GISTS/mikrotik/manageVLAN.rsc

# VLAN management script (
  # Script to easily create,  manage and delete VLAN
  # Only need to start it once at boot
  # Calls should include when needed:
  # vlanID = vlan number (should be 99 (num) and not "99" (str) for vlan99)
  # vlanIP = vlan IP, eg: "192.168.99.2/24" (str)
# )

# USAGE:
# add a VLAN
  # $vlanAdd vlanID=99
# Add an IP to VLAN
  # $vlanAddIP vlanID=99 vlanIP="192.168.99.2/24"
# Edit an VLAN IP
  # $vlanModIP vlanID=99 vlanIP="192.168.99.2/24"
# Remove an IP from a specific VLAN
  # $vlanDelIP vlanID=99 vlanIP="192.168.99.2/24"
# Enable a VLAN
  # $vlanEn vlanID=99
# Disable a VLAN
  # $vlanDis vlanID=99
# Completely remove a LAN (should add a security on webinterface to NOT remove last vlan if no more IP)
  # $vlanDel vlanID=99

# perms: read,write,policy,test
:global vlanAdd do={
  /log/info "[VLAN MANAGER] Creating VLAN $vlanID"
  /interface/bridge/add name="br-vlan$[$vlanID]" protocol-mode=none;
  /interface/vlan/add name="vlan$[$vlanID]-ether1" vlan-id=$vlanID interface=[/interface/ethernet/find];
  /interface/vlan/add name="vlan$[$vlanID]-wlan1"  vlan-id=$vlanID interface=[/interface/wireless/find];
  /interface/bridge/port/add interface="vlan$[$vlanID]-ether1" bridge="br-vlan$[$vlanID]";
  /interface/bridge/port/add interface="vlan$[$vlanID]-wlan1"  bridge="br-vlan$[$vlanID]";
  :if [/interface/ethernet/find name=sfp1] do={
    /interface/vlan/add name="vlan$[$vlanID]-sfp1" vlan-id=$vlanID interface=[/interface/ethernet/find name=sfp1];
    /interface/bridge/port/add interface="vlan$[$vlanID]-sfp1" bridge="br-vlan$[$vlanID]";
  }
}
:global vlanAddIP do={
  /log/info "[VLAN MANAGER] Adding $vlanIP to VLAN $vlanID"
  /ip/address/add address="$[$vlanIP]" interface="br-vlan$[$vlanID]";
}
:global vlanModIP do={
  /log/info "[VLAN MANAGER] Changing IP to $vlanIP on VLAN $vlanID"
  /ip/address/set address="$[$vlanIP]" [/ip/address/find interface="br-vlan$[$vlanID]"];
}
:global vlanDelIP do={
  /log/warning "[VLAN MANAGER] Deleting $vlanIP from VLAN $vlanID"
  /ip/address/remove [/ip/address/find interface="br-vlan$[$vlanID]" address="$vlanIP"];
}
:global vlanEn do={
  /log/info "[VLAN MANAGER] Enabling VLAN $vlanID"
  /interface/bridge/set "br-vlan$[$vlanID]" disabled=no;
}
:global vlanDis do={
  /log/warning "[VLAN MANAGER] Disabling VLAN $vlanID"
  /interface/bridge/set "br-vlan$[$vlanID]" disabled=yes;
}
:global vlanDel do={
  /log/warning "[VLAN MANAGER] Removing VLAN $vlanID"
  /ip/address/remove [/ip/address/find interface="br-vlan$[$vlanID]"];
  /interface/bridge/remove "br-vlan$[$vlanID]";
  /interface/vlan/remove "vlan$[$vlanID]-ether1";
  /interface/vlan/remove "vlan$[$vlanID]-wlan1";
  :if [/interface/ethernet/find name=sfp1] do={
    /interface/vlan/remove "vlan$[$vlanID]-sfp1";
  }
}
added scripts for mikrotik devices 2024-09-03 00:10:43 +02:00			`# VLAN management script (`
			`# Script to easily create, manage and delete VLAN`
			`# Only need to start it once at boot`
			`# Calls should include when needed:`
			`# vlanID = vlan number (should be 99 (num) and not "99" (str) for vlan99)`
			`# vlanIP = vlan IP, eg: "192.168.99.2/24" (str)`
			`# )`

			`# USAGE:`
			`# add a VLAN`
			`# $vlanAdd vlanID=99`
			`# Add an IP to VLAN`
			`# $vlanAddIP vlanID=99 vlanIP="192.168.99.2/24"`
			`# Edit an VLAN IP`
			`# $vlanModIP vlanID=99 vlanIP="192.168.99.2/24"`
			`# Remove an IP from a specific VLAN`
			`# $vlanDelIP vlanID=99 vlanIP="192.168.99.2/24"`
			`# Enable a VLAN`
			`# $vlanEn vlanID=99`
			`# Disable a VLAN`
			`# $vlanDis vlanID=99`
			`# Completely remove a LAN (should add a security on webinterface to NOT remove last vlan if no more IP)`
			`# $vlanDel vlanID=99`

			`# perms: read,write,policy,test`
			`:global vlanAdd do={`
			`/log/info "[VLAN MANAGER] Creating VLAN $vlanID"`
			`/interface/bridge/add name="br-vlan$[$vlanID]" protocol-mode=none;`
			`/interface/vlan/add name="vlan$[$vlanID]-ether1" vlan-id=$vlanID interface=[/interface/ethernet/find];`
			`/interface/vlan/add name="vlan$[$vlanID]-wlan1" vlan-id=$vlanID interface=[/interface/wireless/find];`
			`/interface/bridge/port/add interface="vlan$[$vlanID]-ether1" bridge="br-vlan$[$vlanID]";`
			`/interface/bridge/port/add interface="vlan$[$vlanID]-wlan1" bridge="br-vlan$[$vlanID]";`
			`:if [/interface/ethernet/find name=sfp1] do={`
			`/interface/vlan/add name="vlan$[$vlanID]-sfp1" vlan-id=$vlanID interface=[/interface/ethernet/find name=sfp1];`
			`/interface/bridge/port/add interface="vlan$[$vlanID]-sfp1" bridge="br-vlan$[$vlanID]";`
			`}`
			`}`
			`:global vlanAddIP do={`
			`/log/info "[VLAN MANAGER] Adding $vlanIP to VLAN $vlanID"`
			`/ip/address/add address="$[$vlanIP]" interface="br-vlan$[$vlanID]";`
			`}`
			`:global vlanModIP do={`
			`/log/info "[VLAN MANAGER] Changing IP to $vlanIP on VLAN $vlanID"`
			`/ip/address/set address="$[$vlanIP]" [/ip/address/find interface="br-vlan$[$vlanID]"];`
			`}`
			`:global vlanDelIP do={`
			`/log/warning "[VLAN MANAGER] Deleting $vlanIP from VLAN $vlanID"`
			`/ip/address/remove [/ip/address/find interface="br-vlan$[$vlanID]" address="$vlanIP"];`
			`}`
			`:global vlanEn do={`
			`/log/info "[VLAN MANAGER] Enabling VLAN $vlanID"`
			`/interface/bridge/set "br-vlan$[$vlanID]" disabled=no;`
			`}`
			`:global vlanDis do={`
			`/log/warning "[VLAN MANAGER] Disabling VLAN $vlanID"`
			`/interface/bridge/set "br-vlan$[$vlanID]" disabled=yes;`
			`}`
			`:global vlanDel do={`
			`/log/warning "[VLAN MANAGER] Removing VLAN $vlanID"`
			`/ip/address/remove [/ip/address/find interface="br-vlan$[$vlanID]"];`
			`/interface/bridge/remove "br-vlan$[$vlanID]";`
			`/interface/vlan/remove "vlan$[$vlanID]-ether1";`
			`/interface/vlan/remove "vlan$[$vlanID]-wlan1";`
			`:if [/interface/ethernet/find name=sfp1] do={`
			`/interface/vlan/remove "vlan$[$vlanID]-sfp1";`
			`}`
			`}`