wartana/iix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add auto mangle generation script

Browse Source
This commit is contained in:
Wartana
2026-02-26 10:52:11 +08:00
parent ccaac2a2b4
commit 0778e3543b
1 changed files with 96 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

96
update_mangle.py Normal file
View File

@@ -0,0 +1,96 @@
import requests
import json
import os
import urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
def get_router_credentials(config_path, isp_name="dimensi", router_name="router-dimensi-dell"):
try:
with open(config_path, 'r') as f:
config = json.load(f)
routers = config.get("isps", {}).get(isp_name, {}).get("routers", {})
return routers.get(router_name)
except Exception as e:
print(f"Error membaca config: {e}")
return None
def update_mangle_rules():
router = get_router_credentials("/home/wartana/myApp/billing-mcp/config.json")
if not router:
print("Kredensial router-dimensi-dell tidak ditemukan di config.")
return
host = router["host"]
user = router["user"]
password = router["pass"]
port = router["port"]
api_url = f"http://{host}/rest"
if port != 80:
api_url = f"http://{host}:{port}/rest"
session = requests.Session()
session.auth = (user, password)
session.verify = False
print(f"Menghubungi router {host}:{port}...")
# 1. Hapus SEMUA mangle packet yang sudah ada (Hanya action=mark-packet pada chain=forward)
print("Menghapus mark-packet yang lama...")
del_payload = {"script": "/ip/firewall/mangle/remove [find chain=forward action=mark-packet]"}
try:
session.post(f"{api_url}/execute", json=del_payload, timeout=30)
except Exception as e:
pass
import time
time.sleep(2) # Beri waktu router mengeksekusi penghapusan massal
# 2. Definisikan Packet mark baru yang bypass BGP lokal
# Format: [List Name, Packet Mark Down, Packet Mark Up]
profiles = [
("EXPIRED", "EXPIRED_dl", "EXPIRED_ul"), # EXPIRED tetap dilimit mati dari/ke lokal
("star_10", "star_10_dl", "star_10_up"),
("star_20", "star_20_dl", "star_20_up"),
("star_30", "star_30_dl", "star_30_up"),
("star_50", "star_50_dl", "star_50_up"),
("star_100", "star_100_dl", "star_100_up"),
("star_150", "star_150_dl", "star_150_up"),
("star_200", "star_200_dl", "star_200_up"),
("star_500", "star_500_dl", "star_500_up"),
("hemat", "hemat_dl", "hemat_up")
]
# 3. Kumpulkan printah script Batch MikroTik
commands = []
for profile, dl_mark, up_mark in profiles:
# EXPIRED tidak di-bypass agar tidak bisa akses lokal sama sekali
if profile == "EXPIRED":
commands.append(f"/ip/firewall/mangle/add action=mark-packet chain=forward dst-address-list={profile} new-packet-mark={dl_mark} passthrough=no")
commands.append(f"/ip/firewall/mangle/add action=mark-packet chain=forward src-address-list={profile} new-packet-mark={up_mark} passthrough=no")
else:
# Profil reguler di-bypass (src/dst target = !ip-lokal)
# DOWNLOAD: IP Publik -> Pelanggan (!ip-lokal ke list star_*)
commands.append(f"/ip/firewall/mangle/add action=mark-packet chain=forward dst-address-list={profile} src-address-list=!ip-lokal new-packet-mark={dl_mark} passthrough=no comment=\"Bypass BGP Lokal - {profile}\"")
# UPLOAD: Pelanggan -> IP Publik (star_* ke !ip-lokal)
commands.append(f"/ip/firewall/mangle/add action=mark-packet chain=forward src-address-list={profile} dst-address-list=!ip-lokal new-packet-mark={up_mark} passthrough=no")
script_code = "\n".join(commands)
print(f"Mengkreasikan ulang {len(commands)} buah rule Mangle Bypass BGP Lokal...")
payload = {"script": script_code}
try:
res = session.post(f"{api_url}/execute", json=payload, timeout=30)
if res.status_code in (200, 201):
print("Berhasil! Mangle Router Dimensi-Dell telah disinkronisasi.")
else:
print(f"Gagalan saat inject mangle: {res.text}")
except Exception as e:
print(f"Error eksekusi: {e}")
if __name__ == "__main__":
update_mangle_rules()