44 lines
1.7 KiB
Plaintext
44 lines
1.7 KiB
Plaintext
|
# Define the hostname and ports
|
||
|
|
:local hostname "websrv0001"
|
||
|
|
:local port1 "80"
|
||
|
|
:local port2 "443"
|
||
|
|
|
||
|
|
:local interfaceList "WAN"
|
||
|
|
|
||
|
|
# Resolve the IP address from the DHCP lease
|
||
|
|
:local resolvedIP ""
|
||
|
|
|
||
|
|
:foreach lease in=[/ip dhcp-server lease find] do={
|
||
|
|
:local dhcpHostName [/ip dhcp-server lease get $lease host-name]
|
||
|
|
:if ($dhcpHostName = $hostname) do={
|
||
|
|
set resolvedIP [/ip dhcp-server lease get $lease address]
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
:log info $resolvedIP
|
||
|
|
|
||
|
|
:if ( [ :len $resolvedIP] > 0 ) do={
|
||
|
|
:local natRule1 [/ip firewall nat find comment="HTTP NAT Rule"]
|
||
|
|
:local natRule2 [/ip firewall nat find comment="HTTPS NAT Rule"]
|
||
|
|
|
||
|
|
# Check if HTTP NAT rule exists, create if it doesn't
|
||
|
|
:if ( [ :len $natRule1 ] = 0 ) do={
|
||
|
|
/ip firewall nat add chain=dstnat dst-port=$port1 protocol=tcp action=dst-nat in-interface-list=$interfaceList to-addresses=$resolvedIP to-ports=$port1 comment="HTTP NAT Rule"
|
||
|
|
:log info "Created HTTP NAT Rule for $hostname"
|
||
|
|
} else={
|
||
|
|
/ip firewall nat set $natRule1 to-addresses=$resolvedIP to-ports=$port1
|
||
|
|
:log info "Updated HTTP NAT Rule for $hostname"
|
||
|
|
}
|
||
|
|
|
||
|
|
# Check if HTTPS NAT rule exists, create if it doesn't
|
||
|
|
:if ( [ :len $natRule2 ] = 0 ) do={
|
||
|
|
/ip firewall nat add chain=dstnat dst-port=$port2 protocol=tcp action=dst-nat in-interface-list=$interfaceList to-addresses=$resolvedIP to-ports=$port2 comment="HTTPS NAT Rule"
|
||
|
|
:log info "Created HTTPS NAT Rule for $hostname"
|
||
|
|
} else={
|
||
|
|
/ip firewall nat set $natRule2 to-addresses=$resolvedIP to-ports=$port2
|
||
|
|
:log info "Updated HTTPS NAT Rule for $hostname"
|
||
|
|
}
|
||
|
|
|
||
|
|
} else={
|
||
|
|
:log warning "Hostname $hostname not found in DHCP lease list"
|
||
|
|
}
|