# VLAN management script (
  # Script to easily create,  manage and delete VLAN
  # Only need to start it once at boot
  # Calls should include when needed:
  # vlanID = vlan number (should be 99 (num) and not "99" (str) for vlan99)
  # vlanIP = vlan IP, eg: "192.168.99.2/24" (str)
# )

# USAGE:
# add a VLAN
  # $vlanAdd vlanID=99
# Add an IP to VLAN
  # $vlanAddIP vlanID=99 vlanIP="192.168.99.2/24"
# Edit an VLAN IP
  # $vlanModIP vlanID=99 vlanIP="192.168.99.2/24"
# Remove an IP from a specific VLAN
  # $vlanDelIP vlanID=99 vlanIP="192.168.99.2/24"
# Enable a VLAN
  # $vlanEn vlanID=99
# Disable a VLAN
  # $vlanDis vlanID=99
# Completely remove a LAN (should add a security on webinterface to NOT remove last vlan if no more IP)
  # $vlanDel vlanID=99

# perms: read,write,policy,test
:global vlanAdd do={
  /log/info "[VLAN MANAGER] Creating VLAN $vlanID"
  /interface/bridge/add name="br-vlan$[$vlanID]" protocol-mode=none;
  /interface/vlan/add name="vlan$[$vlanID]-ether1" vlan-id=$vlanID interface=[/interface/ethernet/find];
  /interface/vlan/add name="vlan$[$vlanID]-wlan1"  vlan-id=$vlanID interface=[/interface/wireless/find];
  /interface/bridge/port/add interface="vlan$[$vlanID]-ether1" bridge="br-vlan$[$vlanID]";
  /interface/bridge/port/add interface="vlan$[$vlanID]-wlan1"  bridge="br-vlan$[$vlanID]";
  :if [/interface/ethernet/find name=sfp1] do={
    /interface/vlan/add name="vlan$[$vlanID]-sfp1" vlan-id=$vlanID interface=[/interface/ethernet/find name=sfp1];
    /interface/bridge/port/add interface="vlan$[$vlanID]-sfp1" bridge="br-vlan$[$vlanID]";
  }
}
:global vlanAddIP do={
  /log/info "[VLAN MANAGER] Adding $vlanIP to VLAN $vlanID"
  /ip/address/add address="$[$vlanIP]" interface="br-vlan$[$vlanID]";
}
:global vlanModIP do={
  /log/info "[VLAN MANAGER] Changing IP to $vlanIP on VLAN $vlanID"
  /ip/address/set address="$[$vlanIP]" [/ip/address/find interface="br-vlan$[$vlanID]"];
}
:global vlanDelIP do={
  /log/warning "[VLAN MANAGER] Deleting $vlanIP from VLAN $vlanID"
  /ip/address/remove [/ip/address/find interface="br-vlan$[$vlanID]" address="$vlanIP"];
}
:global vlanEn do={
  /log/info "[VLAN MANAGER] Enabling VLAN $vlanID"
  /interface/bridge/set "br-vlan$[$vlanID]" disabled=no;
}
:global vlanDis do={
  /log/warning "[VLAN MANAGER] Disabling VLAN $vlanID"
  /interface/bridge/set "br-vlan$[$vlanID]" disabled=yes;
}
:global vlanDel do={
  /log/warning "[VLAN MANAGER] Removing VLAN $vlanID"
  /ip/address/remove [/ip/address/find interface="br-vlan$[$vlanID]"];
  /interface/bridge/remove "br-vlan$[$vlanID]";
  /interface/vlan/remove "vlan$[$vlanID]-ether1";
  /interface/vlan/remove "vlan$[$vlanID]-wlan1";
  :if [/interface/ethernet/find name=sfp1] do={
    /interface/vlan/remove "vlan$[$vlanID]-sfp1";
  }
}