routeros-scripts-phg/dnsToIPv6SubnetResolver.rsc

# -------------------------------------------------------------------------------
# Script to grab IPv6 Addresses from DNS an converting them to subnets
#
# by Philip 'ShokiNN' Henning <mail@philip-henning.com>
# RouterOS compatibility: 7+
# Version 1.0
# last update: 20.01.2025
# License: MIT
# -------------------------------------------------------------------------------

# --- Define variables -----------------------------------------------------------------------------------------
# Enter all required variables and secrets here. -- All secrets are stored unencrypted!
## IPv6 address list (address list which will contain the resolved subnets)
## Data Type: String
## Example: "resolved_ipv6_subnets"
:local ipv6AddressList "";

## --- Comment prefix --------------------------------------------------------------------
# Comment Prefix
# If set, prefixes the comment for the address list
# Data Type: String
# Example: Access to service for
## ---------------------------------------------------------------------------------------
:local ipv6AddressListCommentPrefix "";

## --- Public domains to resolve --------------------------------------------------------------------
# Domain
# The Domain you want to resolve into an IPv6 subnet
# Data Type: String
# Example: "example.com";

# Subnet length
# The subnet length the resolved IP address should be reduced to
# Data Tupe: Integer
# Example: 64;

# Comment
# Comment for the Address list entry
# Data Type: String
# Example: "John Doe's public subnet";
## --------------------------------------------------------------------------------------------------
:local domainToIpv6Subnet {
    {"example.com";64;"John Doe"}
};
# ---------------------------------------------------------------------------------------------------------------


:local logPrefix "[DNS to IPv6 Subnet resolver]";


# Log "run of script"
:log info "$logPrefix running";

:local index 0;
:foreach i in=$domainToIpv6Subnet do={
    [/system/script/run "ipv6HelperFunctions"; global resolveIPv6];

    :local configDomain ("$($i->0)");
    :local configSubnetLength ("$($i->1)");
    :local configComment ("$ipv6AddressListCommentPrefix" . "$($i->2)");
    :local dnsIp "";
    :local startLogMsg "$logPrefix Start configuring domain:";
    :local endLogMsg "$logPrefix Finished configuring domain:";

    :log info "$startLogMsg $configDomain";
    /ipv6/firewall/address-list/remove [/ipv6/firewall/address-list/find list="$ipv6AddressList" comment="$configComment"];

    :set dnsIp [$resolveIPv6 $configDomain];
    :if ($dnsIp != "") do={
        /ipv6/firewall/address-list/add list="$ipv6AddressList" address="$dnsIp/$configSubnetLength" comment="$configComment";
        :local addedSubnet [:pick [/ipv6/firewall/address-list/get [/ipv6/firewall/address-list/find list="$ipv6AddressList" comment="$configComment"]] 1];
    }
    
    :log info "$logPrefix domain: $configDomain - Set to: $addedSubnet";

    :log info "$endLogMsg $configDomain";
};
:set index;

:log info "$logPrefix finished";