Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/sh
- KEY="<Redacted>"
- SECRET="<Redacted>"
- RULE_ID="XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
- SOURCE_NET="fdxx:xxxx:xxxx::/64" # This is the Wiregaurd ULA prefix
- WAN_INTERFACE="igc0"
- HOST=localhost
- # Get current WAN IPv6 prefix
- WAN_PREFIX=$(curl -sk -u "$KEY:$SECRET" "https://$HOST/api/interfaces/overview/get_interface/$WAN_INTERFACE" \
- | jq -r '.message["ifctl.prefix"].value[0]')
- echo "Detected WAN prefix: $WAN_PREFIX"
- # Exit if WAN prefix is empty
- if [ -z "$WAN_PREFIX" ]; then
- echo "WAN prefix is empty. Exiting."
- exit 1
- fi
- # Get current NPT rule details
- CURRENT_DEST_NET=$(curl -sk -u "$KEY:$SECRET" "https://$HOST/api/firewall/npt/get_rule/$RULE_ID" \
- | jq -r '.rule.destination_net')
- echo "Current NPT destination_net: $CURRENT_DEST_NET"
- # Compare current vs new prefix
- if [ "$CURRENT_DEST_NET" = "$WAN_PREFIX" ]; then
- # Prefix has not changed. No update needed.
- exit 0
- fi
- # Prepare JSON body
- JSON_BODY=$(cat <<EOF
- {
- "rule": {
- "enabled": "1",
- "sequence": "1",
- "log": "1",
- "interface": "wan",
- "source_net": "$SOURCE_NET",
- "destination_net": "$WAN_PREFIX",
- "trackif": "",
- "categories": "",
- "description": "NPTv6 - WGG"
- }
- }
- EOF
- )
- # Perform the update
- API_RESPONSE=$(curl -sS -k -u "$KEY:$SECRET" \
- -X POST "https://$HOST/api/firewall/npt/set_rule/$RULE_ID" \
- -H "Content-Type: application/json" \
- -d "$JSON_BODY")
- # Check for success
- echo "$API_RESPONSE" | grep -q '"result":"saved"' || {
- echo "Error: Failed to update rule"
- exit 1
- }
- # Restart filter upon successful
- /usr/local/etc/rc.filter_configure
Add Comment
Please, Sign In to add comment
