First Commit

2025-08-12 23:01:13 -04:00 · 2025-08-12 23:01:13 -04:00 · 002764c29d
commit 002764c29d
142 changed files with 5061 additions and 0 deletions
--- a/9
+++ b/9
@ -0,0 +1,9 @@
 #!/bin/bash
 OUI_PREFIX="00:50:56"
 echo -e "\nOUI Prefix: $OUI_PREFIX"
 LAST_OCTETS=$(openssl rand -hex 3 | sed 's/\(..\)/\1:/g; s/.$//')
 echo -e "Generated MAC: ${OUI_PREFIX}:${LAST_OCTETS}"
--- a/24
+++ b/24
@ -0,0 +1,24 @@
 #!/bin/bash
 unset VPN;
 VPN=(
 'Real;~/Nextcloud2/guydev/network/wireguard/real/users/002-Guy.conf'
 'Ingt;~/Nextcloud2/guydev/network/wireguard/ingtegration/chateauguay/user/U-003-dana.conf'
 )
 unset Items;
 for Item in "${VPN[@]}"
 do
  echo -e "Item is: $Item"
  IFS=";" read -r Name Def <<< $Item
  echo -e "
  Name : $Name
  Def  : $Def
  "
  Items+="$Name\n"
 done
 echo -e "${Items[@]}"
--- a/addbridgevlan.sh
+++ b/addbridgevlan.sh
@ -0,0 +1,48 @@
 #!/bin/bash
 #
 # version 231012_1439
 #
 read -p "Enter VLAN Number (Ex: 16) : " VLAN
 read -p "Enter Device Name (Ex: enp5s0) : " DEV
 echo -e "
 VLAN   = $VLAN
 Device = $DEV
 "
 if [ "$(nmcli con |grep br${VLAN}|wc -l)" -eq "0" ]
 then
  echo -e "** Adding bridge br${VLAN}..."
  nmcli con add \
   type bridge \
   con-name br${VLAN} \
   ifname br${VLAN} \
   ipv4.method disabled \
   ipv6.method ignore \
   autoconnect yes
 else
  echo "** br${VLAN} found"
 fi
 echo -e "** Putting br${VLAN} in up state..."
 nmcli con up "br${VLAN}"
 echo -e "** Adding VLAN ${VLAN} to $DEV --> vlan-${DEV}.${VLAN} and then to br${VLAN}"
 nmcli con add \
  type vlan \
  con-name vlan-${DEV}.${VLAN} \
  ifname ${DEV}.${VLAN} \
  dev ${DEV} \
  id ${VLAN} \
  ipv4.method disabled  \
  ipv6.method ignore \
  master br${VLAN} \
  autoconnect yes 
 echo -e "\n** All done."
--- a/nettree.sh
+++ b/nettree.sh
@ -0,0 +1,141 @@
 #!/bin/bash
 #
 # https://github.com/AlexStragies/lsnetdev/blob/master/nettree.sh
 #
 DIRECTION="UP"
 UTF=""
 TREE=""
 GV=""
 which tree >/dev/null && TREE=1 || UTF=1
 function usage() {
   cat << USAGEEND
 The script prints network devices hierarchy as a tree view.
 Possible arguments:
  -u   prints tree bottom-up (default). Physical devices are roots of the tree.
  -d   prints tree top-down. Logical devices are roots of the tree.
  -s X connect to host X via SSH to query information
  -t   Use 'tree' to print the tree by constructing a tree in TMP (default).
  -G   Print GraphViz Syntax graph, node and edge definitions.
  -g   Print GraphViz Syntax node and edge definitions only.
  -l   use UTF8 characters (default, if 'tree' is not installed).
 USAGEEND
 }
 function print() {
   local indent="$1"; shift
   local firstrun=1; if [ "$1" = "1" ]; then firstrun=0; shift; fi
   while [ -n "$1" ]; do
     local D="${1# *}"
     [ "$firstrun" = 1 -a -n "${devicesup[$D]}" ] && shift && continue; 
     echo -n "$indent ┗━ $D";
     if [ -z "${devicesdown[$D]}" ]; then echo ; else
       echo " ━┓";
       print "$(echo \ \ $D\ \ \ | sed 's/./ /g')$indent" 1 ${devicesdown[$D]}
     fi 
     shift;
   done
 }
 function buildFolderTree() {
  local firstrun=1; if [ "$1" = 1 ]; then firstrun=0; shift; fi
  while [ -n "$1" ]; do
    local D=${1# *}
    [ "$firstrun" = 1 -a -n "${devicesup[$D]}" ] && shift && continue;
    mkdir $D
    if [ -n "${devicesdown[$D]}" ]; then
      cd $D;
      for P in ${devicesdown[$D]}; do buildFolderTree 1 "$P";done
      cd ..
    fi 
    shift;
  done
 }
 function addRelation() {
  local A="$1"
  local B="$2"
  local props="$3"
  [ "$DIRECTION" = "UP" ] && C="$A" && A="$B" && B="$C"
  conns["\"$A\" -- \"$B\""]="$props"
  devicesdown[$A]="${devicesdown[$A]} $B"
  devicesup[$B]="${devicesup[$B]} $A"
 }
 while [ ! -z "$1" ]; do
    case "$1" in
        -d) DIRECTION=DOWN               ;;
        -u) DIRECTION=UP                 ;;
        -t) GV="";GVNE="";TREE=1 ;UTF="" ;;
        -G) GV=1 ;GVNE=1 ;TREE="";UTF="" ;;
        -g) GV="";GVNE=1 ;TREE="";UTF="" ;;
        -l) GV="";GVNE="";TREE="";UTF=1  ;;
        -s) PFX="ssh -M $2"
            shift
            ;;
        -h) usage ; exit 0               ;;
         *) usage ; exit 1               ;;
   esac
   shift
 done
 declare -A devices
 declare -A devicesup
 declare -A devicesdown
 declare -A conns
 SCN="/sys/class/net/"
 for CDEV in $($PFX find /sys/class/net/ ! -name lo -type l |sort); do
  DCLASS="RJ45"
  NDEV=$(basename $CDEV)
  devices[$NDEV]=""
  $PFX readlink $CDEV | grep -q devices/virtual &&   DCLASS="virtual"
  $PFX [ -e $CDEV/bonding/  ]                   &&   DCLASS="bond"
  $PFX [ -e $CDEV/phy80211/ ]                   &&   DCLASS="wireless"
  $PFX [ -e $CDEV/dsa/      ]                   &&   DCLASS="dsa"
  $PFX [ -e $CDEV/bridge/   ]                   && { DCLASS="bridge"
    $PFX grep -q 1 $CDEV/bridge/vlan_filtering  &&   DCLASS="switch"
  }
  $PFX grep -q 512 $CDEV/type                   && { DCLASS="ppp"
    PNPP="/proc/net/pppoe"
    $PFX [ -e $PNPP ] && P=$($PFX cat $PNPP | awk 'NR==2{print $3}')
    [ -n "$P" ] && $PFX [ -e $SCN/$P ] && {
      addRelation "$NDEV" "$P" 'label="PPPoE"'
    }  
  }
  for LOW in $($PFX find $CDEV/ -name 'lower_*'); do
    LOW=${LOW#*_}
    addRelation "$NDEV" "$LOW" 'label=""' 
  done 
  devices[$NDEV]="label=\"${NDEV}\""
  devices[$NDEV]="${devices[$NDEV]}, class=\"${DCLASS}\""
 done
 [ -n "$GV" ] && {
  echo 'graph iftree {' 
 }
 [ -n "$GVNE" ] && {
  for iDEV in "${!devices[@]}"; do
    echo "  \"${iDEV}\"["${devices[$iDEV]}"];"
  done
  for conn in "${!conns[@]}"; do
    echo \ \ $conn[${conns[$conn]}]\;;
  done
 }
 [ -n "$GV" ] && { echo '}'; }
 if [ "$TREE" = "1" ]; then
  TMPD=$(mktemp -qd)
  cd $TMPD
  buildFolderTree "${!devices[@]}";
  tree --noreport * 
  find $TMPD -delete
 fi
 if [ "$UTF" = "1" ]; then
  print "" "${!devices[@]}" | colrm 1 4
 fi
--- a/wireguard/Gvpn
+++ b/wireguard/Gvpn
@ -0,0 +1,9 @@
 #!/bin/bash
 unset VPN;
 VPN={
 Real;~/Nextcloud2/guydev/network/wireguard/real/users/002-Guy.conf
 Ingt;~/Nextcloud2/guydev/network/wireguard/ingtegration/chateauguay/user/U-003-dana.conf
 }
--- a/wireguard/Test1/RB5009-WG1.cfg
+++ b/wireguard/Test1/RB5009-WG1.cfg
@ -0,0 +1,10 @@
 [RB5009-WG1]
 RtrInterface=WG1
 Rtr_Addr_Admin=10.1.8.99
 Rtr_Addr_Public=205.151.68.129
 Rrt_Port=13243
 Rtr_Addr_Private=10.1.4.254
 Rtr_CIDR_Mask=24
 Rtr_PUB_KEY=bTatsa66Ggasasa6666=
 Rtr_DNS=1.1.1.1,1.0.0.1
 Rtr_Route_Subnet=10.0.0.0/8
--- a/wireguard/Test1/U-001-marc.Peer.rsc
+++ b/wireguard/Test1/U-001-marc.Peer.rsc
@ -0,0 +1,3 @@
 /interface wireguard peers 
 add allowed-address=10.1.4.1/32 disabled=no name="marc" interface=WG1 \
 preshared-key="aeN5oZSTW//CPRuZaBj16GTwx7+ktpvph+thrFY/WQc=" public-key="ztXlaxlZWA4oZxSCaQsN/8RXqahEeF4BehMjfAFbLVk="
--- a/wireguard/Test1/U-001-marc.conf
+++ b/wireguard/Test1/U-001-marc.conf
@ -0,0 +1,13 @@
 [Interface]
 PrivateKey = 2OchuWPpq3g8dXCoo2uufnmU1dpcd8WfgS4/7vI7tUQ=
 ListenPort = 51821
 Address = 10.1.4.1/32
 DNS = 1.1.1.1,1.0.0.1
 [Peer]
 PublicKey = bTatsa66Ggasasa6666=
 PresharedKey = aeN5oZSTW//CPRuZaBj16GTwx7+ktpvph+thrFY/WQc=
 AllowedIPs = 10.0.0.0/8
 Endpoint = 205.151.68.129:13243
 PersistentKeepalive = 25
--- a/wireguard/Test1/U-001-marc.conf.png
+++ b/wireguard/Test1/U-001-marc.conf.png
--- a/wireguard/Test1/U-002-guy.Peer.rsc
+++ b/wireguard/Test1/U-002-guy.Peer.rsc
@ -0,0 +1,3 @@
 /interface wireguard peers 
 add allowed-address=10.1.4.2/32 disabled=no name="guy" interface=WG1 \
 preshared-key="JVdiKw9rvvz/HqTdHG6oxJBkduUe3r7DWgqDO0tHMkw=" public-key="eeYn9g9ayNJoEkYH4HrXFMcGDU0uUHLXF2ZopybCAFg="
--- a/wireguard/Test1/U-002-guy.conf
+++ b/wireguard/Test1/U-002-guy.conf
@ -0,0 +1,13 @@
 [Interface]
 PrivateKey = ABcaGRdchXN2+23PoSe8d7ojH4WhT4JEsZLRV3Jt1lo=
 ListenPort = 51821
 Address = 10.1.4.2/32
 DNS = 1.1.1.1,1.0.0.1
 [Peer]
 PublicKey = bTatsa66Ggasasa6666=
 PresharedKey = JVdiKw9rvvz/HqTdHG6oxJBkduUe3r7DWgqDO0tHMkw=
 AllowedIPs = 10.0.0.0/8
 Endpoint = 205.151.68.129:13243
 PersistentKeepalive = 25
--- a/wireguard/Test1/U-002-guy.conf.png
+++ b/wireguard/Test1/U-002-guy.conf.png
--- a/wireguard/WireguardManjaro/evoq/WG999-GB
+++ b/wireguard/WireguardManjaro/evoq/WG999-GB
@ -0,0 +1,3 @@
 [Interface]
 ListenPort = 13231
 PrivateKey = oIdmd/wFdL54lgkkThbIcDAeg9nKmS5wxH4fLBJbwEo=
--- a/wireguard/WireguardManjaro/evoq/privatekey
+++ b/wireguard/WireguardManjaro/evoq/privatekey
@ -0,0 +1 @@
 mCscj1wPL4+kGrDMAKY3Ek8drGvxcgOlfudGAq9j+Vo=
--- a/wireguard/WireguardManjaro/evoq/publickey
+++ b/wireguard/WireguardManjaro/evoq/publickey
@ -0,0 +1 @@
 pWs3b9kfSZ+Uvg7Q9tYT52Lqxh7OEbOhkzmvE0NT/GM=
--- a/wireguard/WireguardManjaro/exoc/rutgers/client_guy.txt
+++ b/wireguard/WireguardManjaro/exoc/rutgers/client_guy.txt
@ -0,0 +1 @@
 GPBSyPyU06/jsowN9ScTpXDkMAzrGxKB217gVWcSVng=
--- a/wireguard/WireguardManjaro/exoc/rutgers/client_guy_psk.txt
+++ b/wireguard/WireguardManjaro/exoc/rutgers/client_guy_psk.txt
@ -0,0 +1 @@
 +tJsNqiNzwJ7PCLRvF83olIffVq9FAWSvOlYC7wbUp0=
--- a/wireguard/WireguardManjaro/exoc/rutgers/client_guy_pub.txt
+++ b/wireguard/WireguardManjaro/exoc/rutgers/client_guy_pub.txt
@ -0,0 +1 @@
 rtbXn9kJ32AqTbOeNcQjWT31UW+508ENhP1+Whez5TQ=
--- a/wireguard/WireguardManjaro/exoc/rutgers/client_pascal.txt
+++ b/wireguard/WireguardManjaro/exoc/rutgers/client_pascal.txt
@ -0,0 +1 @@
 APeJ2lVKE90EUHsDO+bYC5OAnpeUATCeGZWDL9K0dVM=
--- a/wireguard/WireguardManjaro/exoc/rutgers/client_pascal_psk.txt
+++ b/wireguard/WireguardManjaro/exoc/rutgers/client_pascal_psk.txt
@ -0,0 +1 @@
 isW7BmJAwEq6B2PeDbG4sN8z/dg2zfuhuLdPQY3WovU=
--- a/wireguard/WireguardManjaro/exoc/rutgers/client_pascal_pub.txt
+++ b/wireguard/WireguardManjaro/exoc/rutgers/client_pascal_pub.txt
@ -0,0 +1 @@
 GkRup6bdiXqb8GOaytLBQ1tFcQJ+SEu+KgkQlR17oE4=
--- a/wireguard/WireguardManjaro/exoc/rutgers/wg01-guy.conf
+++ b/wireguard/WireguardManjaro/exoc/rutgers/wg01-guy.conf
@ -0,0 +1,10 @@
 [Interface]
 PrivateKey = GPBSyPyU06/jsowN9ScTpXDkMAzrGxKB217gVWcSVng=
 Address = 172.16.28.1/32
 DNS = 1.1.1.1,8.8.8.8
 [Peer]
 PublicKey = rtbXn9kJ32AqTbOeNcQjWT31UW+508ENhP1+Whez5TQ=
 PresharedKey = +tJsNqiNzwJ7PCLRvF83olIffVq9FAWSvOlYC7wbUp0=
 Endpoint = 172.16.24.1:13239
 AllowedIPs = 0.0.0.0/0,::/0
--- a/wireguard/WireguardManjaro/exoc/rutgers/wg02-pascal.conf
+++ b/wireguard/WireguardManjaro/exoc/rutgers/wg02-pascal.conf
@ -0,0 +1,10 @@
 [Interface]
 PrivateKey = APeJ2lVKE90EUHsDO+bYC5OAnpeUATCeGZWDL9K0dVM=
 Address = 172.16.28.2/32
 DNS = 1.1.1.1,8.8.8.8
 [Peer]
 PublicKey = 3ZnjnM9d/TL2MoNnEgNRlDztYEhHLNjb8EXai9utzCk=
 PresharedKey = isW7BmJAwEq6B2PeDbG4sN8z/dg2zfuhuLdPQY3WovU=
 Endpoint = 192.168.88.168:13239
 AllowedIPs = 0.0.0.0/0
--- a/wireguard/WireguardManjaro/exoc/rutgers/wireguard-rutgers.sh
+++ b/wireguard/WireguardManjaro/exoc/rutgers/wireguard-rutgers.sh
@ -0,0 +1,316 @@
 #!/bin/bash
 #=================== Environment ===============================================
 #
 ScriptName=$(basename "$0")
 SshUser=ansible
 #SshKey="/home/wireguard/.ssh/ansible_evoq_rsa"
 SshKey="/home/boig01/.ssh/ansible_evoq_rsa"
 #BaseDir="/home/wireguard"
 BaseDir="/dev/shm"
 CCR1=10.1.8.11
 CCR2=10.1.8.12
 Version=240222_1842
 CORP="EVOQ"
 TmpUserList=$(mktemp -p /dev/shm)
 # Wireguard For Routers
 RtrCCR1Int=WG-Routers
 RtrCCR1PubKey="9au45IDNJhHDNtN+LIpJDyMFTEYdN9WOSSHEJS8WRmw="
 RtrCCR1Prefix="10.1.32"
 RtrCCR1Address="10.1.32.254/24"
 RtrCCR1Port=13232
 WgRtrDir="${BaseDir}/routers"
 # Wireguard For Users
 UsrCCR1Int=WG-Users
 UsrCCR1PubKey="EsxauwYNBotyfDJzy9yCUXDci2gHbtZLhUWnMgMP0AY="
 UsrCCR1Prefix="10.1.33"
 UsrCCR1Address="10.1.33.254/24"
 UsrCCR1Port=13233
 WgUsrDir="${BaseDir}/users"
 YELLOW='\033[0;33m'
 GREEN='\033[0;32m'
 RED='\033[0;31m'
 BLUE='\033[0;34m'
 NC='\033[0m' 		# No Color
 # Create paths if not there
 [ ! -d "$WgRtrDir" ] && mkdir -p "${WgRtrDir}"
 [ ! -d "$WgUsrDir" ] && mkdir -p "${WgUsrDir}"
 #=================== function Info =============================================
 #
 # Avec date / time prefix
 #
 Info() { printf "${GREEN} %s ${NC} %s\n" "$( date +%F_%T )" "$*" >&2; }      # send to stderr
 #=================== function Message ==========================================
 #
 Message() { printf "${GREEN}%s ${NC}\n" "$*" ;}      # send to stderr
 #=================== function Help =============================================
 #
 function Help ()
 {
 echo -e "
 usage: $ScriptName [options]
  -l  List WireGuard clients on CCR1
  -h  This help
 "
 }
 #=================== function addCCR1 ==========================================
 #
 function addCCR1() {
 local Router="$1"	
 echo -e "\nAdding ${Router} Wireguard account to CCR1..."
 ssh -i ${SSHKey} ansible@${CCR1}  "/ppp secret add local-address=10.1.31.254 name=${Router} password=${L2TPPass} remote-address=${CCRSideIP} routes=\"${ip_Subnet} $CCRSideIP 1\" service=l2tp"
 if [ $? = 0 ]
 then
   echo "${Router} Wireguard account successfully added to CCR1"
 else
   echo "Failed to add ${Router} Wireguard account to CCR1"
 fi
 }
 #=================== function newClient =======================================
 #
 function newClient() {
        ENDPOINT="${SERVER_PUB_IP}:${SERVER_PORT}"
        echo ""
        echo "Tell me a name for the client."
        echo "The name must consist of alphanumeric character. It may also include an underscore or a dash and can't exceed 15 chars."
        until [[ ${CLIENT_NAME} =~ ^[a-zA-Z0-9_-]+$ && ${CLIENT_EXISTS} == '0' && ${#CLIENT_NAME} -lt 16 ]]; do
                read -rp "Client name: " -e CLIENT_NAME
                CLIENT_EXISTS=$(grep -c -E "^### Client ${CLIENT_NAME}\$" "$(pwd)/wireguard/${SERVER_WG_NIC}/${SERVER_WG_NIC}.conf")
                if [[ ${CLIENT_EXISTS} == '1' ]]; then
                        echo ""
                        echo "A client with the specified name was already created, please choose another name."
                        echo ""
                fi
        done
        for DOT_IP in {2..254}; do
                DOT_EXISTS=$(grep -c "${SERVER_WG_IPV4::-1}${DOT_IP}" "$(pwd)/wireguard/${SERVER_WG_NIC}/${SERVER_WG_NIC}.conf")
                if [[ ${DOT_EXISTS} == '0' ]]; then
                        break
                fi
        done
        if [[ ${DOT_EXISTS} == '1' ]]; then
                echo ""
                echo "The subnet configured supports only 253 clients."
                exit 99
        fi
        BASE_IP=$(echo "$SERVER_WG_IPV4" | awk -F '.' '{ print $1"."$2"."$3 }')
        until [[ ${IPV4_EXISTS} == '0' ]]; do
                read -rp "Client's WireGuard IPv4: ${BASE_IP}." -e -i "${DOT_IP}" DOT_IP
                CLIENT_WG_IPV4="${BASE_IP}.${DOT_IP}"
                IPV4_EXISTS=$(grep -c "$CLIENT_WG_IPV4/24" "$(pwd)/wireguard/${SERVER_WG_NIC}/${SERVER_WG_NIC}.conf")
                if [[ ${IPV4_EXISTS} == '1' ]]; then
                        echo ""
                        echo "A client with the specified IPv4 was already created, please choose another IPv4."
                        echo ""
                fi
        done
        BASE_IP=$(echo "$SERVER_WG_IPV6" | awk -F '::' '{ print $1 }')
        until [[ ${IPV6_EXISTS} == '0' ]]; do
                read -rp "Client's WireGuard IPv6: ${BASE_IP}::" -e -i "${DOT_IP}" DOT_IP
                CLIENT_WG_IPV6="${BASE_IP}::${DOT_IP}"
                IPV6_EXISTS=$(grep -c "${CLIENT_WG_IPV6}/64" "$(pwd)/wireguard/${SERVER_WG_NIC}/${SERVER_WG_NIC}.conf")
                if [[ ${IPV6_EXISTS} == '1' ]]; then
                        echo ""
                        echo "A client with the specified IPv6 was already created, please choose another IPv6."
                        echo ""
                fi
        done
        # Generate key pair for the client
        CLIENT_PRIV_KEY=$(wg genkey)
        CLIENT_PUB_KEY=$(echo "${CLIENT_PRIV_KEY}" | wg pubkey)
        CLIENT_PRE_SHARED_KEY=$(wg genpsk)
    mkdir -p "$(pwd)/wireguard/${SERVER_WG_NIC}/client/${CLIENT_NAME}" >/dev/null 2>&1
        HOME_DIR="$(pwd)/wireguard/${SERVER_WG_NIC}/client/${CLIENT_NAME}"
        # Create client file and add the server as a peer
        echo "[Interface]
 PrivateKey = ${CLIENT_PRIV_KEY}
 Address = ${CLIENT_WG_IPV4}/32,${CLIENT_WG_IPV6}/128
 DNS = ${CLIENT_DNS_1},${CLIENT_DNS_2}
 [Peer]
 PublicKey = ${SERVER_PUB_KEY}
 PresharedKey = ${CLIENT_PRE_SHARED_KEY}
 Endpoint = ${ENDPOINT}
 AllowedIPs = 0.0.0.0/0,::/0" >>"${HOME_DIR}/${SERVER_WG_NIC}-client-${CLIENT_NAME}.conf"
    # Add the client as a peer to the MikroTik (to client folder)
    echo "# WireGuard client peer configure
 /interface wireguard peers
 add allowed-address=${CLIENT_WG_IPV4}/32 comment=\\
    ${SERVER_WG_NIC}-client-${CLIENT_NAME} interface=${SERVER_WG_NIC} \\
    preshared-key=\"${CLIENT_PRE_SHARED_KEY}\" public-key=\\
    \"${CLIENT_PUB_KEY}\"
    " >"${HOME_DIR}/mikrotik-peer-${SERVER_WG_NIC}-client-${CLIENT_NAME}.rsc"
    # Add the client as a peer to the MikroTik
    echo "# WireGuard client peer configure
 /interface wireguard peers
 add allowed-address=${CLIENT_WG_IPV4}/32 comment=\\
    ${SERVER_WG_NIC}-client-${CLIENT_NAME} interface=${SERVER_WG_NIC} \\
    preshared-key=\"${CLIENT_PRE_SHARED_KEY}\" public-key=\\
    \"${CLIENT_PUB_KEY}\"
    " >> "$(pwd)/wireguard/${SERVER_WG_NIC}/mikrotik/${SERVER_WG_NIC}.rsc"
        # Add the client as a peer to the server
        echo -e "\n### Client ${CLIENT_NAME}
 [Peer]
 PublicKey = ${CLIENT_PUB_KEY}
 PresharedKey = ${CLIENT_PRE_SHARED_KEY}
 AllowedIPs = ${CLIENT_WG_IPV4}/32,${CLIENT_WG_IPV6}/128" >>"$(pwd)/wireguard/${SERVER_WG_NIC}/${SERVER_WG_NIC}.conf"
        echo -e "\nHere is your client config file as a QR Code:"
        qrencode -t ansiutf8 -l L <"${HOME_DIR}/${SERVER_WG_NIC}-client-${CLIENT_NAME}.conf"
    qrencode -l L -s 6 -d 225 -o "${HOME_DIR}/${SERVER_WG_NIC}-client-${CLIENT_NAME}.png" <"${HOME_DIR}/${SERVER_WG_NIC}-client-${CLIENT_NAME}.conf"
        echo -e "${INFO} Config available in ${HOME_DIR}/${SERVER_WG_NIC}-client-${CLIENT_NAME}.conf"
    echo -e "${INFO} QR is also available in ${HOME_DIR}/${SERVER_WG_NIC}-client-${CLIENT_NAME}.png"
        echo -e "${INFO} MikroTik peer config available in ${HOME_DIR}/mikrotik-${SERVER_WG_NIC}-client-${CLIENT_NAME}.rsc"
 }
 #=================== function manageMenu ======================================
 #
 function manageMenu() {
        echo ""
        echo "It looks like this WireGuard interface is already."
        echo ""
        echo "What do you want to do?"
        echo "   1) Add a new client"
        echo "   2) Exit"
        until [[ ${MENU_OPTION} =~ ^[1-4]$ ]]; do
                read -rp "Select an option [1-2]: " MENU_OPTION
        done
        case "${MENU_OPTION}" in
        1)
                newClient
                ;;
        2)
                exit 0
                ;;
        esac
 }
 #=================== function listConfs =======================================
 #
 function listConfs() {
        local directory
        directory="$(pwd)/wireguard"
        if [ -d "${directory}" ]; then
                echo "List of existing configurations:"
                i=1
                for folder in "${directory}"/*/; do
                        local users count folder_name
                        users="${folder}/client/"
                        count=$(find "$users" -maxdepth 1 -mindepth 1 -type d 2>/dev/null | wc -l)
                        folder_name=$(basename "${folder}")
                        echo "${i}. ${folder_name} [${count} user(s)]"
                        ((i++))
                done
        fi
        echo ""
 }
 #=================== function listCCR1 =========================================
 #
 # Filter 1: enlever les ";" et remplacer ^m par LF
 # Filter 2: Grouper 2 lignes consecutives
 # Filter 3: Print field #4 et #3
 #
 function ListCCR() {
 Message "User List"
 ssh -i $SshKey ${SshUser}@${CCR1} "/interface/wireguard/peers/print proplist=comment,interface" \
 | grep User | tr -d ";"  | sed -e "s/\r//g" \
 | awk 'NR%2 {printf("%s ", $0); next} {print $0}' \
 | awk '{print $4, $3}' | tee ${TmpUserList}
 LastEntry=$(cat ${TmpUserList} | sort -r | head -1 | awk '{ print $1 }')
 NextEntry=$(($LastEntry+1))
 echo -e "
 Last Entry = $LastEntry
 Next Entry = $NextEntry
 "
 }
 #=================== MAIN =====================================================
 #
 echo -e "\nWireGuard-MikroTik ${BLUE}${CORP}${NC} configurator\n"
 ((!$#)) && Help && exit
 while getopts cfhl option
 do
 case "${option}" in
    c) BoolCreate=1 ;;
    f) VarFileLog=1;;
    h) Help
       exit 0;;
 	l) ListCCR ;;
    *) Help
       exit 1;;
 esac
 done
 rm -f ${TmpUserList}
 exit
 #? Check for root, OS, WireGuard
 installCheck
 listConfs
 #? Check server exist
 serverName
 #? Check if WireGuard is already installed and load params
 if [[ -e $(pwd)/wireguard/${SERVER_WG_NIC}/params ]]; then
        # shellcheck source=/dev/null
        source "$(pwd)/wireguard/${SERVER_WG_NIC}/params"
        manageMenu
 else
        newInterface
 fi
--- a/wireguard/\
+++ b/wireguard/\
@ -0,0 +1,3 @@
 /ip address add address=172.14.40.004/32 comment=WG-CTG interface=wg-ctg
 /interface wireguard peers add allowed-address=172.16.254.004/32 client-keepalive=10 disabled=no comment="2" \
 interface=WG-Devices preshared-key="efrLuDEVeDNpj13qlIqbjCiKlPVxE8T+hLt+2gQHF40=" public-key="lRlZ5uUBQsCH4G259f+q2yKAH4rxc2y+KHDlHaksmwo="
--- a/wireguard/alain/RB4011.cfg
+++ b/wireguard/alain/RB4011.cfg
@ -0,0 +1,8 @@
 [WG3]
 Rtr_Addr_Admin=172.16.1.1
 Rtr_Addr_Public=ingt.dyndns.org
 Rrt_Port=14322
 Rtr_Addr_Private=172.16.253.254
 Rtr_CIDR_Mask=24
 Rtr_PUB_KEY=vH29JWx4oamEfJFSOGQspPtHmMuLY1lC5jiFsgu6hio=
--- a/wireguard/alain/U-001-zbook.Peer.rsc
+++ b/wireguard/alain/U-001-zbook.Peer.rsc
@ -0,0 +1,3 @@
 /interface wireguard peers 
 add allowed-address=172.16.253.1/32 disabled=no name="zbook" interface=WG3 \
 preshared-key="phF3M7QpL+jrxsVZ3guV+SRGFohoTdiNjX/VntDJMS8=" public-key="LzC8W/ChD8Iq7kDJ7F796WRzqPSI30bAKbnJraZ59gE="
--- a/wireguard/alain/U-001-zbook.conf
+++ b/wireguard/alain/U-001-zbook.conf
@ -0,0 +1,13 @@
 [Interface]
 PrivateKey = 2J4fFcuD/cuhk8FcO9iqTfDdhsZADR6/qxFbL00DF3M=
 ListenPort = 51821
 Address = 172.16.253.1/32
 DNS = 1.1.1.1,8.8.8.8
 [Peer]
 PublicKey = vH29JWx4oamEfJFSOGQspPtHmMuLY1lC5jiFsgu6hio=
 PresharedKey = phF3M7QpL+jrxsVZ3guV+SRGFohoTdiNjX/VntDJMS8=
 AllowedIPs = 0.0.0.0/0
 Endpoint = ingt.dyndns.org:14322
 PersistentKeepalive = 25
--- a/wireguard/alain/U-001-zbook.conf.png
+++ b/wireguard/alain/U-001-zbook.conf.png
--- a/wireguard/autowg.sh
+++ b/wireguard/autowg.sh
@ -0,0 +1,136 @@
 #!/bin/bash
 #
 # AUTOWG written by Hamdi KADRI 
 # APACHE LICENSE version 2.0 applies
 # This script is intended to create configurations for 
 # a point-to-point Wireguard connection between a server
 # and a client (/30 network)
 #
 # Step zero: declare configurations as variables
 servercfg="[Interface]
 Address = <serverwgIP>
 SaveConfig = true
 ListenPort = <port>
 PrivateKey = <server-privatekey>
 [Peer]
 PublicKey = <client-pubkey>
 PresharedKey = <psk>
 AllowedIPs = <clientwgIP>"
 clientcfg="[Interface]
 PrivateKey = <client-privatekey>
 Address = <clientwgIP> <dnsconfiguration>
 [Peer]
 PublicKey = <server-pubkey>
 PresharedKey = <psk>
 AllowedIPs = <clientwgIP>
 EndPoint = <serverIP>:<port>
 PersistentKeepalive = 20"
 postcfg="[Interface]
 Address = <serverwgIP>
 SaveConfig = true
 ListenPort = <port>
 PrivateKey = <server-privatekey>
 PostUp = iptables -A FORWARD -i <wgintname> -j ACCEPT
 PostUp = iptables -t nat -A POSTROUTING -o <srvinternetintname> -j MASQUERADE
 PostDown = iptables -D FORWARD -i <wgintname> -j ACCEPT
 PostDown = iptables -t nat -D POSTROUTING -o <srvinternetintname> -j MASQUERADE
 [Peer]
 PublicKey = <client-pubkey>
 PresharedKey = <psk>
 AllowedIPs = <clientwgIP>
 "
 # Step one: ask for some parameters (as an assistant)
 # We need: point-to-point IPs, Server IP, port
 echo "AutoWG requires some informations before generating your config"
 echo "Please provide the next parameters."
 echo "This script will not check if the IPs and netmask are valid!"
 echo "Press Enter to continue.."
 echo
 read
 read -p "Server IP for the Wireguard interface: " serverwgIP
 read -p "Client IP for the Wireguard interface: " clientwgIP
 read -p "Network Mask (in CIDR) for both server and client WG interfaces (example: /30): " netmask
 read -p "Server Public IP address: " serverIP 
 read -p "Network Port for Wireguard communication: " port
 read -p "Wireguard interface name? (for example wg0): " wgintname
 read -p "Route all traffic to server via Wireguard? [y/N]: " internetaccess
 if [[ "$internetaccess" =~ ^([yY][eE][sS]|[yY])$ ]]
 then
 	clientcfg=$(echo "$clientcfg" | sed "s|AllowedIPs = <clientwgIP>|AllowedIPs = 0.0.0.0/0|g" )
 	read -p "Which server interface has internet access? " srvinternetintname
    servercfg=$(echo "$postcfg" | sed "s|<wgintname>|${wgintname}|g" | sed "s|<srvinternetintname>|${srvinternetintname}|g" )
 	echo
    RED='\033[0;31m'
    NC='\033[0m' # No Color
    printf "${RED}IMPORTANT:${NC} You need to enable IP Forwarding on the server\n"
    echo "On Linux servers, uncomment the line \"net.ipv4.ip_forward=1\" in /etc/sysctl.conf"
    echo "then run \"sysctl -p\""
 	echo 
 	#### Experimental DNS support ####
 	read -p "Push DNS servers to client? [y/N]: " dns
 	if [[ "$dns" =~ ^([yY][eE][sS]|[yY])$ ]]
 	then
 	    read -p "Enter dns servers IPs separated by spaces: " dnsservers
 	    dnscfg="\nDNS = $dnsservers"
 	    clientcfg=$(echo "$clientcfg" | sed "s|<dnsconfiguration>|$dnscfg|g" )
 	else
 		clientcfg=$(echo "$clientcfg" | sed "s|<dnsconfiguration>||g" )
 	fi
 	##################################
 else 
 	clientcfg=$(echo "$clientcfg" | sed "s|<dnsconfiguration>||g" )
 fi
 # Step two: generate keypairs
 ## Generate keypairs for machine 1 (client)
 client_prvkey=$(wg genkey)
 client_pubkey=$(echo $client_prvkey | wg pubkey)
 ## Generate keypairs for machine 2 (server)
 server_prvkey=$(wg genkey)
 server_pubkey=$(echo $server_prvkey | wg pubkey)
 # New : generate PSK
 psk=$(wg genpsk)
 # Step three: generate configuration
 serverconf=$(echo "$servercfg" | sed "s|<serverwgIP>|${serverwgIP}${netmask}|g" | \
 	sed "s|<port>|${port}|g" | sed "s|<server-privatekey>|${server_prvkey}|g" |\
 	sed "s|<client-pubkey>|${client_pubkey}|g" | sed "s|<clientwgIP>|${clientwgIP}|g" |\
 	sed "s|<psk>|${psk}|g" )
 clientconf=$(echo "$clientcfg" | sed "s|<client-privatekey>|${client_prvkey}|g" | \
 	sed "s|<clientwgIP>|${clientwgIP}${netmask}|g" | sed "s|<server-pubkey>|${server_pubkey}|g" | \
 	sed "s|<serverIP>|${serverIP}|g" | sed "s|<port>|${port}|g" | sed "s|<psk>|${psk}|g" )
 # Step four: display configuration for machine 1 (client)
 echo 
 echo "** Client Side /etc/wireguard/${wgintname}.conf **"
 echo "$clientconf"
 echo
 # Step five: display configuration for machine 2 (server)
 echo 
 echo "** Server Side /etc/wireguard/${wgintname}.conf **"
 echo "$serverconf"
 echo
 # Step Seven: Saving to a text file 
 #
 echo "** Client Side /etc/wireguard/${wgintname}.conf **" > wireguard-conf.txt
 echo "$clientconf" >> wireguard-conf.txt
 echo  >> wireguard-conf.txt
 echo "** Server Side /etc/wireguard/${wgintname}.conf **" >> wireguard-conf.txt
 echo "$serverconf" >> wireguard-conf.txt
 echo >> wireguard-conf.txt
--- a/wireguard/cccp/users/001-Real.CCR1.rsc
+++ b/wireguard/cccp/users/001-Real.CCR1.rsc
@ -0,0 +1,3 @@
 /interface wireguard peers 
 add allowed-address=10.8.38.1/32 disabled=no comment="User Real" interface=wg1 \
 preshared-key="3v+2iZ8UNS6YHKYc55fVgI77wtfRO0JCa4X2bIc34e4=" public-key="T8N9Zdy4JiStBIJI00T9fkIx6KzatLkQ/WXQUDe7QDU="
--- a/wireguard/cccp/users/001-Real.conf
+++ b/wireguard/cccp/users/001-Real.conf
@ -0,0 +1,13 @@
 [Interface]
 PrivateKey = IFR3761g8AM2F1ICp+hP9TyudinHHXio0BvPFUOa/3o=
 ListenPort = 51821
 Address = 10.8.38.1/32
 DNS = 10.8.38.1,1.1.1.1
 [Peer]
 PublicKey = ywl8GMIFJZlElELbvIPHEzs8/T5VaF9+gaq17JaXThE=
 PresharedKey = 3v+2iZ8UNS6YHKYc55fVgI77wtfRO0JCa4X2bIc34e4=
 AllowedIPs = 10.8.0.0/16
 Endpoint = 199.168.223.11:13233
 PersistentKeepalive = 25
--- a/wireguard/cccp/users/002-Ariel.CCR1.rsc
+++ b/wireguard/cccp/users/002-Ariel.CCR1.rsc
@ -0,0 +1,3 @@
 /interface wireguard peers 
 add allowed-address=10.8.38.2/32 disabled=no comment="User Ariel" interface=wg1 \
 preshared-key="cHKDiUAezRuelDtTkbA9pNwzX3kwM7hhG6XB2/MWrkY=" public-key="mQcmO5hLoAXNA3KeF+iXydsZuDg+nkbYNsogvJ32mVs="
--- a/wireguard/cccp/users/002-Ariel.conf
+++ b/wireguard/cccp/users/002-Ariel.conf
@ -0,0 +1,13 @@
 [Interface]
 PrivateKey = wL/hWyRZtifMLVEgPc31VMmG1+7EYbm5wJI5uxbF+34=
 ListenPort = 51821
 Address = 10.8.38.2/32
 DNS = 10.8.38.1,1.1.1.1
 [Peer]
 PublicKey = zHfHRbQs+3WH9GHBEH7dsh8J0xxLkP2OxWJASV+VWlw=
 PresharedKey = cHKDiUAezRuelDtTkbA9pNwzX3kwM7hhG6XB2/MWrkY=
 AllowedIPs = 10.8.0.0/16
 Endpoint = 199.168.223.11:13233
 PersistentKeepalive = 25
--- a/wireguard/cccp/users/003-Guy.CCR1.rsc
+++ b/wireguard/cccp/users/003-Guy.CCR1.rsc
@ -0,0 +1,3 @@
 /interface wireguard peers 
 add allowed-address=10.8.38.3/32 disabled=no comment="User Guy" interface=wg1 \
 preshared-key="wF6cwKPq7Yu9tifDy1zPYZ4t+GGXsh6QaJiKwhoYPVA=" public-key="W+1qr4Un3+u0i9bNmItllu3FrY49+NNX9aQfYmVkm1Q="
--- a/wireguard/cccp/users/003-Guy.conf
+++ b/wireguard/cccp/users/003-Guy.conf
@ -0,0 +1,13 @@
 [Interface]
 PrivateKey = 2FvyrN30+4CHTmeJInGRcILPCCVovO1hiYL5+qvYp3M=
 ListenPort = 51821
 Address = 10.8.38.3/32
 DNS = 10.8.38.254,1.1.1.1
 [Peer]
 PublicKey = ywl8GMIFJZlElELbvIPHEzs8/T5VaF9+gaq17JaXThE=
 PresharedKey = wF6cwKPq7Yu9tifDy1zPYZ4t+GGXsh6QaJiKwhoYPVA=
 AllowedIPs = 10.8.0.0/16
 Endpoint = 199.168.223.11:13233
 PersistentKeepalive = 25
--- a/wireguard/chums/YvesDugas/001-U-pcyves.Peer.rsc
+++ b/wireguard/chums/YvesDugas/001-U-pcyves.Peer.rsc
@ -0,0 +1,3 @@
 /interface wireguard peers 
 add allowed-address=192.168.61.1/32 disabled=no name="pcyves" interface=WG01 \
 preshared-key="K/C9aXn6DJqjN0nHCygojPjY+B40S6EWKGAQRoo05O4=" public-key="IaUPgaro0xZSL5EFrOSttqScvN6GdwzJtV8YgmRAQzM="
--- a/wireguard/chums/YvesDugas/001-U-pcyves.conf
+++ b/wireguard/chums/YvesDugas/001-U-pcyves.conf
@ -0,0 +1,13 @@
 [Interface]
 PrivateKey = IGvOgupuIXaVgyLbboX4ASg2syfGuMxZnBb5vPpdu0E=
 ListenPort = 51821
 Address = 192.168.61.1/32
 DNS = 1.1.1.1,8.8.8.8
 [Peer]
 PublicKey = /cMmECzL5y6qwn7t0b9jybw3rlo+M71eKqfbm0JgshE=
 PresharedKey = K/C9aXn6DJqjN0nHCygojPjY+B40S6EWKGAQRoo05O4=
 AllowedIPs = 0.0.0.0/0
 Endpoint = 65.94.149.174:14233
 PersistentKeepalive = 25
--- a/wireguard/chums/YvesDugas/001-U-pcyves.conf.png
+++ b/wireguard/chums/YvesDugas/001-U-pcyves.conf.png
--- a/wireguard/chums/YvesDugas/hAP-AC2.cfg
+++ b/wireguard/chums/YvesDugas/hAP-AC2.cfg
@ -0,0 +1,7 @@
 [hAP-AC2]
 Rtr_Addr_Public=beec0baa227b.sn.mynetname.net
 Rrt_Port=14233
 Rtr_Interface=WG01
 Rtr_Addr_Private=192.168.61.254
 Rtr_CIDR_Mask=24
 Rtr_PUB_KEY=/cMmECzL5y6qwn7t0b9jybw3rlo+M71eKqfbm0JgshE=
--- a/wireguard/device
+++ b/wireguard/device
@ -0,0 +1,3 @@
 /ip address add address=172.14.40.004/32 comment=WG-CTG interface=wg-ctg
 /interface wireguard peers add allowed-address=172.16.254.004/32 client-keepalive=10 disabled=no comment="2" \
 interface=WG-Devices preshared-key="efrLuDEVeDNpj13qlIqbjCiKlPVxE8T+hLt+2gQHF40=" public-key="lRlZ5uUBQsCH4G259f+q2yKAH4rxc2y+KHDlHaksmwo="
--- a/wireguard/evoq/CCR1016.cfg
+++ b/wireguard/evoq/CCR1016.cfg
@ -0,0 +1,8 @@
 [CCR1016]
 RtrInterface=WG-Users
 Rtr_Addr_Admin=10.1.8.11
 Rtr_Addr_Public=66.171.167.250
 Rrt_Port=13233
 Rtr_Addr_Private=10.1.40.254
 Rtr_CIDR_Mask=24
 Rtr_PUB_KEY=EsxauwYNBotyfDJzy9yCUXDci2gHbtZLhUWnMgMP0AY=
--- a/wireguard/evoq/DaveOuellette.conf
+++ b/wireguard/evoq/DaveOuellette.conf
@ -0,0 +1,11 @@
 [Interface]
 PrivateKey = 6JSOiUqqTtgU0dH7/4dKKHNXcRfEHk5G+ZC16fc8RmI=
 Address = 10.1.40.2/32
 DNS = 10.1.3.40,10.1.3.41
 [Peer]
 PublicKey = EsxauwYNBotyfDJzy9yCUXDci2gHbtZLhUWnMgMP0AY=
 PresharedKey = x1gubMKEhdOXaqMC82KJxy++d8iuKkbodG4UkCeg0Rc=
 Endpoint = 66.171.167.250:13233
 AllowedIPs = 10.0.0.0/8,192.168.0.0/24
--- a/wireguard/evoq/DaveOuellette_CCR.rsc
+++ b/wireguard/evoq/DaveOuellette_CCR.rsc
@ -0,0 +1,4 @@
 CCR:
 ---------------------------------------------------------
 /interface wireguard peers add allowed-address=10.1.33.2/32 client-keepalive=10 disabled=no comment="User DaveOuellette" interface=WG-Users    preshared-key="x1gubMKEhdOXaqMC82KJxy++d8iuKkbodG4UkCeg0Rc=" public-key="llensH2ENL4I7fSlo/iOZxP/e1SVf5ODSNvDjjLZ5CQ="
--- a/wireguard/evoq/EVOQ-MTL.conf
+++ b/wireguard/evoq/EVOQ-MTL.conf
@ -0,0 +1,13 @@
 [Interface]
 PrivateKey = 2JJoQbCWzka6elz1nCPsfbW9iIo8FM5QPoZO5d3weVY=
 ListenPort = 51821
 Address = 10.1.40.250/32
 DNS = 1.1.1.1,8.8.8.8
 [Peer]
 PublicKey = EsxauwYNBotyfDJzy9yCUXDci2gHbtZLhUWnMgMP0AY=
 PresharedKey = sp9C00rnlbjza6Ny6Lcw2b5fBkDULYd1LoLuoRzmFjk=
 AllowedIPs = 10.0.0.0/8
 Endpoint = 66.171.167.250:13233
 PersistentKeepalive = 25
--- a/wireguard/evoq/EricStein.conf
+++ b/wireguard/evoq/EricStein.conf
@ -0,0 +1,10 @@
 [Interface]
 PrivateKey = kC7DaHcEfQ7KsJVBaWjG8XE/UL60GNjRsHOC/baNBGU=
 Address = 10.1.40.4/32
 DNS = 10.1.3.40,10.1.3.41
 [Peer]
 PublicKey = DrI1g15KlMdLaqNn+PlVbl1kZo6jV9QDlJ1M8gy/m0g=
 PresharedKey = owl5S2bH9zeL0J0xjNgZ1Y0mb8lPFEjldwTTkNo0CrY=
 Endpoint = 66.171.167.250:13233
 AllowedIPs = 10.0.0.0/8,192.168.0.0/24
--- a/wireguard/evoq/EricStein_CCR.rsc
+++ b/wireguard/evoq/EricStein_CCR.rsc
@ -0,0 +1,3 @@
 /interface wireguard peers add allowed-address=10.1.40.4/32 client-keepalive=10 disabled=no comment="User EricStein" interface=WG-Users \
   preshared-key="owl5S2bH9zeL0J0xjNgZ1Y0mb8lPFEjldwTTkNo0CrY=" public-key="DrI1g15KlMdLaqNn+PlVbl1kZo6jV9QDlJ1M8gy/m0g="
--- a/wireguard/evoq/GuyBoisvert.conf
+++ b/wireguard/evoq/GuyBoisvert.conf
@ -0,0 +1,12 @@
 [Interface]
 ListenPort = 51821
 PrivateKey = IM73gYzzN3riY1KaqBAGoIyldE7a7KS6QLoaDKd/G3E=
 Address = 10.1.40.3/32
 DNS = 10.1.3.40,10.1.3.41
 [Peer]
 PublicKey = EsxauwYNBotyfDJzy9yCUXDci2gHbtZLhUWnMgMP0AY=
 PresharedKey = em/aPlSnK78xQMABuaz7GEQ1+7FXFXE+lIoYGbZ9tRs=
 Endpoint = 66.171.167.250:13233
 AllowedIPs = 10.0.0.0/8,192.168.0.0/24
 PersistentKeepalive = 25
--- a/wireguard/evoq/GuyBoisvert_CCR.rsc
+++ b/wireguard/evoq/GuyBoisvert_CCR.rsc
@ -0,0 +1,4 @@
 CCR:
 ---------------------------------------------------------
 /interface wireguard peers add allowed-address=10.1.33.3/32 client-keepalive=10 disabled=no comment="User GuyBoisvert" interface=WG-Users    preshared-key="em/aPlSnK78xQMABuaz7GEQ1+7FXFXE+lIoYGbZ9tRs=" public-key="8m7W2+rhGtVKI603JoN7fKvP2Pr5FlvtxYOgVk8AFRg="
--- a/wireguard/evoq/SteveQuirion.conf
+++ b/wireguard/evoq/SteveQuirion.conf
@ -0,0 +1,13 @@
 Client:
 ---------------------------------------------------------
 [Interface]
 PrivateKey = OKQeBlkw7aoxtGfTlxVJpbRJqXwEzz38dk2gFShMHmI=
 Address = 10.1.40.1/32
 DNS = 10.1.3.40,10.1.3.41
 [Peer]
 PublicKey = EsxauwYNBotyfDJzy9yCUXDci2gHbtZLhUWnMgMP0AY=
 PresharedKey = Va8qOJXqvb8GaNCLUf3yzoGYX2+wZZkKHe/d4i+/Rhs=
 Endpoint = 66.171.167.250:13233
 AllowedIPs = 10.0.0.0/8,192.168.0.0/24
--- a/wireguard/evoq/SteveQuirion_CCR.rsc
+++ b/wireguard/evoq/SteveQuirion_CCR.rsc
@ -0,0 +1,4 @@
 CCR:
 ---------------------------------------------------------
 /interface wireguard peers add allowed-address=10.1.33.1/32 client-keepalive=10 disabled=no comment="User SteveQuirion" interface=WG-Users    preshared-key="Va8qOJXqvb8GaNCLUf3yzoGYX2+wZZkKHe/d4i+/Rhs=" public-key="PK9tjXmc7L9GrjHYZNp/ED+HFZdzfHNe+L7ZRfrBQUw="
--- a/wireguard/evoq/U-250-guy.Peer.rsc
+++ b/wireguard/evoq/U-250-guy.Peer.rsc
@ -0,0 +1,3 @@
 /interface wireguard peers 
 add allowed-address=10.1.40.250/32 disabled=no name="guy" interface=WG-Users \
 preshared-key="sp9C00rnlbjza6Ny6Lcw2b5fBkDULYd1LoLuoRzmFjk=" public-key="KxI3ddeMCT8F9LSq0r49e5xnylMbc4ofKZPaz2foOT0="
--- a/wireguard/evoq/U-250-guy.conf
+++ b/wireguard/evoq/U-250-guy.conf
@ -0,0 +1,13 @@
 [Interface]
 PrivateKey = 2JJoQbCWzka6elz1nCPsfbW9iIo8FM5QPoZO5d3weVY=
 ListenPort = 51821
 Address = 10.1.40.250/32
 DNS = 1.1.1.1,8.8.8.8
 [Peer]
 PublicKey = EsxauwYNBotyfDJzy9yCUXDci2gHbtZLhUWnMgMP0AY=
 PresharedKey = sp9C00rnlbjza6Ny6Lcw2b5fBkDULYd1LoLuoRzmFjk=
 AllowedIPs = 10.0.0.0/8
 Endpoint = 66.171.167.250:13233
 PersistentKeepalive = 25
--- a/wireguard/evoq/U-250-guy.conf.png
+++ b/wireguard/evoq/U-250-guy.conf.png
--- a/wireguard/evoq/U-251-boum01.Peer.rsc
+++ b/wireguard/evoq/U-251-boum01.Peer.rsc
@ -0,0 +1,3 @@
 /interface wireguard peers 
 add allowed-address=10.1.40.251/32 disabled=no name="boum01" interface=WG-Users \
 preshared-key="42dSePvur9+8yZzgtmm5ZqhbqPDs6HTbNO/6hoZCnSY=" public-key="vN4dr8B8jBXD5s+YunG5OGXEim2MRqEN9b/lDmpMsR0="
--- a/wireguard/evoq/U-251-boum01.conf
+++ b/wireguard/evoq/U-251-boum01.conf
@ -0,0 +1,13 @@
 [Interface]
 PrivateKey = sP6aXDHfNKnVZiB4KggyQo0/GQkWY4kiDVbUiG4V2VA=
 ListenPort = 51821
 Address = 10.1.40.251/32
 DNS = 10.1.3.40,10.1.3.41
 [Peer]
 PublicKey = EsxauwYNBotyfDJzy9yCUXDci2gHbtZLhUWnMgMP0AY=
 PresharedKey = 42dSePvur9+8yZzgtmm5ZqhbqPDs6HTbNO/6hoZCnSY=
 AllowedIPs = 10.0.0.0/8
 Endpoint = 66.171.167.250:13233
 PersistentKeepalive = 25
--- a/wireguard/evoq/U-251-boum01.conf.png
+++ b/wireguard/evoq/U-251-boum01.conf.png
--- a/wireguard/exo-c/002-pascal.Endpoint.rsc
+++ b/wireguard/exo-c/002-pascal.Endpoint.rsc
@ -0,0 +1,3 @@
 /interface wireguard peers 
 add allowed-address=172.16.200.2/32 disabled=no name="pascal" interface=wg1 \
 preshared-key="RdbI9KNBQBNBVRyKNnhe7Ujw0A0nKOThDJJOJ7Lgp2Y=" public-key="E0R0TnS3WsDj2CTHa5YtFd3+zGFVZCYYfJzKbTWwqUw="
--- a/wireguard/exo-c/002-pascal.conf
+++ b/wireguard/exo-c/002-pascal.conf
@ -0,0 +1,13 @@
 [Interface]
 PrivateKey = GJTT/i6ww5SSozn9ibs+vmQcWVJeQpiOyWDAobLjkXA=
 ListenPort = 51821
 Address = 172.16.200.2/32
 DNS = 1.1.1.1,8.8.8.8
 [Peer]
 PublicKey = njwJywr8UndTeemZnxKT62aKxw0JGXggmSqNEHAulUE=
 PresharedKey = RdbI9KNBQBNBVRyKNnhe7Ujw0A0nKOThDJJOJ7Lgp2Y=
 AllowedIPs = 0.0.0.0/0
 Endpoint = d4450da4dffc.sn.mynetname.net:13235
 PersistentKeepalive = 25
--- a/wireguard/exo-c/002-pascal.conf.png
+++ b/wireguard/exo-c/002-pascal.conf.png
--- a/wireguard/exo-c/003-boig01.Endpoint.rsc
+++ b/wireguard/exo-c/003-boig01.Endpoint.rsc
@ -0,0 +1,3 @@
 /interface wireguard peers 
 add allowed-address=172.16.200.3/32 disabled=no name="	boig01" interface=wg1 \
 preshared-key="SAsf/9Lgw/3g0DXxbJYLnIff9Hb1irm8cRXsrAuCLOc=" public-key="8p3hP25gL2ALfRGStXs0fbk68em/aWobuMYS7w6GPzQ="
--- a/wireguard/exo-c/003-boig01.conf
+++ b/wireguard/exo-c/003-boig01.conf
@ -0,0 +1,13 @@
 [Interface]
 PrivateKey = GHvOQbVIPOw3NIqGS2+FlyMcCKIbVvQRbBTtj0rkqVc=
 ListenPort = 51821
 Address = 172.16.200.3/32
 DNS = 1.1.1.1,8.8.8.8
 [Peer]
 PublicKey = njwJywr8UndTeemZnxKT62aKxw0JGXggmSqNEHAulUE=
 PresharedKey = SAsf/9Lgw/3g0DXxbJYLnIff9Hb1irm8cRXsrAuCLOc=
 AllowedIPs = 10.1.0.0/24,10.50.0.0/24,172.16.28.0/24,172.16.29/24,10.96.0.0/12
 Endpoint = d4450da4dffc.sn.mynetname.net:13235
 PersistentKeepalive = 25
--- a/wireguard/exo-c/003-boig01.conf.png
+++ b/wireguard/exo-c/003-boig01.conf.png
--- a/wireguard/exo-c/guy.conf
+++ b/wireguard/exo-c/guy.conf
@ -0,0 +1,13 @@
 [Interface]
 PrivateKey = UEX8Fq51QVG6oIPdCy8eWfrJcONrArRqyieK1faBzkE=
 ListenPort = 51821
 Address = 172.16.28.1/32
 DNS = 1.1.1.1,8.8.8.8
 [Peer]
 PublicKey = 3ZnjnM9d/TL2MoNnEgNRlDztYEhHLNjb8EXai9utzCk=
 PresharedKey = azOSAxvB4FqFR0XYvXiVZL3XZn1QD5S1ttQSSc/MiTk=
 AllowedIPs = 172.16.24.0/24,172.16.44.0/24
 Endpoint = 45.61.15.102:13239
 PersistentKeepalive = 25
--- a/wireguard/genconfig
+++ b/wireguard/genconfig
@ -0,0 +1,405 @@
 #!/bin/bash
 Version=241231-1054
 debug=0
 CORP="ingtegration-rb5009"					# default value
 ScriptName=$(basename "$0")
 ScriptDir=$(dirname "0")
 IniFile=${ScriptDir}/${ScriptName}.ini
 BaseDir="/home/boig01/temp/wireguard"
 ((debug)) && echo -e "
 ScriptDir    = $ScriptDir
 IniFile      = $IniFile
 "
 NumUser=0
 NameUser=""
 NumRouter=0
 NameRouter=""
 Mode=0
 BOLD=$(    tput bold)
 NORMAL=$(  tput sgr0)
 RESET=$(   tput sgr0)
 NC=$(      tput sgr0)           # No color
 BOLD=$(    tput bold)
 BLACK=$(   tput setaf 0)
 RED=$(     tput setaf 1)
 GREEN=$(   tput setaf 2)
 YELLOW=$(  tput setaf 3)
 BLUE=$(    tput setaf 4)
 MAGENTA=$( tput setaf 5)
 CYAN=$(    tput setaf 6)
 WHITE=$(   tput setaf 7)
 DEFAULT=$( tput setaf 9)
 #---ini file parameters
 unset PARAMS;
 PARAMS=(
 Endpoint_Rtr_Addr_Public
 Endpoint_Rtr_Addr_Private
 Endpoint_Rrt_Port
 Endpoint_Rtr_PUB_KEY
 Endpoint_Usr_Addr
 Endpoint_Usr_Port
 Endpoint_Usr_PUB_KEY
 )
 #========== INTERNAL FUNCTIONS ================================================
 #---------- function Info -----------------------------------------------------
 #
 # With date / time prefix
 #
 Info()
 { 
  printf "${GREEN}%s ${NC} %s\n" "$( date +%F_%T )" "$*"
 }
 #---------- function Message --------------------------------------------------
 #
 # Send to STDOUT
 #
 function Message()
 {
  printf "\n${GREEN}[i] ${BLUE}%s${NC}\n"  "$*"
 }
 #---------- ip2int ------------------------------------------------------------
 #
 function ip2int()
 {
    local a b c d
    { IFS=. read a b c d; } <<< $1
    echo $(((((((a << 8) | b) << 8) | c) << 8) | d))
 }
 #---------- int2ip ------------------------------------------------------------
 #
 function int2ip()
 {
    local ui32=$1; shift
    local ip n
    for n in 1 2 3 4; do
        ip=$((ui32 & 0xff))${ip:+.}$ip
        ui32=$((ui32 >> 8))
    done
    echo $ip
 }
 #---------- CreateUser --------------------------------------------------------
 #
 function CreateUser()
 {
 local debug=0
 local ClientName="$1"
 local Corp="$2"
 #local CLIENT_NUM=$(printf "%03d" $3)
 local WgUsrDir="${BaseDir}/${Corp}/users"		# BaseDir global variable
 #---Create paths if not there
 [ ! -d "$WgUsrDir" ] && mkdir -p "${WgUsrDir}"
 CLIENT_PRIV_KEY=$(wg genkey)
 CLIENT_PUB_KEY=$(echo "${CLIENT_PRIV_KEY}" | wg pubkey)
 CLIENT_PRE_SHARED_KEY=$(wg genpsk)
 #CLIENT_FILE_PREFIX="${CLIENT_NUM}-${ClientName}"
 CLIENT_FILE_PREFIX="${ClientName}"
 CLIENT_FILE_WIN="${WgUsrDir}/${CLIENT_FILE_PREFIX}.conf"
 CLIENT_FILE_RTR="${WgUsrDir}/${CLIENT_FILE_PREFIX}.Endpoint.rsc"
 ((debug)) && echo -e "
 Corp            = $Corp
 ClientName      = $ClientName
 CLIENT_FILE_WIN = $CLIENT_FILE_WIN
 CLIENT_FILE_RTR = $CLIENT_FILE_RTR
 " && exit
 echo -e "Client:
 ${GREEN}---------------------------------------------------------${NC}"
 echo -e "[Interface]
 PrivateKey = ${CLIENT_PRIV_KEY}
 ListenPort = 51821
 Address = 10.8.38.${ClientNum}/32
 DNS = 1.1.1.1,8.8.8.8
 [Peer]
 PublicKey = ${Endpoint_Usr_PUB_KEY}
 PresharedKey = ${CLIENT_PRE_SHARED_KEY}
 AllowedIPs = 10.8.0.0/16
 Endpoint = ${Endpoint_Usr_Addr}:${Endpoint_Usr_Port}
 PersistentKeepalive = 25
 " | tee "${CLIENT_FILE_WIN}"
 echo -e "\${CORP} Router:
 ${GREEN}---------------------------------------------------------${NC}"
 echo -e "/interface wireguard peers 
 add allowed-address=10.8.38.${ClientNum}/32 disabled=no comment=\"User ${ClientName}\" interface=wg1 \\
 preshared-key=\"${CLIENT_PRE_SHARED_KEY}\" public-key=\"${CLIENT_PUB_KEY}\""| tee "${CLIENT_FILE_RTR}"
 Message "QR Code:"
 qrencode -t ansiutf8 -l L < "${CLIENT_FILE_WIN}"
 qrencode -l L -s 6 -d 225 -o "${CLIENT_FILE_WIN}.png" < "${CLIENT_FILE_WIN}"
 }
 #---------- CreateRouter ------------------------------------------------------
 #
 function CreateRouter()
 {
 local debug=1
 local RouterNum="$1"
 local RouterSubnet="$2"
 local Corp="$3"
 local BaseDir="${BaseDir}/${Corp}"			# BaseDir global variable
 local WgRtrDir="${BaseDir}/routers"
 #---Create paths if not there
 [ ! -d "$WgRtrDir" ] && mkdir -p "${WgRtrDir}"
 RTR_PRIV_KEY=$(wg genkey)
 Endpoint_Rtr_PUB_KEY=$(echo "${RTR_PRIV_KEY}" | wg pubkey)
 RTR_PRE_SHARED_KEY=$(wg genpsk)
 RTR_NUM=$(printf "%03d" $1)
 RTR_FILE_PREFIX="${RTR_NUM}-Router"
 RTR_FILE_RTR="${WgRtrDir}/${RTR_FILE_PREFIX}_Client.rsc"
 RTR_FILE_RTR_ENDPOINT="${WgRtrDir}/${RTR_FILE_PREFIX}_Endpoint.rsc"
 ((debug)) && echo -e "
 Corp            = $Corp
 RTR_NUM         = $RTR_NUM
 CLIENT_FILE_RTR = $RTR_FILE_RTR
 BaseDir         = $BaseDir
 PreShared Key   = $RTR_PRE_SHARED_KEY
 " && exit
 [ -d "${BaseDir}" ] && Message "Creating dir ${BaseDir}" && mkdir -p "${BaseDir}"
 Message "Generated output files:"
 echo -e "${GREEN}---------------------------------------------------------${NC}
 ${RTR_FILE_RTR}
 ${RTR_FILE_RTR_ENDPOINT}
 "
 Message "Client Router Config:"
 echo -e "${GREEN}---------------------------------------------------------${NC}"
 echo -e "/interface wireguard
 add listen-port=13239 mtu=1420 name=wg01 private-key=\"${RTR_PRIV_KEY}\"
 /ip address add address=172.18.1.${RouterNum}/32 comment=wg-wg01 interface=wg01
 /interface wireguard peers add allowed-address=172.16.18.254 client-keepalive=10 disabled=no comment=\"CCR1 Montreal\" interface=wg01 \\
  endpoint-address=${Endpoint_Rtr_Addr_Public} endpoint-port=${Endpoint_Rrt_Port}  preshared-key=\"${RTR_PRE_SHARED_KEY}\" public-key=\"${Endpoint_Rtr_PUB_KEY}\"
 /system script add dont-require-permissions=no name=ping-CCR1 owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=\\
  \"/ping interval=10 10.1.8.11 count=61\"
 /system/scheduler add interval=10m name=Ping-CCR1 on-event=\"/system/script/run ping-CCR1\" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=apr/02/2022 start-time=12:00:00 " \
 | tee "${RTR_FILE_RTR}"
 #echo -e "\n"
 Message "${EndpointID} endpoint Config:"
 echo -e "${GREEN}---------------------------------------------------------${NC}"
 echo -e "/interface wireguard peers add allowed-address=10.1.41.${RouterNum}/32,${RouterSubnet} disabled=no comment=\"Router ${RouterNum} ${NameRouter}\"  \\
 interface=WG-Routers preshared-key=\"${RTR_PRE_SHARED_KEY}\" public-key=\"${Endpoint_Rtr_PUB_KEY}\"
 /ip route add dst-address=${RouterSubnet} gateway=10.1.41.${RouterNum}" \
 | tee "${RTR_FILE_RTR_ENDPOINT}"
 }
 #---------- function RrtSubnet ------------------------------------------------
 #
 RtrSubnet()
 {
  local RtrNum=$1
  BaseNum=$(ip2int $Start_Subnet)      # Subnet de depart en format integer
  Nth=$((RtrNum-1))                    # Le router #1 est "0" dans la séquence de subnet, #2 est 1, etc
  Nth=$((Nth*NAPS))                    # Decimal a aditionner en fonction pour le Nth router
  Subnet=$((BaseNum+Nth))              # Nth subnet calculé
 #  Subnet="${Subnet}/$(Bits_Subnet=3})"
  echo -e "$(int2ip $Subnet)/${Subnet_Bits}"
 }
 #---------- function Interactive ----------------------------------------------
 #
 function Interactive()
 {
 echo -e "\nInteractive function"
 }
 #---------- function Help -----------------------------------------------------
 #
 function Help()
 {
 echo -e "
 MikroTik WireGuard configurator
 usage:
  ${ScriptName} [Options]
  -c  Corp name
  -i  Interactive (will ask for all needed infos) 
  -l  List endpoints in config
  -n  User mode: # ot the new user     (Unique user number between 1 and 253)
  -u  User name   (example: AdrianSmith, don't use space or accentuated chars)
  -r  Router mode: # of the new client router    (EVOQ router #, like 1 or 11)
  -s  Router Name (example: Montreal-1 , will appear as comment in endpoint router )
 When in user mode, you must provide name & unique user number between 2 and 253.
 This user number will be assigned an ip address 10.1.40.[user #].
 " && exit
 }
 #================ MAIN ========================================================
 #
 ((!$#)) && Help && exit		# If no command parameters passed, help and bail out
 echo -e "\n${GREEN}${ScriptName} ${BLUE}configurator version ${YELLOW}$Version${NC}"
 while getopts c:dhiln:r:s:u: option
 do
 case "${option}" in
    c) CORP=${OPTARG}
       ;; 
    d) debug=1
       ;;
    h) Help 
       exit
       ;;
    i) Interactive
       exit
       ;;
    l) Message "Listing endpoints in ${IniFile}"
       grep '\[' ${IniFile}
       exit
       ;;
    n) NumUser=${OPTARG}
       Mode="User"
       ;;
    r) NumRouter=${OPTARG}
       Mode="Router"
       ;;
    s) NameRouter="${OPTARG}"
       ;;
    u) NameUser="${OPTARG}"
       ;;
    *) echo -e "Usage (bad argument: $OPTARG) \n"
       exit 1;;
 esac
 done
 ((debug)) && echo -e "
 NumRouter = ${NumRouter}
 NumUser   = ${NumUser}
 RtrSubnet = $(RtrSubnet ${NumRouter})
 "
 if [[ "${NumRouter}" -ne "0" && "${NumUser}" -ne "0" ]]
 then	
  echo "** Error, can't use user and router # simulteaneously"
  exit 1
 fi
 #---Endpoint Router Config
 EndpointID=RB5009
 for PARAM in "${PARAMS[@]}"
 do
 eval ${PARAM}=$(sed -nr "/^\[${CORP}\]/ { :l /^${PARAM}[ ]*=/ { s/[^=]*=[ ]*//; p; q;}; n; b l;}" ${IniFile})
 done
 #Endpoint_Rtr_Addr_Public=$(sed -nr "/^\[${CORP}\]/ { :l /^Endpoint_Rtr_Addr_Public[ ]*=/ { s/[^=]*=[ ]*//; p; q;}; n; b l;}" ./genconfig.ini)
 #Endpoint_Rtr_Addr_Private=$(sed -nr "/^\[${CORP}\]/ { :l /^Endpoint_Rtr_Addr_Private[ ]*=/ { s/[^=]*=[ ]*//; p; q;}; n; b l;}" ./genconfig.ini)
 #Endpoint_Rrt_Port=$(sed -nr "/^\[${CORP}\]/ { :l /^Endpoint_Rrt_Port[ ]*=/ { s/[^=]*=[ ]*//; p; q;}; n; b l;}" ./genconfig.ini)
 #Endpoint_Rtr_PUB_KEY=$(sed -nr "/^\[${CORP}\]/ { :l /^Endpoint_Rtr_PUB_KEY[ ]*=/ { s/[^=]*=[ ]*//; p; q;}; n; b l;}" ./genconfig.ini)
 #Endpoint_Usr_Addr=$(sed -nr "/^\[${CORP}\]/ { :l /^Endpoint_Usr_Addr[ ]*=/ { s/[^=]*=[ ]*//; p; q;}; n; b l;}" ./genconfig.ini)
 #Endpoint_Usr_Port=$(sed -nr "/^\[${CORP}\]/ { :l /^Endpoint_Usr_Port[ ]*=/ { s/[^=]*=[ ]*//; p; q;}; n; b l;}" ./genconfig.ini)
 #Endpoint_Usr_PUB_KEY=$(sed -nr "/^\[${CORP}\]/ { :l /^Endpoint_Usr_PUB_KEY[ ]*=/ { s/[^=]*=[ ]*//; p; q;}; n; b l;}" ./genconfig.ini)
 echo -e "
 CORP                      = $CORP
 Endpoint_Rtr_Addr_Public  = $Endpoint_Rtr_Addr_Public
 Endpoint_Rtr_Addr_Private = $Endpoint_Rtr_Addr_Private
 Endpoint_Rrt_Port         = $Endpoint_Rrt_Port
 Endpoint_Rtr_PUB_KEY      = $Endpoint_Rtr_PUB_KEY
 Endpoint_Usr_Addr         = $Endpoint_Usr_Addr
 Endpoint_Usr_Port         = $Endpoint_Usr_Port
 Endpoint_Usr_PUB_KEY      = $Endpoint_Usr_PUB_KEY
 "
 ((debug)) && printf "Parameters : %s\n" "${PARAMS[@]}"
 #exit
 #---Client Router Subnets
 Start_Subnet=10.1.41.0
 Bits_Subnet=8
 Subnet_Bits=$((32-Bits_Subnet))              # Router address subnet bits
 NAPS=$((2**Bits_Subnet))                     # Nombre d'Adresses Par Subnet
 case "$Mode" in
   User) Message "Creating User"
         CreateUser ${NameUser} ${CORP}
         exit
         ;;
 Router) Message "Creating Router with $(RtrSubnet ${NumRouter})"
         CreateRouter $NumRouter $(RtrSubnet ${NumRouter}) ${CORP}
         exit
         ;;
      *) echo -e "\n** ERROR : User # was not provided"
         Help
 	 ;;
 esac
--- a/wireguard/genconfig-exoc
+++ b/wireguard/genconfig-exoc
@ -0,0 +1,117 @@
 #!/bin/bash
 #
 # (c) IngTegration inc 2023
 # GPL licensed
 #
 debug=0
 ClientName="$1"
 ClientNum="$2"
 Corp="$3"
 Endpoint_Usr_PUB_KEY="CHANGE_ME"	# put router WG public key here
 RtrSubnetPrefix="10.0.254"						# WG subnet prefix
 DnsSrv="1.1.1.1 8.8.8.8"
 AllowedIps="0.0.0.0/0"							# Allowed IP for clients
 RtrInterf="wg01"							# Router WG Interface
 Endpoint_Usr_Port=51844
 #local CLIENT_NUM=$(printf "%03d" $3)
 #local WgUsrDir="${BaseDir}/${Corp}/users"               		# BaseDir global variable
 WgUsrDir="."
 Endpoint_Usr_Addr="${RtrSubnetPrefix}.${ClientNum}"
 BOLD=$(    tput bold)
 NORMAL=$(  tput sgr0)
 RESET=$(   tput sgr0)
 NC=$(      tput sgr0)           # No color
 BOLD=$(    tput bold)
 BLACK=$(   tput setaf 0)
 RED=$(     tput setaf 1)
 GREEN=$(   tput setaf 2)
 YELLOW=$(  tput setaf 3)
 BLUE=$(    tput setaf 4)
 MAGENTA=$( tput setaf 5)
 CYAN=$(    tput setaf 6)
 WHITE=$(   tput setaf 7)
 DEFAULT=$( tput setaf 9)
 #===========Internal Functions=================================================
 #
 #-------------Help-------------------------------------------------------------
 #
 function Help()
 {
  cat << EOF
  usage: $(basename "$0") [ClientName] [ClientNum] [Corp]
  ClientName : Name of the roadwarrior client (Ex. marlene)
  ClientNum  : Roadwarrior sequence number, will translate into ip last octet
               1 -->  SubnetPrefix.1 (Ex: 172.16.20.1)
  Corp       : Name of RoadWarrior Company (Ex: ExoC)
 EOF
  exit
 }
 #---------------Message--------------------------------------------------------
 #
 function Message()
 {
  printf "\n${GREEN}[i] ${BLUE}%s${NC}\n"  "$*"
 }
 ((!$#)) && Help			# Call help if no argument supplied
 ClientPadNum=$(printf "%03d" $ClientNum)
 CLIENT_PRIV_KEY=$(wg genkey)
 CLIENT_PUB_KEY=$(echo "${CLIENT_PRIV_KEY}" | wg pubkey)
 CLIENT_PRE_SHARED_KEY=$(wg genpsk)
 #CLIENT_FILE_PREFIX="${CLIENT_NUM}-${ClientName}"
 CLIENT_FILE_PREFIX="${ClientPadNum}-${Corp}-${ClientName}"
 CLIENT_FILE_WIN="${WgUsrDir}/${CLIENT_FILE_PREFIX}.conf"
 CLIENT_FILE_RTR="${WgUsrDir}/${CLIENT_FILE_PREFIX}.Endpoint.rsc"
 ((debug)) && echo -e "
 Corp            = $Corp
 ClientName      = $ClientName
 CLIENT_FILE_WIN = $CLIENT_FILE_WIN
 CLIENT_FILE_RTR = $CLIENT_FILE_RTR
 " && exit
 echo -e "Client:
 ${GREEN}---------------------------------------------------------${NC}"
 echo -e "[Interface]
 PrivateKey = ${CLIENT_PRIV_KEY}
 ListenPort = ${Endpoint_Usr_Port}
 Address = ${RtrSubnetPrefix}.${ClientNum}/32
 DNS = ${DnsSrv}
 [Peer]
 PublicKey = ${Endpoint_Usr_PUB_KEY}
 PresharedKey = ${CLIENT_PRE_SHARED_KEY}
 AllowedIPs = ${AllowedIps}
 Endpoint = ${Endpoint_Usr_Addr}:${Endpoint_Usr_Port}
 PersistentKeepalive = 25
 " | tee "${CLIENT_FILE_WIN}"
 echo -e "\n${Corp} Router:
 ${GREEN}---------------------------------------------------------${NC}"
 echo -e "/interface wireguard peers 
 add allowed-address=${RtrSubnetPrefix}.${ClientNum}/32 disabled=no comment=\"User ${ClientName}\" interface=${RtrInterf} \\
 preshared-key=\"${CLIENT_PRE_SHARED_KEY}\" public-key=\"${CLIENT_PUB_KEY}\"" | tee "${CLIENT_FILE_RTR}"
 Message "QR Code:"
 qrencode -t ansiutf8 -l L < "${CLIENT_FILE_WIN}"
 qrencode -l L -s 6 -d 225 -o "${CLIENT_FILE_WIN}.png" < "${CLIENT_FILE_WIN}"
--- a/wireguard/genconfig-exoc.zip
+++ b/wireguard/genconfig-exoc.zip
--- a/wireguard/genconfig.2024-09-10_211730
+++ b/wireguard/genconfig.2024-09-10_211730
@ -0,0 +1,296 @@
 #!/bin/bash
 Version=240226-1434
 debug=0
 CORP=IngTegration
 RouterID=RB5009
 Rtr_CCR1_Addr="199.168.223.11"
 Rtr_CCR1_Port="13232"
 Usr_CCR1_Addr="199.168.223.11"
 Usr_CCR1_Port="13233"
 ScriptName=$(basename "$0")
 BaseDir="/home/boig01/temp/wireguard/ingt"
 WgRtrDir="${BaseDir}/routers"
 WgUsrDir="${BaseDir}/users"
 RTR_CCR1_PUB_KEY="tZRvoRBOEBEz6sNZQmw1M2NE2OH78vkHib1iQgbxDDE="
 USR_CCR1_PUB_KEY="tZRvoRBOEBEz6sNZQmw1M2NE2OH78vkHib1iQgbxDDE="
 NumUser=0
 NumRouter=0
 NameUser=0
 Mode=0
 YELLOW='\033[0;33m'
 GREEN='\033[0;32m'
 RED='\033[0;31m'
 BLUE='\033[0;34m'
 NC='\033[0m' 		# No Color
 # Create paths if not there
 [ ! -d "$WgRtrDir" ] && mkdir -p "${WgRtrDir}"
 [ ! -d "$WgUsrDir" ] && mkdir -p "${WgUsrDir}"
 #---Client Router Subnets
 Start_Subnet=172.18.1.0
 Bits_Subnet=8
 Subnet_Bits=$((32-Bits_Subnet))              # Router address subnet bits
 NAPS=$((2**Bits_Subnet))                     # Nombre d'Adresses Par Subnet
 #=================== function Help ============================================
 #
 function Help()
 {
 echo -e "
 WireGuard-MikroTik ${BLUE}${CORP}${NC} configurator
 usage:
  ${ScriptName} [Options]
  -n  User #      (Unique user number between 1 and 253)
  -u  User name   (AdrianSmith)
  -r  Router #    (EVOQ router #, like 1 or 11)
 When in user mode, you must provide name & unique user number between 2 and 253.
 This user number will be assigned an ip address 10.1.40.[user #].
 " && exit
 }
 #=================== function Info =============================================
 #
 # Avec date / time prefix
 #
 Info() { printf "${GREEN}%s ${NC} %s\n" "$( date +%F_%T )" "$*" >&2; }	# send to stderr
 #=================== function Message ==========================================
 #
 # Send to STDOUT
 #
 Message() {
  printf "\n${GREEN}[i] ${BLUE}%s${NC}"  "$*"
 }
 #=================== function ip2int ===========================================
 #
 ip2int()
 {
    local a b c d
    { IFS=. read a b c d; } <<< $1
    echo $(((((((a << 8) | b) << 8) | c) << 8) | d))
 }
 #=================== function int2ip ===========================================
 #
 int2ip()
 {
    local ui32=$1; shift
    local ip n
    for n in 1 2 3 4; do
        ip=$((ui32 & 0xff))${ip:+.}$ip
        ui32=$((ui32 >> 8))
    done
    echo $ip
 }
 #======================== CreateUser ==========================================
 #
 function CreateUser()
 {
 ClientName=$1
 ClientNum=$2
 CLIENT_PRIV_KEY=$(wg genkey)
 CLIENT_PUB_KEY=$(echo "${CLIENT_PRIV_KEY}" | wg pubkey)
 CLIENT_PRE_SHARED_KEY=$(wg genpsk)
 CLIENT_NUM=$(printf "%03d" $2)
 CLIENT_FILE_PREFIX="${CLIENT_NUM}-${ClientName}"
 CLIENT_FILE_WIN="${WgUsrDir}/${CLIENT_FILE_PREFIX}.conf"
 CLIENT_FILE_RTR="${WgUsrDir}/${CLIENT_FILE_PREFIX}.CCR1.rsc"
 ((debug)) && echo -e "
 ClientName      = $1
 CLIENT_NUM      = $CLIENT_NUM
 CLIENT_FILE_WIN = $CLIENT_FILE_WIN
 CLIENT_FILE_RTR = $CLIENT_FILE_RTR
 " && exit
 echo -e "Client:
 ${GREEN}---------------------------------------------------------${NC}"
 echo -e "[Interface]
 PrivateKey = ${CLIENT_PRIV_KEY}
 ListenPort = 51821
 Address = 10.8.38.${ClientNum}/32
 DNS = 1.1.1.1,8.8.8.8
 [Peer]
 PublicKey = ${USR_CCR1_PUB_KEY}
 PresharedKey = ${CLIENT_PRE_SHARED_KEY}
 AllowedIPs = 10.8.0.0/16
 Endpoint = ${Usr_CCR1_Addr}:${Usr_CCR1_Port}
 PersistentKeepalive = 25
 " | tee "${CLIENT_FILE_WIN}"
 echo -e "\nAtom Router:
 ${GREEN}---------------------------------------------------------${NC}"
 echo -e "/interface wireguard peers 
 add allowed-address=10.8.38.${ClientNum}/32 disabled=no comment=\"User ${ClientName}\" interface=wg1 \\
 preshared-key=\"${CLIENT_PRE_SHARED_KEY}\" public-key=\"${CLIENT_PUB_KEY}\""| tee "${CLIENT_FILE_RTR}"
 }
 #======================== CreateRouter ========================================
 #
 function CreateRouter()
 {
 RouterNum="$1"
 RouterSubnet="$2"
 RTR_PRIV_KEY=$(wg genkey)
 RTR_PUB_KEY=$(echo "${RTR_PRIV_KEY}" | wg pubkey)
 RTR_PRE_SHARED_KEY=$(wg genpsk)
 RTR_NUM=$(printf "%03d" $1)
 RTR_FILE_PREFIX="${RTR_NUM}-Router"
 RTR_FILE_RTR="${WgRtrDir}/${RTR_FILE_PREFIX}.rsc"
 RTR_FILE_RTR_CCR1="${WgRtrDir}/${RTR_FILE_PREFIX}.CCR1.rsc"
 ((debug)) && echo -e "
 ClientName      = $1
 CLIENT_NUM      = $RTR_NUM
 CLIENT_FILE_RTR = $RTR_FILE_RTR
 " && exit
 Message "Generated output files:"
 echo -e "${GREEN}---------------------------------------------------------${NC}
 ${RTR_FILE_RTR}
 ${RTR_FILE_RTR_CCR1}
 "
 Message "Router Client Config:"
 echo -e "${GREEN}---------------------------------------------------------${NC}"
 echo -e "/interface wireguard
 add listen-port=13239 mtu=1420 name=wg01 private-key=\"${RTR_PRIV_KEY}\"
 /ip address add address=10.1.41.${RouterNum}/32 comment=wg-wg01 interface=wg01
 /ip route add dst-address=10.0.0.0/8 gateway=wg01
 /ip route add dst-address=192.168.0.0/16 gateway=wg01
 /interface wireguard peers add allowed-address=10.0.0.0/8,192.168.0.0/16 client-keepalive=10 disabled=no comment=\"CCR1 Montreal\" interface=wg01 \\
  endpoint-address=${Rtr_CCR1_Addr} endpoint-port=${Rtr_CCR1_Port}  preshared-key=\"${RTR_PRE_SHARED_KEY}\" public-key=\"${RTR_CCR1_PUB_KEY}\"
 /system script add dont-require-permissions=no name=ping-CCR1 owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=\\
  \"/ping interval=10 10.1.8.11 count=61\"
 /system/scheduler add interval=10m name=Ping-CCR1 on-event=\"/system/script/run ping-CCR1\" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=apr/02/2022 start-time=12:00:00 " \
 | tee "${RTR_FILE_RTR}"
 #echo -e "\n"
 Message "${RouterID} Config:"
 echo -e "${GREEN}---------------------------------------------------------${NC}"
 echo -e "/interface wireguard peers add allowed-address=10.1.41.${RouterNum}/32,${RouterSubnet} disabled=no comment=\"Router ${RouterNum}\"  \\
 interface=WG-Routers preshared-key=\"${RTR_PRE_SHARED_KEY}\" public-key=\"${RTR_PUB_KEY}\"
 /ip route add dst-address=${RouterSubnet} gateway=10.1.41.${RouterNum}" \
 | tee "${RTR_FILE_RTR_CCR1}"
 }
 #=================== function RrtSubnet ========================================
 #
 RtrSubnet()
 {
  local RtrNum=$1
  BaseNum=$(ip2int $Start_Subnet)      # Subnet de depart en format integer
  Nth=$((RtrNum-1))                    # Le router #1 est "0" dans la séquence de subnet, #2 est 1, etc
  Nth=$((Nth*NAPS))                    # Decimal a aditionner en fonction pour le Nth router
  Subnet=$((BaseNum+Nth))              # Nth subnet calculé
 #  Subnet="${Subnet}/$(Bits_Subnet=3})"
  echo -e "$(int2ip $Subnet)/${Subnet_Bits}"
 }
 #================ MAIN ========================================================
 #
 ((!$#)) && Help && exit		# If no command parameters passed, help and bail out
 echo -e "\nWireGuard-MikroTik ${BLUE}${CORP}${NC} configurator version $Version\n"
 while getopts dhn:r:u: option
 do
 case "${option}" in
    d) debug=1
       ;;
    h) Help 
       exit ;;
    n) NumUser=${OPTARG}
       Mode="User"
       ;;
    r) NumRouter=${OPTARG}
       Mode="Router"
       ;;
    u) NameUser=${OPTARG}
       ;;
    *) echo -e "Usage (bad argument: $OPTARG) \n"
       exit 1;;
 esac
 done
 ((debug)) && echo -e "
 NumRouter = ${NumRouter}
 NumUser   = ${NumUser}
 RtrSubnet = $(RtrSubnet ${NumRouter})
 " && exit
 if [[ "${NumRouter}" -ne "0" && "${NumUser}" -ne "0" ]]
 then	
  echo "** Error, can't use user and router # simulteaneously"
  exit 1
 fi
 case "$Mode" in
   User) Message "Creating User"
         CreateUser $NameUser $NumUser
         exit
         ;;
 Router) Message "Creating Router with $(RtrSubnet ${NumRouter})"
         CreateRouter $NumRouter $(RtrSubnet ${NumRouter})
         exit
         ;;
      *) echo -e "\n** ERROR : User # was not provided"
         Help
 	 ;;
 esac
--- a/wireguard/genconfig.ini
+++ b/wireguard/genconfig.ini
@ -0,0 +1,66 @@
 [ingtegration-rb5009]
 Addr_Public="seve.ingtegration.com"
 01_InterfaceName="WG-Devices"
 01_PUBKEY="MmTMFo+Fs3N9jrcVeGKkmMi2NoZctvSB7813LCN12nY="
 01_Addr="172.16.254.2"
 01_Subnet="172.16.254.0/24"
 01_Port="14321"
 02_InterfaceName="WG-Users"
 02_PUBKEY="iPArVoKAjEYTsvSb2NdQRDIUxHPHBgGTHAK3uAKKvkw="
 01_Subnet="172.16.40.0/24"
 02_Addr="172.16.40.254"
 02_Port="14322"
 [evoq-mtl]
 Addr_Public="66.171.167.250"
 01_InterfaceName="WG-Routers"
 01_PUBKEY="9au45IDNJhHDNtN+LIpJDyMFTEYdN9WOSSHEJS8WRmw="
 01_Subnet="10.1.41.0/24"
 01_Addr="10.1.41.254"
 01_Port="13232"
 02_InterfaceName="WG-Users"
 02_PUBKEY="9au45IDNJhHDNtN+LIpJDyMFTEYdN9WOSSHEJS8WRmw="
 02_Subnet="10.1.42.0/24"
 02_Addr="10.1.42.254"
 02_Port="13233"
 [koze-maison]
 Addr_Public="b4a30b139a75.sn.mynetname.net"
 01_Subnet="10.1.41.0/24"
 01_Addr="172.16.41.254"
 01_Port="13232"
 01_PUBKEY="8e1iXWniMo+3OU1FsNPAgrG0av9d/Ijf9ybj75z9GWE="
 01_InterfaceName="WG-Users"
 [rrf-rb5009]
 Addr_Public="142.217.209.155"
 01_Subnet="172.16.41.0/24"
 01_Addr_Private="172.16.41.254"
 01_Port="14231"
 01_PUBKEY="FYmwzlP4m2IkS4VpDSwhN6NHHJBrEBbIqf9+GS7VWxo="
 01_InterfaceName="WG-Users"
 [cccp-hexs]
 Addr_Public="199.168.223.11"
 01_Subnet="10.8.37.0/24"
 01_Addr="10.8.37.254"
 01_Port="13233"
 01_PUBKEY="nAwCkIHkPlgJwpU+t84mBSOUsylfDj+nudD3neZoaiU="
 01_InterfaceName="WG-Users"
 [cccp-rb2011]
 Addr_Public="199.168.223.10"
 01_InterfaceName="WG-Users"
 01_Subnet="10.8.37.0/25"
 01_Addr="10.8.35.126"
 01_Port="13232"
 01_PUBKEY="nAwCkIHkPlgJwpU+t84mBSOUsylfDj+nudD3neZoaiU="
 02_InterfaceName="WG-Routers"
 02_Subnet="10.8.37.129/25"
 02_Addr="10.8.34.254"
 02_Port="13233"
 02_PUBKEY="kIV/vXbuNWWc//zU27+g3QcrOIYuVh8/Bo/g8O2iwUQ="
--- a/wireguard/genconfig_router
+++ b/wireguard/genconfig_router
@ -0,0 +1,146 @@
 #!/bin/bash
 #
 debug=0
 ScriptName=$(basename "$0")
 RouterName="RB5009-CTG"
 RouterAddrPublic="heh08h84mnt.sn.mynetname.net"
 RouterPort="14322"
 RouterAddrPrivate="172.16.254.2"
 RouterInterface="WG-Devices"
 BOLD=$(    tput bold)
 NORMAL=$(  tput sgr0)
 RESET=$(   tput sgr0)
 NC=$(      tput sgr0)           # No color
 BOLD=$(    tput bold)
 BLACK=$(   tput setaf 0)
 RED=$(     tput setaf 1)
 GREEN=$(   tput setaf 2)
 YELLOW=$(  tput setaf 3)
 BLUE=$(    tput setaf 4)
 MAGENTA=$( tput setaf 5)
 CYAN=$(    tput setaf 6)
 WHITE=$(   tput setaf 7)
 DEFAULT=$( tput setaf 9)
 #---------- function Message --------------------------------------------------
 #
 # Send to STDOUT
 #
 function Message()
 {
  printf "\n${GREEN}[i] ${BLUE}%s${NC}\n"  "$*"
 }
 function CreateRouter()
 {
 local debug=0
 local DeviceNum="$1"								# voir plus bas avec printf
 local DeviceName="$2"
 local DeviceInterface="$3"
 DeviceAllowedAddress="172.16.40.2"
 DevicePrivKey=$(wg genkey)
 DevicePubKey=$(echo "${DevicePrivKey}" | wg pubkey)
 DevicePSK=$(wg genpsk)
 DeviceNumPad=$(printf "%03d" $1)						# 3 digit pad of $1
 DeviceFilesPrefix="R-${DeviceNumPad}"
 RouterFileCfg="${DeviceFilesPrefix}_RouterCfg.rsc"
 DeviceFileCfg="${DeviceFilesPrefix}_DeviceCfg.rsc"
 ((debug)) && echo -e "
 DeviceNum       = $DeviceNum
 DevicePrivKey   = $DevicePrivKey
 DevicePubKey    = $DevicePubKey
 DevicePSK       = $DevicePSK
 DeviceFileCfg   = $DeviceFileCfg
 RouterFileCfg   = $RouterFileCfg
 " | column -t && exit
 Message "Generated output files:"
 echo -e "${GREEN}---------------------------------------------------------${NC}
 ${RouterFileCfg}
 ${DeviceFileCfg}
 "
 Message "Router Config:"
 echo -e "${GREEN}---------------------------------------------------------${NC}"
 echo -e "S'assurer que sur router: /interface wireguard add listen-port=${RouterPort} mtu=1420 name=${RouterInterface}\n"
 echo -e "/interface wireguard peers add allowed-address=172.16.254.${DeviceNum}/32 client-keepalive=10 disabled=no comment=\"${DeviceName}\" \\
 interface=WG-Devices preshared-key=\"${DevicePSK}\" public-key=\"${DevicePubKey}\""
 #| tee "${RouterFileCfg}"
 Message "${DeviceName} device Config:"
 echo -e "${GREEN}---------------------------------------------------------${NC}"
 echo -e "/interface wireguard add listen-port=13239 mtu=1420 name=${DeviceInterface} private-key=\"${DevicePrivKey}\"
 /interface wireguard peers add allowed-address=${RouterAddrPrivate} client-keepalive=15 disabled=no comment=\"${RouterName}\"  \\
 interface=${DeviceInterface} preshared-key=\"${DevicePSK}\" public-key=\"${DevicePubKey}\"  endpoint-address=${RouterAddrPublic} endpoint-port=${RouterPort}
 /ip route add dst-address=0.0.0.0 gateway=${RouterAddrPrivate}"
 #| tee "${DeviceFileCfg}"
 }
 Help() {
  cat << EOF
 usage: $(basename "$0") [OPTIONS]
   -d Device Number
   -n Device Name
   -i Device Interface
   -h This help
 EOF
 }
 ((!$#))  && Help
 while getopts d:n:i:h option
 do
 case "${option}" in
    d) DeviceNumber=${OPTARG};;
    n) DeviceName=${OPTARG};;
    i) DeviceInterface=${OPTARG};;
    h) Help
       exit 0;;
    *) echo -e "Usage (bad argument: ${OPTARG}) \n"
       exit 1;;
 esac
 done
 ((debug)) && echo -e "
 DeviceNumber = $DeviceNumber
 DeviceName = $DeviceName
 DeviceInterface = $DeviceInterface
 " | column -t && exit
 CreateRouter ${DeviceNumber} ${DeviceName} ${DeviceInterface}
--- a/wireguard/genconfig_router.txt
+++ b/wireguard/genconfig_router.txt
@ -0,0 +1,31 @@
 CCR1016 EVOQ
 ============
 /ip address
 add address=10.1.41.254/24 interface=WG-Routers network=10.1.41.0
 /interface wireguard
 add comment=10.1.32.0/24 listen-port=13232 mtu=1420 name=WG-Routers
 /interface wireguard peers
 add allowed-address=10.1.40.1/32 client-keepalive=10s comment="User squirion" interface=WG-Users preshared-key="+tgz1wqMtrota6gxmMtEix3wiZI85IM8Ty5x7ucgbiA=" public-key="6KhC7Ai2As7ShqKC1tlKQ1eKp8MLdrljBdJBCUIjal8="
 WG "Server":
 ------------
 Router WAN Addr : heh08h84mnt.sn.mynetname.net
 Router WAN Port : 14322
 Router Local Address: 172.16.254.2/24
 Device: WG-Devices
 Public Key: MmTMFo+Fs3N9jrcVeGKkmMi2NoZctvSB7813LCN12nY=
 -d [device num] -n [device name] -i [device interface]
 genconfig_router -d 4 -n Fuengirola  -i wg-ctg 
--- a/wireguard/genconfig_simple
+++ b/wireguard/genconfig_simple
@ -0,0 +1,431 @@
 #!/bin/bash
 Version=250731-1953
 debug=0
 ScriptMode=""					# Script gen mode for client: user or router
 BOLD=$(    tput bold)
 NORMAL=$(  tput sgr0)
 RESET=$(   tput sgr0)
 NC=$(      tput sgr0)           # No color
 BOLD=$(    tput bold)
 BLACK=$(   tput setaf 0)
 RED=$(     tput setaf 1)
 GREEN=$(   tput setaf 2)
 YELLOW=$(  tput setaf 3)
 BLUE=$(    tput setaf 4)
 MAGENTA=$( tput setaf 5)
 CYAN=$(    tput setaf 6)
 WHITE=$(   tput setaf 7)
 DEFAULT=$( tput setaf 9)
 #---ini file parameters list
 unset PARAMS;
 PARAMS=(
 RtrInterface
 Rtr_Addr_Admin
 Rtr_Addr_Public
 Rrt_Port
 Rtr_Addr_Private
 Rtr_CIDR_Mask
 Rtr_PUB_KEY
 Rtr_DNS
 Rtr_Route_Subnet
 )
 #---A enlever apres testing
 export RouterName=""
 export RouterInterface=""
 export DeviceName=""
 export Company=""
 export CORP=""
 export UserName=""
 #========== INTERNAL FUNCTIONS ================================================
 #---------- function Info -----------------------------------------------------
 #
 # With date / time prefix
 #
 Info()
 { 
  printf "${GREEN}%s ${NC} %s\n" "$( date +%F_%T )" "$*"
 }
 #---------- function Message --------------------------------------------------
 #
 # Send to STDOUT
 #
 function Message()
 {
  printf "\n${GREEN}[i] ${BLUE}%s${NC}\n"  "$*"
 }
 #---------- ip2int ------------------------------------------------------------
 #
 function ip2int()
 {
    local a b c d
    { IFS=. read a b c d; } <<< $1
    echo $(((((((a << 8) | b) << 8) | c) << 8) | d))
 }
 #---------- int2ip ------------------------------------------------------------
 #
 function int2ip()
 {
    local ui32=$1; shift
    local ip n
    for n in 1 2 3 4; do
        ip=$((ui32 & 0xff))${ip:+.}$ip
        ui32=$((ui32 >> 8))
    done
    echo $ip
 }
 #---------- RouterCommand -----------------------------------------------------
 #
 function RouterConnect()
 {
  local Command="$"
 }
 #---------- CreateUser --------------------------------------------------------
 #
 function CreateUser()
 {
 local RouterName=$1
 local RouterInterface=$2
 local UserNumber=$3
 local UserName=$4
 local debug=0
 RouterCfg="${RouterName}.cfg"
 #---Read values from config file
 for PARAM in "${PARAMS[@]}"
 do
 eval local ${PARAM}=$(sed -nr "/^\[${RouterName}\]/ { :l /^${PARAM}[ ]*=/ { s/[^=]*=[ ]*//; p; q;}; n; b l;}" $RouterCfg)
 done
 Digits=000
 Temp="${Digits}${UserNumber}"
 ClientNumPad=$(echo ${Temp:(-${#Digits})})
 IFS=. read -r octet1 octet2 octet3 octet4 <<< "$Rtr_Addr_Private"
 Subnet="${octet1}.${octet2}.${octet3}"
 UserAddress=${Subnet}.${UserNumber}/32
 Message "Subnet : $Subnet"
 Message "ClientNumPad : $ClientNumPad"
 ((debug)) && echo -e "
 DEBUG - CreateUser
 User	Number        = $1
 UserName          = $2
 UserName          = $3
 UserAddress       = $UserAddress
 Rtr_Addr_Public   = $Rtr_Addr_Public
 Rrt_Port          = $Rrt_Port
 RouterInterface   = $RouterInterface
 Rtr_Addr_Private  = $Rtr_Addr_Private
 Rtr_CIDR_Mask     = $Rtr_CIDR_Mask
 Rtr_PUB_KEY       = $Rtr_PUB_KEY
 Subnet            = $Subnet
 Rtr_DNS           = $Rtr_DNS
 Rtr_Route_Subnet  = $Rtr_Route
 " | column -t && exit
 CLIENT_PRIV_KEY=$(wg genkey)
 CLIENT_PUB_KEY=$(echo "${CLIENT_PRIV_KEY}" | wg pubkey)
 CLIENT_PRE_SHARED_KEY=$(wg genpsk)
 ROUTER_PUB_KEY="$RouterPubKey"
 CLIENT_FILE_PREFIX="U-${ClientNumPad}-${UserName}"
 CLIENT_FILE_WIN="${CLIENT_FILE_PREFIX}.conf"
 CLIENT_FILE_RTR="${CLIENT_FILE_PREFIX}.Peer.rsc"
 echo -e "\nClient:
 ${GREEN}---------------------------------------------------------${NC}"
 echo -e "[Interface]
 PrivateKey = ${CLIENT_PRIV_KEY}
 ListenPort = 51821
 Address = ${UserAddress}
 DNS = ${Rtr_DNS}
 [Peer]
 PublicKey = ${Rtr_PUB_KEY}
 PresharedKey = ${CLIENT_PRE_SHARED_KEY}
 AllowedIPs = ${Rtr_Route_Subnet}
 Endpoint = ${Rtr_Addr_Public}:${Rrt_Port}
 PersistentKeepalive = 25
 "  	| tee "${CLIENT_FILE_WIN}"
 echo -e "\nRouter:
 ${GREEN}---------------------------------------------------------${NC}"
 echo -e "/interface wireguard peers 
 add allowed-address=${Subnet}.${UserNumber}/32 disabled=no name=\"${UserName}\" interface=${RouterInterface} \\
 preshared-key=\"${CLIENT_PRE_SHARED_KEY}\" public-key=\"${CLIENT_PUB_KEY}\""| tee "${CLIENT_FILE_RTR}"
 Message "QR Code:"
 qrencode -t ansiutf8 -l L < "${CLIENT_FILE_WIN}"
 qrencode -l L -s 6 -d 225 -o "${CLIENT_FILE_WIN}.png" < "${CLIENT_FILE_WIN}"
 Message "Generated User Files:"
 ls -1 ${CLIENT_FILE_PREFIX}*
 }
 #---------- CreateRouter ------------------------------------------------------
 #
 function CreateRouter()
 {
 local debug=1
 local RouterNum="$1"
 local RouterSubnet="$2"
 local Corp="$3"
 local BaseDir="${BaseDir}/${Corp}"                      # BaseDir global variable
 local WgRtrDir="${BaseDir}/routers"
 #---Create paths if not there
 [ ! -d "$WgRtrDir" ] && mkdir -p "${WgRtrDir}"
 RTR_PRIV_KEY=$(wg genkey)
 Endpoint_Rtr_PUB_KEY=$(echo "${RTR_PRIV_KEY}" | wg pubkey)
 RTR_PRE_SHARED_KEY=$(wg genpsk)
 RTR_NUM=$(printf "%03d" $1)
 RTR_FILE_PREFIX="${RTR_NUM}-Router"
 RTR_FILE_RTR="${WgRtrDir}/${RTR_FILE_PREFIX}_Client.rsc"
 RTR_FILE_RTR_ENDPOINT="${WgRtrDir}/${RTR_FILE_PREFIX}_Endpoint.rsc"
 ((debug)) && echo -e "
 Corp            = $Corp
 RTR_NUM         = $RTR_NUM
 CLIENT_FILE_RTR = $RTR_FILE_RTR
 BaseDir         = $BaseDir
 PreShared Key   = $RTR_PRE_SHARED_KEY
 " && exit
 [ -d "${BaseDir}" ] && Message "Creating dir ${BaseDir}" && mkdir -p "${BaseDir}"
 Message "Generated output files:"
 echo -e "${GREEN}---------------------------------------------------------${NC}
 ${RTR_FILE_RTR}
 ${RTR_FILE_RTR_ENDPOINT}
 "
 Message "Client Router Config:"
 echo -e "${GREEN}---------------------------------------------------------${NC}"
 echo -e "/interface wireguard
 add listen-port=13239 mtu=1420 name=wg01 private-key=\"${RTR_PRIV_KEY}\"
 /ip address add address=172.18.1.${RouterNum}/32 comment=wg-wg01 interface=wg01
 /interface wireguard peers add allowed-address=172.16.18.254 client-keepalive=10 disabled=no comment=\"CCR1 Montreal\" interface=wg01 \\
  endpoint-address=${Endpoint_Rtr_Addr_Public} endpoint-port=${Endpoint_Rrt_Port}  preshared-key=\"${RTR_PRE_SHARED_KEY}\" public-key=\"${Endpoint_Rtr_PUB_KEY}\"
 /system script add dont-require-permissions=no name=ping-CCR1 owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=\\
  \"/ping interval=10 10.1.8.11 count=61\"
 /system/scheduler add interval=10m name=Ping-CCR1 on-event=\"/system/script/run ping-CCR1\" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=apr/02/2022 start-time=12:00:00 " \
 | tee "${RTR_FILE_RTR}"
 #echo -e "\n"
 Message "${EndpointID} endpoint Config:"
 echo -e "${GREEN}---------------------------------------------------------${NC}"
 echo -e "/interface wireguard peers add allowed-address=10.1.41.${RouterNum}/32,${RouterSubnet} disabled=no comment=\"Router ${RouterNum} ${NameRouter}\"  \\
 interface=WG-Routers preshared-key=\"${RTR_PRE_SHARED_KEY}\" public-key=\"${Endpoint_Rtr_PUB_KEY}\"
 /ip route add dst-address=${RouterSubnet} gateway=10.1.41.${RouterNum}" \
 | tee "${RTR_FILE_RTR_ENDPOINT}"
 }
 #---------- GetRouter_Infos ----------------------------------------------------
 #
 function GetRouter_Infos()
 {
 local RouterName="$1"
 local IniFile="${1}.cfg"
 local debug=0
 ((debug)) && echo -e "\nIniFile = ${IniFile}\n"
 #read -p "Entrer l'interface du router: " RouterInterface
 echo -e "[${RouterName}]" >> ${IniFile}
 for PARAM in "${PARAMS[@]}"
 do
 echo -e "\nPARAM = $PARAM"
 eval 'read -p "Entrer ${PARAM} " Value'
 eval 'echo ${PARAM}=${Value} >> ${IniFile}'
 done
 ((debug)) && echo "${FUNCNAME[0]} exit"
 }
 #---------- Help ---------------------------------------------------------------
 #
 function Help() {
  cat << EOF
 usage: $(basename "$0") [OPTIONS]
   -a  Debug mode
   -d  Device Name
   -h  Show this message
   -i  Interactive
   -u  User Name
   -n  User / Device number
 EOF
 }
 #================= MAIN =======================================================
 #
 ((!$#)) && Help && exit
 while getopts ad:hi:n:qu: option
 do
 case "${option}" in
    a) debug=1
       ;;
    d) DeviceName="${OPTARG}"
       ;;
    h) Help 
       exit
       ;;
    i) Interactive
       exit
       ;;
    n) UserNumber="${OPTARG}"
       ;;       
    u) UserName="${OPTARG}"
       ;;
    *) Message "Usage (bad argument: $OPTARG)"
       exit 1
       ;;
 esac
 done
 #---Init global variables
 #for PARAM in "${PARAMS[@]}"
 #do
 # eval export '${PARAM}=""'
 # done
 if [[ ! -z ${UserName} ]]			# User mode prioritised if both specified
 then
  ScriptMode=User
  Message "User mode"
 elif [[ ! -z ${DeviceName} ]]
 then
  ScriptMode=Device
  Message "Device mode"
 else
  Message "Must use either -u or -d"
  exit
 fi
 CfgNum=$(find . -maxdepth 1 -iname "*.cfg" |wc -l)
 Message "Avant demande router infos"
 if [[ $CfgNum -eq 1 ]]
 then
  RouterCfg=$(find . -maxdepth 1 -iname "*.cfg" -printf "%f")
  RouterName="${RouterCfg%.*}"
 else
  read -p "Entrer Nom du Router: " RouterName
  ((debug)) && echo -e "Router Name = ${RouterName}"
  GetRouter_Infos "${RouterName}"
  RouterCfg=${RouterName}.cfg
 fi
 ((debug)) && echo -e "
 Après GetRouter_Infos
 RouterName      : $RouterName
 RouterInterface : $RouterInterface
 "
 for PARAM in "${PARAMS[@]}"
 do
 eval ${PARAM}=$(sed -nr "/^\[${RouterName}\]/ { :l /^${PARAM}[ ]*=/ { s/[^=]*=[ ]*//; p; q;}; n; b l;}" $RouterCfg)
 done
 echo -e "Avant Create User"
 ((debug)) && echo -e "
 RouterName       = $RouterName
 DeviceName       = $DeviceName
 UserNumber       = $UserNumber
 UserName         = $UserName
 Rtr_Addr_Admin   = $Rtr_Addr_Admin
 Rtr_Addr_Public  = $Rtr_Addr_Public
 Rrt_Port         = $Rrt_Port
 RtrInterface     = $RtrInterface
 Rtr_Addr_Private = $Rtr_Addr_Private
 Rtr_CIDR_Mask    = $Rtr_CIDR_Mask
 Rtr_PUB_KEY      = $Rtr_PUB_KEY
 " | column -t  && exit
 case "${ScriptMode}" in
    User) CreateUser ${RouterName} ${RtrInterface} ${UserNumber} ${UserName} 
          exit
          ;;
  Router) CreateRouter ${RouterName} ${UserNumber} ${DeviceName} 
 	      ;;
       *) Message "Bad mode passed ${ScriptMode}"
          exit 1
          ;;
 esac
 Message "All done."
--- a/wireguard/genconfig_simple.2025-05-16_110317
+++ b/wireguard/genconfig_simple.2025-05-16_110317
@ -0,0 +1,306 @@
 #!/bin/bash
 debug=0
 BOLD=$(    tput bold)
 NORMAL=$(  tput sgr0)
 RESET=$(   tput sgr0)
 NC=$(      tput sgr0)           # No color
 BOLD=$(    tput bold)
 BLACK=$(   tput setaf 0)
 RED=$(     tput setaf 1)
 GREEN=$(   tput setaf 2)
 YELLOW=$(  tput setaf 3)
 BLUE=$(    tput setaf 4)
 MAGENTA=$( tput setaf 5)
 CYAN=$(    tput setaf 6)
 WHITE=$(   tput setaf 7)
 DEFAULT=$( tput setaf 9)
 #---ini file parameters list
 unset PARAMS;
 PARAMS=(
 Rtr_Addr_Public
 Rrt_Port
 Rtr_Interface
 Rtr_Addr_Private
 Rtr_CIDR_Mask
 Rtr_PUB_KEY
 )
 export RouterName=""
 export Company=""
 export CORP=""
 #========== INTERNAL FUNCTIONS ================================================
 #---------- function Info -----------------------------------------------------
 #
 # With date / time prefix
 #
 Info()
 { 
  printf "${GREEN}%s ${NC} %s\n" "$( date +%F_%T )" "$*"
 }
 #---------- function Message --------------------------------------------------
 #
 # Send to STDOUT
 #
 function Message()
 {
  printf "\n${GREEN}[i] ${BLUE}%s${NC}\n"  "$*"
 }
 #---------- ip2int ------------------------------------------------------------
 #
 function ip2int()
 {
    local a b c d
    { IFS=. read a b c d; } <<< $1
    echo $(((((((a << 8) | b) << 8) | c) << 8) | d))
 }
 #---------- int2ip ------------------------------------------------------------
 #
 function int2ip()
 {
    local ui32=$1; shift
    local ip n
    for n in 1 2 3 4; do
        ip=$((ui32 & 0xff))${ip:+.}$ip
        ui32=$((ui32 >> 8))
    done
    echo $ip
 }
 #---------- CreateUser --------------------------------------------------------
 #
 function CreateUser()
 {
 local CORP=$1
 local RouterCfg=$2
 local UserNumber=$3
 local NameUser=$4
 local debug=1
 #---Read values from config file
 for PARAM in "${PARAMS[@]}"
 do
 eval local ${PARAM}=$(sed -nr "/^\[${CORP}\]/ { :l /^${PARAM}[ ]*=/ { s/[^=]*=[ ]*//; p; q;}; n; b l;}" $RouterCfg)
 done
 Digits=000
 Temp="${Digits}${UserNumber}"
 ClientNumPad=$(echo ${Temp:(-${#Digits})})
 IFS=. read -r octet1 octet2 octet3 octet4 <<< "$Rtr_Addr_Private"
 Subnet="${octet1}.${octet2}.${octet3}"
 Message "Subnet : $Subnet"
 Message "ClientNumPad : $ClientNumPad"
 ((debug)) && echo -e "
 DEBUG - CreateUser
 UserNumber        = $1
 NameUser          = $2
 Company           = $3
 Rtr_Addr_Public   = $Rtr_Addr_Public
 Rrt_Port          = $Rrt_Port
 Rtr_Interface     = $Rtr_Interface
 Rtr_Addr_Private  = $Rtr_Addr_Private
 Rtr_CIDR_Mask     = $Rtr_CIDR_Mask
 Rtr_PUB_KEY       = $Rtr_PUB_KEY
 Subnet            = $Subnet
 " && exit
 CLIENT_PRIV_KEY=$(wg genkey)
 CLIENT_PUB_KEY=$(echo "${CLIENT_PRIV_KEY}" | wg pubkey)
 CLIENT_PRE_SHARED_KEY=$(wg genpsk)
 ROUTER_PUB_KEY="$RouterPubKey"
 CLIENT_FILE_PREFIX="${ClientNumPad}-${NameUser}"
 CLIENT_FILE_WIN="${CLIENT_FILE_PREFIX}.conf"
 CLIENT_FILE_RTR="${CLIENT_FILE_PREFIX}.Peer.rsc"
 echo -e "\nClient:
 ${GREEN}---------------------------------------------------------${NC}"
 echo -e "[Interface]
 PrivateKey = ${CLIENT_PRIV_KEY}
 ListenPort = 51821
 Address = ${Subnet}.${UserNumber}/32
 DNS = 1.1.1.1,8.8.8.8
 [Peer]
 PublicKey = ${ROUTER_PUB_KEY}
 PresharedKey = ${CLIENT_PRE_SHARED_KEY}
 AllowedIPs = 0.0.0.0/0
 Endpoint = ${RouterAddressPub}:${RouterPort}
 PersistentKeepalive = 25
 "  	| tee "${CLIENT_FILE_WIN}"
 echo -e "\nRouter:
 ${GREEN}---------------------------------------------------------${NC}"
 echo -e "/interface wireguard peers 
 add allowed-address=${Subnet}.${UserNumber}/32 disabled=no name=\"${NameUser}\" interface=${Rtr_Interface} \\
 preshared-key=\"${CLIENT_PRE_SHARED_KEY}\" public-key=\"${CLIENT_PUB_KEY}\""| tee "${CLIENT_FILE_RTR}"
 Message "QR Code:"
 qrencode -t ansiutf8 -l L < "${CLIENT_FILE_WIN}"
 qrencode -l L -s 6 -d 225 -o "${CLIENT_FILE_WIN}.png" < "${CLIENT_FILE_WIN}"
 ls -1 ${ClientNumPad}*
 }
 function GetRouter_Infos()
 {
 local RouterName="$1"
 local IniFile="${1}.cfg"
 local debug=0
 ((debug)) && echo -e "\nIniFile = ${IniFile}\n"
 read -p "Entrer CORP: " CORP
 echo -e "[${CORP}]" | tee ${IniFile}
 for PARAM in "${PARAMS[@]}"
 do
 #eval ${PARAM}=$(sed -nr "/^\[${CORP}\]/ { :l /^${PARAM}[ ]*=/ { s/[^=]*=[ ]*//; p; q;}; n; b l;}" ${IniFile})
 echo -e "\nPARAM = $PARAM"
 eval 'read -p "Entrer ${PARAM} " Variable'
 eval 'echo ${PARAM}=${Variable} | tee -a ${IniFile}'
 done
 ((debug)) && echo "GetRouter_Infos exit"
 }
 Help() {
  cat << EOF
 usage: $(basename "$0") [OPTIONS]
   -c  Company name
   -h  Show this message
   -i  Interactive
   -u  User Name
   -n  User number
 EOF
 }
 ((!$#)) && Help && exit
 while getopts c:dhin:r:u: option
 do
 case "${option}" in
 	c) CORP=${OPTARG}
 	   ;;
    d) debug=1
       ;;
    h) Help 
       exit
       ;;
    i) Interactive
       exit
       ;;
    n) UserNumber="${OPTARG}"
       ;;       
    r) RouterName="${OPTARG}"	# à enlever
       ;;
    u) NameUser="${OPTARG}"
       ;;
    *) echo -e "Usage (bad argument: $OPTARG) \n"
       exit 1;;
 esac
 done
 #---Init global variables
 #for PARAM in "${PARAMS[@]}"
 #do
 # eval export '${PARAM}=""'
 # done
 CfgNum=$(find . -maxdepth 1 -iname "*.cfg" |wc -l)
 #Message "Found $CfgNum config files"
 if [[ $CfgNum -eq 1 ]]
 then
  RouterCfg=$(find . -maxdepth 1 -iname "*.cfg" -printf "%f")
 else
  read -p "Entrer Nom du Router: " RouterName
  ((debug)) && echo -e "Router Name = ${RouterName}"
  GetRouter_Infos "${RouterName}"
  RouterCfg=${RouterName}.cfg
 fi
 ((debug)) &&echo -e "
 RouterCfg : $RouterCfg
 CORP      : $CORP
 "
 #((debug)) && echo -e "Avant PARAM"
 for PARAM in "${PARAMS[@]}"
 do
 eval ${PARAM}=$(sed -nr "/^\[${CORP}\]/ { :l /^${PARAM}[ ]*=/ { s/[^=]*=[ ]*//; p; q;}; n; b l;}" $RouterCfg)
 done
 echo -e "
 Avant Create User
 UserNumber       = $UserNumber
 NameUser         = $NameUser
 CORP             = $CORP
 Rtr_Addr_Public  = $Rtr_Addr_Public
 Rrt_Port         = $Rrt_Port
 Rtr_Interface    = $Rtr_Interface
 Rtr_Addr_Private = $Rtr_Addr_Private
 Rtr_CIDR_Mask    = $Rtr_CIDR_Mask
 Rtr_PUB_KEY      = $Rtr_PUB_KEY
 "
 exit
 CreateUser ${CORP} ${RouterCfg} ${UserNumber} ${NameUser} 
 #${Rtr_Addr_Public} ${Rrt_Port} ${Rtr_Interface} ${Rtr_Addr_Private} ${Rtr_CIDR_Mask} "${Rtr_PUB_KEY}"
 exit
 CLIENT_PRIV_KEY=$(wg genkey)
 CLIENT_PUB_KEY=$(echo "${CLIENT_PRIV_KEY}" | wg pubkey)
 CLIENT_PRE_SHARED_KEY=$(wg genpsk)
 echo -e "
 CLIENT_PRIV_KEY		$CLIENT_PRIV_KEY
 CLIENT_PUB_KEY		$CLIENT_PUB_KEY
 CLIENT_PRE_SHARED_KEY	$CLIENT_PRE_SHARED_KEY
 "
--- a/wireguard/genconfig_simple.2025-07-31_221920
+++ b/wireguard/genconfig_simple.2025-07-31_221920
@ -0,0 +1,430 @@
 #!/bin/bash
 Version=250731-1953
 debug=0
 ScriptMode=""					# Script gen mode for client: user or router
 BOLD=$(    tput bold)
 NORMAL=$(  tput sgr0)
 RESET=$(   tput sgr0)
 NC=$(      tput sgr0)           # No color
 BOLD=$(    tput bold)
 BLACK=$(   tput setaf 0)
 RED=$(     tput setaf 1)
 GREEN=$(   tput setaf 2)
 YELLOW=$(  tput setaf 3)
 BLUE=$(    tput setaf 4)
 MAGENTA=$( tput setaf 5)
 CYAN=$(    tput setaf 6)
 WHITE=$(   tput setaf 7)
 DEFAULT=$( tput setaf 9)
 #---ini file parameters list
 unset PARAMS;
 PARAMS=(
 RtrInterface
 Rtr_Addr_Admin
 Rtr_Addr_Public
 Rrt_Port
 Rtr_Addr_Private
 Rtr_CIDR_Mask
 Rtr_PUB_KEY
 Rtr_DNS
 Rtr_Route
 )
 export RouterName=""
 export RouterInterface=""
 export DeviceName=""
 export Company=""
 export CORP=""
 export UserName=""
 #========== INTERNAL FUNCTIONS ================================================
 #---------- function Info -----------------------------------------------------
 #
 # With date / time prefix
 #
 Info()
 { 
  printf "${GREEN}%s ${NC} %s\n" "$( date +%F_%T )" "$*"
 }
 #---------- function Message --------------------------------------------------
 #
 # Send to STDOUT
 #
 function Message()
 {
  printf "\n${GREEN}[i] ${BLUE}%s${NC}\n"  "$*"
 }
 #---------- ip2int ------------------------------------------------------------
 #
 function ip2int()
 {
    local a b c d
    { IFS=. read a b c d; } <<< $1
    echo $(((((((a << 8) | b) << 8) | c) << 8) | d))
 }
 #---------- int2ip ------------------------------------------------------------
 #
 function int2ip()
 {
    local ui32=$1; shift
    local ip n
    for n in 1 2 3 4; do
        ip=$((ui32 & 0xff))${ip:+.}$ip
        ui32=$((ui32 >> 8))
    done
    echo $ip
 }
 #---------- RouterCommand -----------------------------------------------------
 #
 function RouterConnect()
 {
  local Command="$"
 }
 #---------- CreateUser --------------------------------------------------------
 #
 function CreateUser()
 {
 local RouterName=$1
 local RouterInterface=$2
 local UserNumber=$3
 local UserName=$4
 local debug=0
 RouterCfg="${RouterName}.cfg"
 #---Read values from config file
 for PARAM in "${PARAMS[@]}"
 do
 eval local ${PARAM}=$(sed -nr "/^\[${RouterName}\]/ { :l /^${PARAM}[ ]*=/ { s/[^=]*=[ ]*//; p; q;}; n; b l;}" $RouterCfg)
 done
 Digits=000
 Temp="${Digits}${UserNumber}"
 ClientNumPad=$(echo ${Temp:(-${#Digits})})
 IFS=. read -r octet1 octet2 octet3 octet4 <<< "$Rtr_Addr_Private"
 Subnet="${octet1}.${octet2}.${octet3}"
 UserAddress=${Subnet}.${UserNumber}/32
 Message "Subnet : $Subnet"
 Message "ClientNumPad : $ClientNumPad"
 ((debug)) && echo -e "
 DEBUG - CreateUser
 User	Number        = $1
 UserName          = $2
 UserName          = $3
 UserAddress       = $UserAddress
 Rtr_Addr_Public   = $Rtr_Addr_Public
 Rrt_Port          = $Rrt_Port
 RouterInterface   = $RouterInterface
 Rtr_Addr_Private  = $Rtr_Addr_Private
 Rtr_CIDR_Mask     = $Rtr_CIDR_Mask
 Rtr_PUB_KEY       = $Rtr_PUB_KEY
 Subnet            = $Subnet
 " | column -t && exit
 CLIENT_PRIV_KEY=$(wg genkey)
 CLIENT_PUB_KEY=$(echo "${CLIENT_PRIV_KEY}" | wg pubkey)
 CLIENT_PRE_SHARED_KEY=$(wg genpsk)
 ROUTER_PUB_KEY="$RouterPubKey"
 CLIENT_FILE_PREFIX="U-${ClientNumPad}-${UserName}"
 CLIENT_FILE_WIN="${CLIENT_FILE_PREFIX}.conf"
 CLIENT_FILE_RTR="${CLIENT_FILE_PREFIX}.Peer.rsc"
 echo -e "\nClient:
 ${GREEN}---------------------------------------------------------${NC}"
 echo -e "[Interface]
 PrivateKey = ${CLIENT_PRIV_KEY}
 ListenPort = 51821
 Address = ${UserAddress}
 DNS = 1.1.1.1,8.8.8.8
 [Peer]
 PublicKey = ${Rtr_PUB_KEY}
 PresharedKey = ${CLIENT_PRE_SHARED_KEY}
 AllowedIPs = 0.0.0.0/0
 Endpoint = ${Rtr_Addr_Public}:${Rrt_Port}
 PersistentKeepalive = 25
 "  	| tee "${CLIENT_FILE_WIN}"
 echo -e "\nRouter:
 ${GREEN}---------------------------------------------------------${NC}"
 echo -e "/interface wireguard peers 
 add allowed-address=${Subnet}.${UserNumber}/32 disabled=no name=\"${UserName}\" interface=${RouterInterface} \\
 preshared-key=\"${CLIENT_PRE_SHARED_KEY}\" public-key=\"${CLIENT_PUB_KEY}\""| tee "${CLIENT_FILE_RTR}"
 Message "QR Code:"
 qrencode -t ansiutf8 -l L < "${CLIENT_FILE_WIN}"
 qrencode -l L -s 6 -d 225 -o "${CLIENT_FILE_WIN}.png" < "${CLIENT_FILE_WIN}"
 Message "Generated User Files:"
 ls -1 ${CLIENT_FILE_PREFIX}*
 }
 #---------- CreateRouter ------------------------------------------------------
 #
 function CreateRouter()
 {
 local debug=1
 local RouterNum="$1"
 local RouterSubnet="$2"
 local Corp="$3"
 local BaseDir="${BaseDir}/${Corp}"                      # BaseDir global variable
 local WgRtrDir="${BaseDir}/routers"
 #---Create paths if not there
 [ ! -d "$WgRtrDir" ] && mkdir -p "${WgRtrDir}"
 RTR_PRIV_KEY=$(wg genkey)
 Endpoint_Rtr_PUB_KEY=$(echo "${RTR_PRIV_KEY}" | wg pubkey)
 RTR_PRE_SHARED_KEY=$(wg genpsk)
 RTR_NUM=$(printf "%03d" $1)
 RTR_FILE_PREFIX="${RTR_NUM}-Router"
 RTR_FILE_RTR="${WgRtrDir}/${RTR_FILE_PREFIX}_Client.rsc"
 RTR_FILE_RTR_ENDPOINT="${WgRtrDir}/${RTR_FILE_PREFIX}_Endpoint.rsc"
 ((debug)) && echo -e "
 Corp            = $Corp
 RTR_NUM         = $RTR_NUM
 CLIENT_FILE_RTR = $RTR_FILE_RTR
 BaseDir         = $BaseDir
 PreShared Key   = $RTR_PRE_SHARED_KEY
 " && exit
 [ -d "${BaseDir}" ] && Message "Creating dir ${BaseDir}" && mkdir -p "${BaseDir}"
 Message "Generated output files:"
 echo -e "${GREEN}---------------------------------------------------------${NC}
 ${RTR_FILE_RTR}
 ${RTR_FILE_RTR_ENDPOINT}
 "
 Message "Client Router Config:"
 echo -e "${GREEN}---------------------------------------------------------${NC}"
 echo -e "/interface wireguard
 add listen-port=13239 mtu=1420 name=wg01 private-key=\"${RTR_PRIV_KEY}\"
 /ip address add address=172.18.1.${RouterNum}/32 comment=wg-wg01 interface=wg01
 /interface wireguard peers add allowed-address=172.16.18.254 client-keepalive=10 disabled=no comment=\"CCR1 Montreal\" interface=wg01 \\
  endpoint-address=${Endpoint_Rtr_Addr_Public} endpoint-port=${Endpoint_Rrt_Port}  preshared-key=\"${RTR_PRE_SHARED_KEY}\" public-key=\"${Endpoint_Rtr_PUB_KEY}\"
 /system script add dont-require-permissions=no name=ping-CCR1 owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=\\
  \"/ping interval=10 10.1.8.11 count=61\"
 /system/scheduler add interval=10m name=Ping-CCR1 on-event=\"/system/script/run ping-CCR1\" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=apr/02/2022 start-time=12:00:00 " \
 | tee "${RTR_FILE_RTR}"
 #echo -e "\n"
 Message "${EndpointID} endpoint Config:"
 echo -e "${GREEN}---------------------------------------------------------${NC}"
 echo -e "/interface wireguard peers add allowed-address=10.1.41.${RouterNum}/32,${RouterSubnet} disabled=no comment=\"Router ${RouterNum} ${NameRouter}\"  \\
 interface=WG-Routers preshared-key=\"${RTR_PRE_SHARED_KEY}\" public-key=\"${Endpoint_Rtr_PUB_KEY}\"
 /ip route add dst-address=${RouterSubnet} gateway=10.1.41.${RouterNum}" \
 | tee "${RTR_FILE_RTR_ENDPOINT}"
 }
 #---------- GetRouter_Infos ----------------------------------------------------
 #
 function GetRouter_Infos()
 {
 local RouterName="$1"
 local IniFile="${1}.cfg"
 local debug=0
 ((debug)) && echo -e "\nIniFile = ${IniFile}\n"
 #read -p "Entrer l'interface du router: " RouterInterface
 echo -e "[${RouterName}]" >> ${IniFile}
 for PARAM in "${PARAMS[@]}"
 do
 echo -e "\nPARAM = $PARAM"
 eval 'read -p "Entrer ${PARAM} " Value'
 eval 'echo ${PARAM}=${Value} >> ${IniFile}'
 done
 ((debug)) && echo "${FUNCNAME[0]} exit"
 }
 #---------- Help ---------------------------------------------------------------
 #
 function Help() {
  cat << EOF
 usage: $(basename "$0") [OPTIONS]
   -a  Debug mode
   -d  Device Name
   -h  Show this message
   -i  Interactive
   -u  User Name
   -n  User / Device number
 EOF
 }
 #================= MAIN =======================================================
 #
 ((!$#)) && Help && exit
 while getopts ad:hi:n:qu: option
 do
 case "${option}" in
    a) debug=1
       ;;
    d) DeviceName="${OPTARG}"
       ;;
    h) Help 
       exit
       ;;
    i) Interactive
       exit
       ;;
    n) UserNumber="${OPTARG}"
       ;;       
    u) UserName="${OPTARG}"
       ;;
    *) Message "Usage (bad argument: $OPTARG)"
       exit 1
       ;;
 esac
 done
 #---Init global variables
 #for PARAM in "${PARAMS[@]}"
 #do
 # eval export '${PARAM}=""'
 # done
 if [[ ! -z ${UserName} ]]			# User mode prioritised if both specified
 then
  ScriptMode=User
  Message "User mode"
 elif [[ ! -z ${DeviceName} ]]
 then
  ScriptMode=Device
  Message "Device mode"
 else
  Message "Must use either -u or -d"
  exit
 fi
 CfgNum=$(find . -maxdepth 1 -iname "*.cfg" |wc -l)
 Message "Avant demande router infos"
 if [[ $CfgNum -eq 1 ]]
 then
  RouterCfg=$(find . -maxdepth 1 -iname "*.cfg" -printf "%f")
  RouterName="${RouterCfg%.*}"
 else
  read -p "Entrer Nom du Router: " RouterName
  ((debug)) && echo -e "Router Name = ${RouterName}"
  GetRouter_Infos "${RouterName}"
  RouterCfg=${RouterName}.cfg
 fi
 ((debug)) && echo -e "
 Après GetRouter_Infos
 RouterName      : $RouterName
 RouterInterface : $RouterInterface
 "
 for PARAM in "${PARAMS[@]}"
 do
 eval ${PARAM}=$(sed -nr "/^\[${RouterName}\]/ { :l /^${PARAM}[ ]*=/ { s/[^=]*=[ ]*//; p; q;}; n; b l;}" $RouterCfg)
 done
 echo -e "Avant Create User"
 ((debug)) && echo -e "
 RouterName       = $RouterName
 DeviceName       = $DeviceName
 UserNumber       = $UserNumber
 UserName         = $UserName
 Rtr_Addr_Admin   = $Rtr_Addr_Admin
 Rtr_Addr_Public  = $Rtr_Addr_Public
 Rrt_Port         = $Rrt_Port
 RtrInterface     = $RtrInterface
 Rtr_Addr_Private = $Rtr_Addr_Private
 Rtr_CIDR_Mask    = $Rtr_CIDR_Mask
 Rtr_PUB_KEY      = $Rtr_PUB_KEY
 " | column -t  && exit
 case "${ScriptMode}" in
    User) CreateUser ${RouterName} ${RtrInterface} ${UserNumber} ${UserName} 
          exit
          ;;
  Router) CreateRouter ${RouterName} ${UserNumber} ${DeviceName} 
 	      ;;
       *) Message "Bad mode passed ${ScriptMode}"
          exit 1
          ;;
 esac
 Message "All done."
--- a/wireguard/genconfig_simple.md
+++ b/wireguard/genconfig_simple.md
@ -0,0 +1,34 @@
 1) Le script fonctionne en partant du principe qu'il va sauver / utiliser un fichier INI et les fichiers Wireguard générés en relation avec ça dans un répertoire
   Ça veut dire qu'on doit utiliser quelque chose qui ressemble à:
   	Compagnie / router1
   	Compagnie / router2
   Donc, on fait un "cd" Compagnie/router1 et on utilise de là
   On pourrait aussi avoir:  Compagnie / router1 / interface 1  (j'ai la plupart du temps WG_Users et WG_Routers!)
 2) Les paramètres sont contenus dans un array au début du script.  Je vais ajouter un champs sur chaque ligne pour un "nom de field" plus facile à comprendre
 PARAMS=(
 RtrInterface		Nom de l'interface Wireguard avec laquelle sera associée la config du client
 Rtr_Addr_Admin		L'adresse IP où le script va connecter pour ajouter la config du client (futur)
 Rtr_Addr_Public		L'adresse publique sur laquelle le client connecte: IP ou FQDN
 Rrt_Port		Le port de l'interface associée du router sur lequel le client connecte
 Rtr_Addr_Private	L'adresse du router, sur le subnet alloué au clients.  Mon standard, genre: 10.1.2.254 et le client #1 aura 10.1.2.1, client #2 10.1.2.2, etc
 Rtr_CIDR_Mask		Le masque du subnet associé à l'interface du router sur son interface
 Rtr_PUB_KEY		La clef publique associée à l'interface du router
 Rtr_DNS			Le/les DNS qu'on place dans la config du client
 Rtr_Route_Subnet	Le subnet qui est associé au routage pour la connexion client.  0.0.0.0/0 pour envoyer tout le trafic via cette connexion wireguard.
 )
 3) Je conseille d'utiliser des noms de user et routers avec un # de séquence associé.  Ça permet de savoir quel IP sera allouée à chaque client
 	Ex: 	U001-Guy, U002-Marc  (Users)
 		R001-Toronto, R002-Quebec  (Routers)
 4) Les paramètres de la CLI on beaucoup changé avec la dernière version, voir la manière actuelle dans l'exemple ci-bas
 ## Utilisation
 ~~~bash
 # Pour l'instant, minimal (autres paramètres = futur):
 ../genconfig_simple -n 1 -u marc
 ~~~
--- a/wireguard/ingtegration/chateauguay/router/RB5009.cfg
+++ b/wireguard/ingtegration/chateauguay/router/RB5009.cfg
@ -0,0 +1,7 @@
 [RB5009]
 Rtr_Addr_Public=heh08h84mnt.sn.mynetname.net
 Rrt_Port=14321
 Rtr_Interface=WG-Devices
 Rtr_Addr_Private=172.16.254.2
 Rtr_CIDR_Mask=24
 Rtr_PUB_KEY=MmTMFo+Fs3N9jrcVeGKkmMi2NoZctvSB7813LCN12nY=
--- a/wireguard/ingtegration/chateauguay/test/RB5009.cfg
+++ b/wireguard/ingtegration/chateauguay/test/RB5009.cfg
@ -0,0 +1,15 @@
 [WG01]
 Rtr_Addr_Public=heh08h84mnt.sn.mynetname.net
 Rrt_Port=14322
 Rtr_Addr_Private=172.16.40.254
 Rtr_CIDR_Mask=24
 Rtr_PUB_KEY=iPArVoKAjEYTsvSb2NdQRDIUxHPHBgGTHAK3uAKKvkw=
 [WG02]
 Rtr_Addr_Public=heh08h84mnt.sn.mynetname.net
 Rrt_Port=14322
 Rtr_Addr_Private=172.16.40.254
 Rtr_CIDR_Mask=24
 Rtr_PUB_KEY=iPArVoKAjEYTsvSb2NdQRDIUxHPHBgGTHAK3uAKKvkw=
--- a/wireguard/ingtegration/chateauguay/test/U-002-guy.Peer.rsc
+++ b/wireguard/ingtegration/chateauguay/test/U-002-guy.Peer.rsc
@ -0,0 +1,3 @@
 /interface wireguard peers 
 add allowed-address=172.16.40.2/32 disabled=no name="guy" interface=WG01 \
 preshared-key="Ib7k3/rWONN4Ga4oA5EfweGiMk8+BvS59HYmpSkSzCA=" public-key="ziekWouNBWmOUIlCx9uO6U4FOoBQbagLqOwnKKEsvn4="
--- a/wireguard/ingtegration/chateauguay/test/U-002-guy.conf
+++ b/wireguard/ingtegration/chateauguay/test/U-002-guy.conf
@ -0,0 +1,13 @@
 [Interface]
 PrivateKey = eOmsbsjFnFi9AtWjJyQmPmWUSdq0gg2P35ysdxOJyVE=
 ListenPort = 51821
 Address = 172.16.40.2/32
 DNS = 1.1.1.1,8.8.8.8
 [Peer]
 PublicKey = iPArVoKAjEYTsvSb2NdQRDIUxHPHBgGTHAK3uAKKvkw=
 PresharedKey = Ib7k3/rWONN4Ga4oA5EfweGiMk8+BvS59HYmpSkSzCA=
 AllowedIPs = 0.0.0.0/0
 Endpoint = heh08h84mnt.sn.mynetname.net:14322
 PersistentKeepalive = 25
--- a/wireguard/ingtegration/chateauguay/test/U-002-guy.conf.png
+++ b/wireguard/ingtegration/chateauguay/test/U-002-guy.conf.png
--- a/wireguard/ingtegration/chateauguay/test/readini
+++ b/wireguard/ingtegration/chateauguay/test/readini
@ -0,0 +1,34 @@
 #!/bin/bash
 INI_FILE="$1"
 SECTIONS_NUM=0
 unset ${INI_ALL_SECTION}
 while read -r line || [ -n "$line" ]
 do
 	echo -e "\nLine = $line"
 	# Skip blank lines and comments
 	if [ -z "$line" -o "${line:0:1}" = ";" -o "${line:0:1}" = "#" ]
 	then
 		continue
 	fi
 	# Section marker?
 	if [[ "${line}" =~ ^\[[a-zA-Z0-9_]{1,}\]$ ]]
 	then
 		# Set SECTION var to name of section (strip [ and ] from section marker)
 		SECTION="${line#[}"
 		SECTION="${SECTION%]}"
 		echo -e "SECTION = ${SECTION}"
 		#eval "${INI_ALL_SECTION}=\"\${${INI_ALL_SECTION}# } $SECTION\""
 		((SECTIONS_NUM++))
 		continue
 	fi
 done  <"${INI_FILE}"
 echo -e "SECTIONS_NUM = $SECTIONS_NUM"
 echo "INI_ALL_SECTION = $INI_ALL_SECTION"
--- a/wireguard/ingtegration/chateauguay/user/RB5009.cfg
+++ b/wireguard/ingtegration/chateauguay/user/RB5009.cfg
@ -0,0 +1,7 @@
 [RB5009]
 Rtr_Addr_Public=heh08h84mnt.sn.mynetname.net
 Rrt_Port=14322
 Rtr_Interface=WG-Users
 Rtr_Addr_Private=172.16.40.254
 Rtr_CIDR_Mask=24
 Rtr_PUB_KEY=iPArVoKAjEYTsvSb2NdQRDIUxHPHBgGTHAK3uAKKvkw=
--- a/wireguard/ingtegration/chateauguay/user/U-003-dana.Peer.rsc
+++ b/wireguard/ingtegration/chateauguay/user/U-003-dana.Peer.rsc
@ -0,0 +1,3 @@
 /interface wireguard peers 
 add allowed-address=172.16.40.3/32 disabled=no name="pcguy" interface=WG-Users \
 preshared-key="nlvAgKyqzNZon2vv8mGBUoFIyGZ5XWmNLLEN+ULI8OU=" public-key="UYXWTpjsuLD8oBIbmG+/E4ayJ7/HvEs5RotwqlW2938="
--- a/wireguard/ingtegration/chateauguay/user/U-003-dana.conf
+++ b/wireguard/ingtegration/chateauguay/user/U-003-dana.conf
@ -0,0 +1,13 @@
 [Interface]
 PrivateKey = sIwBWQDsBHyXh50pjFEF04NtK5H2zan9eyo1G189VXo=
 ListenPort = 51821
 Address = 172.16.40.3/32
 DNS = 1.1.1.1,8.8.8.8
 [Peer]
 PublicKey = iPArVoKAjEYTsvSb2NdQRDIUxHPHBgGTHAK3uAKKvkw=
 PresharedKey = nlvAgKyqzNZon2vv8mGBUoFIyGZ5XWmNLLEN+ULI8OU=
 AllowedIPs = 0.0.0.0/0
 Endpoint = heh08h84mnt.sn.mynetname.net:14322
 PersistentKeepalive = 25
--- a/wireguard/ingtegration/chateauguay/user/U-003-dana.conf.png
+++ b/wireguard/ingtegration/chateauguay/user/U-003-dana.conf.png
--- a/wireguard/ingtegration/users/004-Guy.CCR1.rsc
+++ b/wireguard/ingtegration/users/004-Guy.CCR1.rsc
@ -0,0 +1,3 @@
 /interface wireguard peers 
 add allowed-address=10.8.38.4/32 disabled=no comment="User Guy" interface=wg1 \
 preshared-key="azOSAxvB4FqFR0XYvXiVZL3XZn1QD5S1ttQSSc/MiTk=" public-key="xXg+ZoZcv36AuzmfzpBAqGDmgIhEwkucFw5bm/kgCTM="
--- a/wireguard/ingtegration/users/004-Guy.conf
+++ b/wireguard/ingtegration/users/004-Guy.conf
@ -0,0 +1,13 @@
 [Interface]
 PrivateKey = UEX8Fq51QVG6oIPdCy8eWfrJcONrArRqyieK1faBzkE=
 ListenPort = 51821
 Address = 10.8.38.4/32
 DNS = 1.1.1.1,8.8.8.8
 [Peer]
 PublicKey = iPArVoKAjEYTsvSb2NdQRDIUxHPHBgGTHAK3uAKKvkw=
 PresharedKey = azOSAxvB4FqFR0XYvXiVZL3XZn1QD5S1ttQSSc/MiTk=
 AllowedIPs = 10.8.0.0/16
 Endpoint = seve.ingtegration.com:14322
 PersistentKeepalive = 25
--- a/wireguard/koze-maison/users/Samantha.Endpoint.rsc
+++ b/wireguard/koze-maison/users/Samantha.Endpoint.rsc
@ -0,0 +1,3 @@
 /interface wireguard peers 
 add allowed-address=172.16.15.1/32 disabled=no comment="User Samantha" interface=WG-Users \
 preshared-key="PVmxXI1HtsrmM/pmmOfPJRLj9ITG6LXDEGN9NyT/wzY=" public-key="+MNTBsVZUQZ+tjFz9mD1uLH8CEAifSM9O0xqlm+XfCM="
--- a/wireguard/koze-maison/users/Samantha.conf
+++ b/wireguard/koze-maison/users/Samantha.conf
@ -0,0 +1,13 @@
 [Interface]
 PrivateKey = UA2nrQP2taQy1aYWtwxPPD2/qbQwiWckWSS2ucp5lnE=
 ListenPort = 51821
 Address = 172.16.15.1/32
 DNS = 1.1.1.1,8.8.8.8
 [Peer]
 PublicKey = lCzZXZYTwnDGVbAtEE/vEH0TtpVqy7fBcZMBXiBBA1s=
 PresharedKey = PVmxXI1HtsrmM/pmmOfPJRLj9ITG6LXDEGN9NyT/wzY=
 AllowedIPs = 172.16.0.0/16
 Endpoint = b4a30b139a75.sn.mynetname.net:14233
 PersistentKeepalive = 25
--- a/wireguard/koze-maison/users/Samantha.conf.png
+++ b/wireguard/koze-maison/users/Samantha.conf.png
--- a/wireguard/real/genconfig
+++ b/wireguard/real/genconfig
@ -0,0 +1,288 @@
 #!/bin/bash
 Version=240226-1434
 debug=0
 CORP=EVOQ
 Rtr_CCR1_Addr="d90d0d815e13.sn.mynetname.net"
 Rtr_CCR1_Port="13232"
 Usr_CCR1_Addr="d90d0d815e13.sn.mynetname.net"
 Usr_CCR1_Port="13233"
 ScriptName=$(basename "$0")
 BaseDir="/home/boig01/temp/wireguard/real"
 WgRtrDir="${BaseDir}/routers"
 WgUsrDir="${BaseDir}/users"
 RTR_CCR1_PUB_KEY="9au45IDNJhHDNtN+LIpJDyMFTEYdN9WOSSHEJS8WRmw="
 USR_CCR1_PUB_KEY="vaH/ozwjGfhC1ODOJZ6PExwDNTRlms2kU43xmGi67yg="
 NumUser=0
 NumRouter=0
 NameUser=0
 Mode=0
 YELLOW='\033[0;33«m'
 GREEN='\033[0;32m'
 RED='\033[0;31m'
 BLUE='\033[0;34m'
 NC='\033[0m' 		# No Color
 # Create paths if not there
 [ ! -d "$WgRtrDir" ] && mkdir -p "${WgRtrDir}"
 [ ! -d "$WgUsrDir" ] && mkdir -p "${WgUsrDir}"
 Start_Subnet=10.1.32.0
 Bits_Subnet=3
 Subnet_Bits=$((32-Bits_Subnet))              # Router address subnet bits
 NAPS=$((2**Bits_Subnet))                     # Nombre d'Adresses Par Subnet
 #=================== function Help ============================================
 #
 function Help()
 {
 echo -e "
 WireGuard-MikroTik ${BLUE}${CORP}${NC} configurator
 usage:
  ${ScriptName} [Options]
  -n  User #      (Unique user number between 1 and 253)
  -u  User name   (AdrianSmith)
  -r  Router #    (EVOQ router #, like 1 or 11)
 When in user mode, you must provide name & unique user number between 2 and 253.
 This user number will be assigned an ip address 10.1.40.[user #].
 " && exit
 }
 #=================== function Info =============================================
 #
 # Avec date / time prefix
 #
 Info() { printf "${GREEN}%s ${NC} %s\n" "$( date +%F_%T )" "$*" >&2; }	# send to stderr
 #=================== function Message ==========================================
 #
 #
 Message() { printf "\n${GREEN}%s${NC}\n"  "$*"; }      			# send to stdout
 #=================== function ip2int ===========================================
 #
 ip2int()
 {
    local a b c d
    { IFS=. read a b c d; } <<< $1
    echo $(((((((a << 8) | b) << 8) | c) << 8) | d))
 }
 #=================== function int2ip ===========================================
 #
 int2ip()
 {
    local ui32=$1; shift
    local ip n
    for n in 1 2 3 4; do
        ip=$((ui32 & 0xff))${ip:+.}$ip
        ui32=$((ui32 >> 8))
    done
    echo $ip
 }
 #======================== CreateUser ==========================================
 #
 function CreateUser()
 {
 ClientName=$1
 ClientNum=$2
 CLIENT_PRIV_KEY=$(wg genkey)
 CLIENT_PUB_KEY=$(echo "${CLIENT_PRIV_KEY}" | wg pubkey)
 CLIENT_PRE_SHARED_KEY=$(wg genpsk)
 CLIENT_NUM=$(printf "%03d" $2)
 CLIENT_FILE_PREFIX="${CLIENT_NUM}-${ClientName}"
 CLIENT_FILE_WIN="${WgUsrDir}/${CLIENT_FILE_PREFIX}.conf"
 CLIENT_FILE_RTR="${WgUsrDir}/${CLIENT_FILE_PREFIX}.CCR1.rsc"
 ((debug)) && echo -e "
 ClientName      = $1
 CLIENT_NUM      = $CLIENT_NUM
 CLIENT_FILE_WIN = $CLIENT_FILE_WIN
 CLIENT_FILE_RTR = $CLIENT_FILE_RTR
 " && exit
 echo -e "Client:
 ${GREEN}---------------------------------------------------------${NC}"
 echo -e "[Interface]
 PrivateKey = ${CLIENT_PRIV_KEY}
 ListenPort = 51821
 Address = 192.168.10.${ClientNum}/32
 DNS = 192.168.10.1,1.1.1.1
 [Peer]
 PublicKey = ${USR_CCR1_PUB_KEY}
 PresharedKey = ${CLIENT_PRE_SHARED_KEY}
 AllowedIPs = 192.168.0.0/16
 Endpoint = ${Usr_CCR1_Addr}:${Usr_CCR1_Port}
 " | tee "${CLIENT_FILE_WIN}"
 echo -e "\nCCR:
 ---------------------------------------------------------"
 echo -e "/interface wireguard peers add
 allowed-address=192.168.10.${ClientNum}/32 client-keepalive=10 disabled=no comment=\"User ${ClientName}\" interface=wg1 \\
   preshared-key=\"${CLIENT_PRE_SHARED_KEY}\" public-key=\"${CLIENT_PUB_KEY}\""| tee "${CLIENT_FILE_RTR}"
 }
 #======================== CreateRouter ========================================
 #
 function CreateRouter()
 {
 RouterNum="$1"
 RouterSubnet="$2"
 RTR_PRIV_KEY=$(wg genkey)
 RTR_PUB_KEY=$(echo "${RTR_PRIV_KEY}" | wg pubkey)
 RTR_PRE_SHARED_KEY=$(wg genpsk)
 RTR_NUM=$(printf "%03d" $1)
 RTR_FILE_PREFIX="${RTR_NUM}-Router"
 RTR_FILE_RTR="${WgRtrDir}/${RTR_FILE_PREFIX}.rsc"
 RTR_FILE_RTR_CCR1="${WgRtrDir}/${RTR_FILE_PREFIX}.CCR1.rsc"
 ((debug)) && echo -e "
 ClientName      = $1
 CLIENT_NUM      = $RTR_NUM
 CLIENT_FILE_RTR = $RTR_FILE_RTR
 " && exit
 Message "** Generated output files:"
 echo -e "${GREEN}---------------------------------------------------------${NC}
 ${RTR_FILE_RTR}
 ${RTR_FILE_RTR_CCR1}
 "
 Message "** Router Client Config:"
 echo -e "${GREEN}---------------------------------------------------------${NC}"
 echo -e "/interface wireguard
 add listen-port=13239 mtu=1420 name=wg01 private-key=\"${RTR_PRIV_KEY}\"
 /ip address add address=10.1.41.${RouterNum}/32 comment=wg-wg01 interface=wg01
 /ip route add dst-address=10.0.0.0/8 gateway=wg01
 /ip route add dst-address=192.168.0.0/16 gateway=wg01
 /interface wireguard peers add allowed-address=10.0.0.0/8,192.168.0.0/16 client-keepalive=10 disabled=no comment=\"CCR1 Montreal\" interface=wg01 \\
  endpoint-address=${Rtr_CCR1_Addr} endpoint-port=${Rtr_CCR1_Port}  preshared-key=\"${RTR_PRE_SHARED_KEY}\" public-key=\"${RTR_CCR1_PUB_KEY}\"
 /system script add dont-require-permissions=no name=ping-CCR1 owner=admin policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=\\
  \"/ping interval=10 10.1.8.11 count=61\"
 /system/scheduler add interval=10m name=Ping-CCR1 on-event=\"/system/script/run ping-CCR1\" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon start-date=apr/02/2022 start-time=12:00:00 " \
 | tee "${RTR_FILE_RTR}"
 #echo -e "\n"
 Message "** CCR1 Config:"
 echo -e "${GREEN}---------------------------------------------------------${NC}"
 echo -e "/interface wireguard peers add allowed-address=10.1.41.${RouterNum}/32,${RouterSubnet} disabled=no comment=\"Router ${RouterNum}\"  \\
 interface=WG-Routers preshared-key=\"${RTR_PRE_SHARED_KEY}\" public-key=\"${RTR_PUB_KEY}\"
 /ip route add dst-address=${RouterSubnet} gateway=10.1.41.${RouterNum}" \
 | tee "${RTR_FILE_RTR_CCR1}"
 }
 #=================== function RrtSubnet ========================================
 #
 RtrSubnet()
 {
  local RtrNum=$1
  BaseNum=$(ip2int $Start_Subnet)      # Subnet de depart en format integer
  Nth=$((RtrNum-1))                    # Le router #1 est "0" dans la séquence de subnet, #2 est 1, etc
  Nth=$((Nth*NAPS))                    # Decimal a aditionner en fonction pour le Nth router
  Subnet=$((BaseNum+Nth))              # Nth subnet calculé
 #  Subnet="${Subnet}/$(Bits_Subnet=3})"
  echo -e "$(int2ip $Subnet)/${Subnet_Bits}"
 }
 #================ MAIN ========================================================
 #
 ((!$#)) && Help && exit		# If no command parameters passed, help and bail out
 echo -e "\nWireGuard-MikroTik ${BLUE}${CORP}${NC} configurator version $Version\n"
 while getopts dhn:r:u: option
 do
 case "${option}" in
    d) debug=1
       ;;
    h) Help 
       exit ;;
    n) NumUser=${OPTARG}
       Mode="User"
       ;;
    r) NumRouter=${OPTARG}
       Mode="Router"
       ;;
    u) NameUser=${OPTARG}
       ;;
    *) echo -e "Usage (bad argument: $OPTARG) \n"
       exit 1;;
 esac
 done
 ((debug)) && echo -e "
 NumRouter = ${NumRouter}
 NumUser   = ${NumUser}
 RtrSubnet = $(RtrSubnet ${NumRouter})
 " && exit
 if [[ "${NumRouter}" -ne "0" && "${NumUser}" -ne "0" ]]
 then	
  echo "** Error, can't use user and router # simulteaneously"
  exit 1
 fi
 case "$Mode" in
   User) CreateUser $NameUser $NumUser
         exit
         ;;
 Router) CreateRouter $NumRouter $(RtrSubnet ${NumRouter})
         exit
         ;;
      *) echo -e "\n** ERROR : User # was not provided"
         Help
 	 ;;
 esac
--- a/wireguard/real/users/001-Real.CCR1.rsc
+++ b/wireguard/real/users/001-Real.CCR1.rsc
@ -0,0 +1,3 @@
 /interface wireguard peers add
 allowed-address=10.1.40.1/32 client-keepalive=10 disabled=no comment="User Real" interface=wg1 \
   preshared-key="EGEruoS+9iFaDV7MOydXdkE8eQGpDhil446OzImIfOY=" public-key="J4nC/m8G2wMNDYeywORCYIo9eZq6v6fMgZVOFpRv3m0="
--- a/wireguard/real/users/001-Real.conf
+++ b/wireguard/real/users/001-Real.conf
@ -0,0 +1,12 @@
 [Interface]
 ListenPort = 51821
 PrivateKey = QHjXJWfo+G2BoJTKaLEviueDyK90nW/14ibUD3X31HI=
 Address = 192.168.10.1/32
 DNS = 192.168.10.254,1.1.1.1
 [Peer]
 PublicKey = vaH/ozwjGfhC1ODOJZ6PExwDNTRlms2kU43xmGi67yg=
 PresharedKey = EGEruoS+9iFaDV7MOydXdkE8eQGpDhil446OzImIfOY=
 Endpoint = d90d0d815e13.sn.mynetname.net:13233
 AllowedIPs = 192.168.0.0/16
--- a/wireguard/real/users/002-Guy.CCR1.rsc
+++ b/wireguard/real/users/002-Guy.CCR1.rsc
@ -0,0 +1,3 @@
 /interface wireguard peers add
 allowed-address=192.168.10.2/32 client-keepalive=10 disabled=no comment="User Guy" interface=wg1 \
   preshared-key="0FaSQ2/iTj2Eu7ttME16pIet6nJnh0gtfEACK9aCCBI=" public-key="tQk6OTijE3YawHAQk6jfcVmgMzvH3zUyNqrhl3zRmHQ="
--- a/wireguard/real/users/002-Guy.conf
+++ b/wireguard/real/users/002-Guy.conf
@ -0,0 +1,12 @@
 [Interface]
 ListenPort = 51821
 PrivateKey = wDaoTqcCfIar7dukhYQYu8M5LDN+3BZc8Zcn/UetjWQ=
 Address = 192.168.10.2/32
 DNS = 1.1.1.1
 [Peer]
 PublicKey = vaH/ozwjGfhC1ODOJZ6PExwDNTRlms2kU43xmGi67yg=
 PresharedKey = 0FaSQ2/iTj2Eu7ttME16pIet6nJnh0gtfEACK9aCCBI=
 Endpoint = d90d0d815e13.sn.mynetname.net:13233
 AllowedIPs = 192.168.2.0/24
--- a/wireguard/real/users/Real-maison.conf
+++ b/wireguard/real/users/Real-maison.conf
@ -0,0 +1 @@
 /home/boig01/Nextcloud2/guydev/network/wireguard/real/users/002-Guy.conf
--- a/wireguard/rrf/RB5009-Users.cfg
+++ b/wireguard/rrf/RB5009-Users.cfg
@ -0,0 +1,10 @@
 [RB5009-Users]
 RtrInterface=WG-Users
 Rtr_Addr_Admin=10.1.99.254
 Rtr_Addr_Public=142.217.209.155
 Rrt_Port=13235
 Rtr_Addr_Private=10.1.15.254
 Rtr_CIDR_Mask=24
 Rtr_PUB_KEY=zHEBUKg9qNtC9+RaQeHiDoTmlsPc+9NBN+H+W/ZDPF4=
 Rtr_DNS=10.1.15.254
 Rtr_Route_Subnet=10.1.0.0/16
--- a/wireguard/rrf/U-001-boig01.Peer.rsc
+++ b/wireguard/rrf/U-001-boig01.Peer.rsc
@ -0,0 +1,3 @@
 /interface wireguard peers 
 add allowed-address=10.1.15.1/32 disabled=no name="boig01" interface=WG-Users \
 preshared-key="tqtgjTsZUxkdFM1IQNfRdNuYf2MgH/2kHOOO1+ilMCQ=" public-key="r11A7Z+IBeLFL6G+a+M0jgr1tTd9jTl/b+RROj/6whk="
--- a/wireguard/rrf/U-001-boig01.conf
+++ b/wireguard/rrf/U-001-boig01.conf
@ -0,0 +1,13 @@
 [Interface]
 PrivateKey = UKNcUZwVMzU4icXo2M7WsLm2OVvUiPTBndLn3xBiB2Y=
 ListenPort = 51821
 Address = 10.1.15.1/32
 DNS = 10.1.15.254
 [Peer]
 PublicKey = zHEBUKg9qNtC9+RaQeHiDoTmlsPc+9NBN+H+W/ZDPF4=
 PresharedKey = tqtgjTsZUxkdFM1IQNfRdNuYf2MgH/2kHOOO1+ilMCQ=
 AllowedIPs = 10.1.0.0/16
 Endpoint = 142.217.209.155:13235
 PersistentKeepalive = 25
--- a/wireguard/rrf/U-001-boig01.conf.png
+++ b/wireguard/rrf/U-001-boig01.conf.png
--- a/Show more
+++ b/Show more
		`@ -0,0 +1 @@`
							`mCscj1wPL4+kGrDMAKY3Ek8drGvxcgOlfudGAq9j+Vo=`
		`@ -0,0 +1 @@`
							`pWs3b9kfSZ+Uvg7Q9tYT52Lqxh7OEbOhkzmvE0NT/GM=`
		`@ -0,0 +1 @@`
							`GPBSyPyU06/jsowN9ScTpXDkMAzrGxKB217gVWcSVng=`
		`@ -0,0 +1 @@`
							`+tJsNqiNzwJ7PCLRvF83olIffVq9FAWSvOlYC7wbUp0=`
		`@ -0,0 +1 @@`
							`rtbXn9kJ32AqTbOeNcQjWT31UW+508ENhP1+Whez5TQ=`
		`@ -0,0 +1 @@`
							`APeJ2lVKE90EUHsDO+bYC5OAnpeUATCeGZWDL9K0dVM=`
		`@ -0,0 +1 @@`
							`isW7BmJAwEq6B2PeDbG4sN8z/dg2zfuhuLdPQY3WovU=`
		`@ -0,0 +1 @@`
							`GkRup6bdiXqb8GOaytLBQ1tFcQJ+SEu+KgkQlR17oE4=`
		`@ -0,0 +1,3 @@`
							`/interface wireguard peers add allowed-address=10.1.40.4/32 client-keepalive=10 disabled=no comment="User EricStein" interface=WG-Users \`
							`preshared-key="owl5S2bH9zeL0J0xjNgZ1Y0mb8lPFEjldwTTkNo0CrY=" public-key="DrI1g15KlMdLaqNn+PlVbl1kZo6jV9QDlJ1M8gy/m0g="`
		`@ -0,0 +1 @@`
							`/home/boig01/Nextcloud2/guydev/network/wireguard/real/users/002-Guy.conf`