neroxps/Support multiple wan port mapping

## Support multiple wan port mapping
# Support multiple wan port mapping
# 1. Configure the firewall and change the LAN address (192.168.2.2)
# 2. Add the update_wanip script.
# 3. Execute once a minute update_wanip

/ip firewall nat
add action=dst-nat chain=dstnat comment=https dst-port=1443 protocol=tcp to-addresses=192.168.2.2 to-ports=443
add action=dst-nat chain=dstnat comment="https loopback dnat" dst-address-list=wan-ip dst-port=1443 log-prefix=loopback protocol=tcp \
    src-address-list=lan-ip to-addresses=192.168.2.2 to-ports=443
# loopback needs masquerade
add action=masquerade chain=srcnat comment="https loopback masquerade" dst-address=192.168.2.2 dst-port=443 \
    protocol=tcp src-address-list=lan-ip
/ip firewall address-list
add address=192.168.2.0/16 list=lan-ip
# add update_wanip script
/system script
add dont-require-permissions=no name=update_wanip owner=admin policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
    local PPPOEINTERFACES [/interface pppoe-client print as-value]\r\
    \n:local LISTNAME \"wan-ip\"\r\
    \nif ([:len \$PPPOEINTERFACES] = 0) do={\r\
    \n    :error \"pppoe interface not found!\"\r\
    \n}\r\
    \n\r\
    \n# check ip in list\r\
    \n:local ifIpInList do={\r\
    \n    :local listname \$1;\r\
    \n    :local ipAddress \$2;\r\
    \n    :foreach id in=[/ip firewall address-list find where list=\$listname\
    ] do={\r\
    \n        :local listIpAddr [/ip firewall address-list get \$id address]\r\
    \n        if (\$ipAddress = \$listIpAddr) do={\r\
    \n            return true\r\
    \n        }\r\
    \n    }\r\
    \n    return false\r\
    \n}\r\
    \n\r\
    \n:for i from=0 to=([:len \$PPPOEINTERFACES] - 1) do={\r\
    \n    :local interfaceName (\$PPPOEINTERFACES->\$i->\"name\")\r\
    \n    :local currentIP [/ip address get  [find interface=\$interfaceName] \
    address]\r\
    \n    :set currentIP [:pick \$currentIP 0 [:find \$currentIP \"/\"]];\r\
    \n    if (! [\$ifIpInList \$LISTNAME \$currentIP]) do={\r\
    \n        :put \"Add interface:\$interfaceName ip:\$currentIP to address-l\
    ist:\$LISTNAME.\"\r\
    \n        # Interface address not in the list\r\
    \n        if ([:len [/ip firewall address-list find where ( comment=\$inte\
    rfaceName list=\$LISTNAME)]] = 0) do={\r\
    \n            :put \"add\"\r\
    \n            /ip firewall address-list add list=\$LISTNAME address=\$curr\
    entIP comment=\$interfaceName\r\
    \n        } else={\r\
    \n            :put \"set\"\r\
    \n            /ip firewall address-list set [ find list=\$LISTNAME comment\
    =\$interfaceName] address=\$currentIP \r\
    \n        }\r\
    \n    } else={\r\
    \n        :put \"No change in interface(\$interfaceName) address\"\r\
    \n    }\r\
    \n}"

# Execute once a minute update_wanip
/system scheduler
add interval=1m name=update_wanip on-event=update_wanip policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-time=startup
	# Support multiple wan port mapping
	# 1. Configure the firewall and change the LAN address (192.168.2.2)
	# 2. Add the update_wanip script.
	# 3. Execute once a minute update_wanip

	/ip firewall nat
	add action=dst-nat chain=dstnat comment=https dst-port=1443 protocol=tcp to-addresses=192.168.2.2 to-ports=443
	add action=dst-nat chain=dstnat comment="https loopback dnat" dst-address-list=wan-ip dst-port=1443 log-prefix=loopback protocol=tcp \
	src-address-list=lan-ip to-addresses=192.168.2.2 to-ports=443
	# loopback needs masquerade
	add action=masquerade chain=srcnat comment="https loopback masquerade" dst-address=192.168.2.2 dst-port=443 \
	protocol=tcp src-address-list=lan-ip
	/ip firewall address-list
	add address=192.168.2.0/16 list=lan-ip
	# add update_wanip script
	/system script
	add dont-require-permissions=no name=update_wanip owner=admin policy=\
	ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
	local PPPOEINTERFACES [/interface pppoe-client print as-value]\r\
	\n:local LISTNAME \"wan-ip\"\r\
	\nif ([:len \$PPPOEINTERFACES] = 0) do={\r\
	\n :error \"pppoe interface not found!\"\r\
	\n}\r\
	\n\r\
	\n# check ip in list\r\
	\n:local ifIpInList do={\r\
	\n :local listname \$1;\r\
	\n :local ipAddress \$2;\r\
	\n :foreach id in=[/ip firewall address-list find where list=\$listname\
	] do={\r\
	\n :local listIpAddr [/ip firewall address-list get \$id address]\r\
	\n if (\$ipAddress = \$listIpAddr) do={\r\
	\n return true\r\
	\n }\r\
	\n }\r\
	\n return false\r\
	\n}\r\
	\n\r\
	\n:for i from=0 to=([:len \$PPPOEINTERFACES] - 1) do={\r\
	\n :local interfaceName (\$PPPOEINTERFACES->\$i->\"name\")\r\
	\n :local currentIP [/ip address get [find interface=\$interfaceName] \
	address]\r\
	\n :set currentIP [:pick \$currentIP 0 [:find \$currentIP \"/\"]];\r\
	\n if (! [\$ifIpInList \$LISTNAME \$currentIP]) do={\r\
	\n :put \"Add interface:\$interfaceName ip:\$currentIP to address-l\
	ist:\$LISTNAME.\"\r\
	\n # Interface address not in the list\r\
	\n if ([:len [/ip firewall address-list find where ( comment=\$inte\
	rfaceName list=\$LISTNAME)]] = 0) do={\r\
	\n :put \"add\"\r\
	\n /ip firewall address-list add list=\$LISTNAME address=\$curr\
	entIP comment=\$interfaceName\r\
	\n } else={\r\
	\n :put \"set\"\r\
	\n /ip firewall address-list set [ find list=\$LISTNAME comment\
	=\$interfaceName] address=\$currentIP \r\
	\n }\r\
	\n } else={\r\
	\n :put \"No change in interface(\$interfaceName) address\"\r\
	\n }\r\
	\n}"

	# Execute once a minute update_wanip
	/system scheduler
	add interval=1m name=update_wanip on-event=update_wanip policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-time=startup