\n:local BotID  (\"<<< Paste1 >>>\");\r\n:local ChatID (\"<<< Paste2 >>>\”);\r\n:if (\$TelegramMessage!=\"\") do={\r\n /tool fetch url=\"https://api.telegram.org/bot\$BotID/sendMessage\?chat_id=\$ChatID&text=\$TelegramMessage\" keep-result=no\r\n}; /system script environment remove [find name=\"TelegramMessage\"];" comment=("R: ( Telegram.MensageAlert )");

# Nota: al Telegram.Bot (URL.Limit), no acepta ni tildes ni Special.Chars. Some Special.Chars, pueden enviarse via Telegram.Bot (URL), por ej.: (\$\?).

# RB.Winbox-SharedOFF (x PKnocking): ----------------------------------------------

# Name: RB.Winbox-SharedOFF

# comment="R: RB.Winbox-SharedOFF";          # verificar que user(x), sea (0)

:if ([/user get 0 name]~”xxx” and [/user get 0 disable]=no) do={/user set 1 disable=yes; /user set 2 disable=yes;} else={:log error message=("[Error, en la secuenciacion de Users]”);};

:foreach x in=[/ip firewall filter find (comment~”<:”)] do={/ip firewall filter set $x disable=yes;};

:foreach x in=[/ip firewall filter find (comment~”*:”)] do={/ip firewall filter set $x disable=yes;};

:if ([len $WinboxP]>0 and [len $Api]>0) do={/ip service set winbox port=$WinboxP; /ip service set api port=$ApiP;} else={/ip service set winbox port=3335; /ip service set api port=3336;}

/system script environment remove [find name="WinboxP"]; /system script environment remove [find name="ApiP"];

# RB.Winbox-SharedON (x PKnocking.Special): -------------------------------------

# Name: RB.Winbox-SharedON(SPKnocking)  # verificar que user(x), sea (0)

# comment="R: RB.Winbox-SharedON (SPKnocking)";

:if ([/user get 0 name]~”xxx” and [/user get 0 disable]=no) do={/user set 1 disable=no; /user set 2 disable=no;} else={:log error message=("[Error, en la secuenciacion de Users]”);};

:foreach x in=[/ip firewall filter find (comment~”<:”)] do={/ip firewall filter set $x disable=no;};

:global WinboxP ([/ip service get [find (name=”winbox”)] port]);

:global ApiP ([/ip service get [find (name=”api”)] port]);

/ip service set winbox port=3333; /ip service set api port=3334;

# Nota: x motivos de retrocompatibilidad, uso las var.globales (WinboxP y ApiP).

# RB.Winbox-SharedON (x Port.Special): ---------------------------------------------

# Name: RB.Winbox-SharedON(SPort)             # verificar que user(x), sea (0)

# comment="R: RB.Winbox-SharedON (SPort)";

:if ([/user get 0 name]~”xxx” and [/user get 0 disable]=no) do={/user set 1 disable=no; /user set 2 disable=no;} else={:log error message=("[Error, en la secuenciacion de Users]”);};

:foreach x in=[/ip firewall filter find (comment~”*:”)] do={/ip firewall filter set $x disable=no;};

:global WinboxP ([/ip service get [find (name=”winbox”)] port]);

:global ApiP ([/ip service get [find (name=”api”)] port]);

/ip service set winbox port=3333; /ip service set api port=3334;

# Nota: x motivos de retrocompatibilidad, uso las var.globales (WinboxP y ApiP). x secuenciación de mí (Firewall), sin +reglas, no puedo evitar usar algunos (port).

------------------------------------------------------------------------------- [ FIN ]

----------------------------------------------------------------------------------------

----------------------------- Scripts (basicos): -------------------------------------

----------------------------------------------------------------------------------------

----------------------------------------------------------------------------------------