Hi
Mikrotik -----> Mikrotik
I need to mirror dynamic address list entry's from one mikrotik router to another . is there anyway that i can achieve this.
Thanks in advance.
Re: Copy Address Entrys to Second Router
You will need to script this, there is no other way.
Script the main router (that has the addresses) to telnet/SSH to the other router and add/remove them as neccesary.
Script the main router (that has the addresses) to telnet/SSH to the other router and add/remove them as neccesary.
Last edited by tomaskir on Mon Dec 10, 2012 12:41 pm, edited 1 time in total.
Re: Copy Address Entrys to Second Router
i am not familiar with scripting can anyone help me out.
Re: Copy Address Entrys to Second Router
Try to ask here:i am not familiar with scripting can anyone help me out.
http://forum.mikrotik.com/viewforum.php?f=9
Re: Copy Address Entrys to Second Router
This script will do what you are asking. You need to change the IP address, user, and password to match router 2. The script loops through all dynamic address list entries on the router 1, writes them to an auto.rsc file, and uploads it to router 2. On router 2, the uploaded script adds static address list entries and cleans up any old ones that were previously added.
This should be used with the scheduler to run however often you want.
* NOTE * The first time you run the script on router 1, it will create the file on the router 2, but the script will not be executed. I think this is a bug. Every time you run the script after this, the script is executed and works just fine.
This should be used with the scheduler to run however often you want.
* NOTE * The first time you run the script on router 1, it will create the file on the router 2, but the script will not be executed. I think this is a bug. Every time you run the script after this, the script is executed and works just fine.
Code: Select all
{
# configure remote router info
:local ip 172.10.10.10;
:local user admin;
:local pass password;
# navigate to address lists
/ip firewall address-list
# initial file setup on local router
:if ([:len [/file find name="DAddrListMirror.txt"]] != 1) do={
/file print file=DAddrListMirror
:delay 2s;
/file set DAddrListMirror.txt contents="";
}
# set variables
:local addresses;
:local lists;
# loop through all dynamic entries, appending address and list values
:foreach i in=[find where dynamic=yes] do={
:set addresses ($addresses . "$[get $i address],");
:set lists ($lists . "$[get $i list],");
}
# create time stamp variable, used to keep track of new dynamic entries
:local tstamp "DMirror$[/system clock get time]";
# create script for other router
:local output "# Script to update Address Lists with dynamic entries from other router\r\n\r\n";
# create time stamp variable
:set output ($output . ":local tstamp $tstamp\r\n\r\n");
# create lists and addresses variables, convert to arrays
:set output ($output . ":local lists $lists\r\n");
:set output ($output . ":local listsArray [:toarray \$lists];\r\n");
:set output ($output . ":local addresses $addresses\r\n");
:set output ($output . ":local addressesArray [:toarray \$addresses];\r\n\r\n");
# navigate to address lists
:set output ($output . "/ip firewall address-list\r\n");
# loop through arrays, creating firewall rules with time stamp comment
:set output ($output . ":for i from=0 to=( [:len \$listsArray] - 1) do={add address=[:pick \$addressesArray \$i] list=[:pick \$listsArray \$i] disabled=no comment=\$tstamp}\r\n\r\n");
# clean up any old address list entries
:set output ($output . "# Cleanup, remove old dynamic entries\r\n");
# loop through all DMirror comment entries, remove ones that do not match current time stamp
:set output ($output . ":foreach i in=[find where comment~\"DMirror\"] do={:if ([get \$i comment] != \$tstamp) do={remove \$i}}\r\n\r\n");
:set output ($output . "# END");
# write output to a file
/file set DAddrListMirror.txt contents=$output;
# upload file to remote router as *.auto.rsc, so file will execute on upload
# first time file is uploaded, the file will NOT execute (bug?). After that it works fine.
/tool fetch address=$ip src-path=DAddrListMirror.txt user=$user mode=ftp password=$pass dst-path=DAddrListMirror.auto.rsc port=21 upload=yes;
}Re: Copy Address Entrys to Second Router
Another thing to remember is that there is a 4KB read/write limit for files. If there are enough dynamic address list items that cause the file to be larger than 4KB, the file won't be created. It will be blank I think...
Re: Copy Address Entrys to Second Router
A little late . but thanks 
Re: Copy Address Entrys to Second Router
Many thanks for the script. Has anyone tried the script on version 6 at all? When running script i get an error on the destination router where script is being sent to "script error: expected end of command (line 5 column 20)"
any help would be much appreciated
any help would be much appreciated