Dynamische blocklists

Met deze config kun je dynamische lijsten met IPs inladen in de fortigate om vervolgens op basis van deze lijsten verkeer te blokkeren.

config system external-resource
    edit "Threadfeed Domains Generic"
        set type domain
        set category 192
        set resource "https://raw.githubusercontent.com/emberstack/threat-feed/main/Feed/List/ThreatFeed.Domains.Generic.txt"
        set refresh-rate 1
    next
    edit "Threadfeed Domains Advertising"
        set type domain
        set category 193
        set resource "https://raw.githubusercontent.com/emberstack/threat-feed/main/Feed/List/ThreatFeed.Domains.Advertising.txt"
        set refresh-rate 1
    next
    edit "Russia IP list"
        set type address
        set resource "https://filestore.fortinet.com/fortiguard/russia_reg_ip.list"
        set refresh-rate 1
    next
    edit "Donetsk IP list"
        set type address
        set resource "https://filestore.fortinet.com/fortiguard/dnr_lnr_ip.list"
        set refresh-rate 1
    next
    edit "Iran IP list"
        set type address
        set resource "https://filestore.fortinet.com/fortiguard/iran_reg_ip.list"
        set refresh-rate 1
    next
    edit "Krim IP list"
        set type address
        set resource "https://filestore.fortinet.com/fortiguard/crimea_ip.list"
        set refresh-rate 1
    next
    edit "Emerging Block List"
        set type address
        set resource "https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt"
    next
    edit "Compromised IPs"
        set type address
        set resource "https://rules.emergingthreats.net/blockrules/compromised-ips.txt"
    next
    edit "Threatfox IOC"
        set type address
        set resource "https://raw.githubusercontent.com/elliotwutingfeng/ThreatFox-IOC-IPs/10fab10d6bf5a8996a0eeb01a840307d6884f554/ips.txt"
end