Mikrotik

How to find out which user plugged the cable into the LAN router?

Good idea. Maybe someone will need this interesting solution. There are 50 subscribers connected through simple unmanaged swichs. We have Mikrotik as a server. Everyone is given a static pool of dhcp addresses, correspondingly fixed poppy addresses. A problem arises when someone inadvertently confuses the wan ports with lan on the router. So, let's go a little off topic. With personal observations of this problem, I noticed such a nuance that 99.9% of routers of all manufacturers of poppy addresses of wan and lan ports differ in the last two, and from the beginning to the last two characters are the same. And I decided to write a script that will notify who exactly confused the ports.
we hang dhcp-client on the local interface of Mikrotik, so that from the inside our local interface receives an unauthorized ip by user error.

/ip dhcp-client add interface="Local" use-peer-dns="no" add-default-route="no" script="

and let's go..

:local tturlASH "https://api.telegram.org/botхххххххх:хххххххххх/sendmessage\?chat_id=хххххх&text=";
:local ttmessage "obnarujen DHCP ip na lokalke";
:local a;
:local dhcpgw;
:local arpall;
:local fmac;
:local macfound;
:local b;
:local g;
:local h;
:local i;
:local c;
:foreach a in=[/ip dhcp-client find interface=Local] do={:set dhcpgw [/ip dhcp-client get $a gateway];/ping $dhcpgw count=5};
:foreach arpall in=[/ip arp find where address=$dhcpgw] do={:set fmac [/ip arp get $arpall mac-address];:set fmac [:pick $fmac 0 ([:len $fmac]-2)]};

:foreach macfound in=[/ip dhcp-server lease find mac-address~"$fmac"] do={
/ip dhcp-server lease set $macfound comment="dhcpfound";
:foreach b in=[/ip dhcp-server lease find comment="dhcpfound"] do={
:set g [/ip dhcp-server lease get $b address];
:foreach h in=[/ip firewall address-list find address="$g"] do={
:if ($h != "") do={
:set i [/ip firewall address-list get $h comment];
/tool fetch url="$tturlASH $ttmessage %0A%0ADHCP SERVER IP  --->  $dhcpgw %0A%0AADDRESS LIST --->   $i%0A%0ACLIENT IP  --->   $g" keep-result=no;
} else={
:log warning message="ip not address list";
}
}
}

} else={:log warning message="not find mac-address in leases..."};

more about the functions -->
we are looking for everything that is in Local, we enter the gateway of the uninvited ip into the dhcpgw variable, then we ping, so that it is guaranteed that it will be dynamically displayed in arp.

:foreach a in=[/ip dhcp-client find interface=Local] do={:set dhcpgw [/ip dhcp-client get $a gateway];/ping $dhcpgw count=5};

then we find out we find out the poppy address and cut off the last two characters.

:foreach arpall in=[/ip arp find where address=$dhcpgw] do={:set fmac [/ip arp get $arpall mac-address];:set fmac [:pick $fmac 0 ([:len $fmac]-2)]};

then we look for matches in lease with the ~ parameter, since we have the last two characters cut off.
in the found result we enter a comment - dhcpfound, and extract from there the IP address of the user already. Q.E.D!

:foreach macfound in=[/ip dhcp-server lease find mac-address~"$fmac"] do={
/ip dhcp-server lease set $macfound comment="dhcpfound";
:set g [/ip dhcp-server lease get $b address];

but so fast...
then the script must find a match in the address-list for the found ip, in order to find the comment of the entry in which the user's initials are indicated, in order to prepare a report on telegram.
Please help me correct the mistakes I made. else={ commands don't work for me,
and I still can't figure out how to correctly compare data inside variables.
for example with the help of :if ($h != "") I would like to indicate that what if the poppy address is found, but the user in the address sheet is not found, and that if it is not found, you do not need to continue working the script, but it is necessary with the help of else={ to change the approach and search in the other direction, since some users are in the queue