From ce88eca1a5674ed117e39eccc6606a560e320023 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=98=D0=B3=D0=BE=D1=80=D1=8C=20=D0=91=D0=B0=D1=80=D0=BA?=
 =?UTF-8?q?=D0=BE=D0=B2?= <ibarkov@likom.com.ua>
Date: Thu, 8 Aug 2024 13:22:37 +0000
Subject: [PATCH] =?UTF-8?q?=D0=94=D0=BE=D0=B1=D0=B0=D0=B2=D0=B8=D1=82?=
 =?UTF-8?q?=D1=8C=20NATUPDATE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 NATUPDATE | 44 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)
 create mode 100644 NATUPDATE

diff --git a/NATUPDATE b/NATUPDATE
new file mode 100644
index 0000000..a81d8c6
--- /dev/null
+++ b/NATUPDATE
@@ -0,0 +1,44 @@
+# Define the hostname and ports
+:local hostname "websrv0001"
+:local port1 "80"
+:local port2 "443"
+
+:local interfaceList "WAN" 
+
+# Resolve the IP address from the DHCP lease
+:local resolvedIP ""
+
+:foreach lease in=[/ip dhcp-server lease find] do={
+    :local dhcpHostName [/ip dhcp-server lease get $lease host-name]
+    :if ($dhcpHostName = $hostname) do={
+        set resolvedIP [/ip dhcp-server lease get $lease address]
+    }
+}
+
+:log info $resolvedIP
+
+:if ( [ :len $resolvedIP] > 0 ) do={
+    :local natRule1 [/ip firewall nat find comment="HTTP NAT Rule"]
+    :local natRule2 [/ip firewall nat find comment="HTTPS NAT Rule"]
+
+    # Check if HTTP NAT rule exists, create if it doesn't
+    :if ( [ :len $natRule1 ] = 0 ) do={
+        /ip firewall nat add chain=dstnat dst-port=$port1 protocol=tcp action=dst-nat in-interface-list=$interfaceList to-addresses=$resolvedIP to-ports=$port1 comment="HTTP NAT Rule"
+        :log info "Created HTTP NAT Rule for $hostname"
+    } else={
+        /ip firewall nat set $natRule1 to-addresses=$resolvedIP to-ports=$port1
+        :log info "Updated HTTP NAT Rule for $hostname"
+    }
+
+    # Check if HTTPS NAT rule exists, create if it doesn't
+    :if ( [ :len $natRule2 ] = 0 ) do={
+        /ip firewall nat add chain=dstnat dst-port=$port2 protocol=tcp action=dst-nat in-interface-list=$interfaceList to-addresses=$resolvedIP to-ports=$port2 comment="HTTPS NAT Rule"
+        :log info "Created HTTPS NAT Rule for $hostname"
+    } else={
+        /ip firewall nat set $natRule2 to-addresses=$resolvedIP to-ports=$port2
+        :log info "Updated HTTPS NAT Rule for $hostname"
+    }
+
+} else={
+    :log warning "Hostname $hostname not found in DHCP lease list"
+}
\ No newline at end of file