Dynamische blocklists

Met deze config kun je dynamische lijsten met IPs inladen in de fortigate om vervolgens op basis van deze lijsten verkeer te blokkeren. 

 config system external-resource

 edit "Threadfeed Domains Generic"

 set type domain

 set category 192

 set resource "https://raw.githubusercontent.com/emberstack/threat-feed/main/Feed/List/ThreatFeed.Domains.Generic.txt"

 set refresh-rate 1

 next

 edit "Threadfeed Domains Advertising"

 set type domain

 set category 193

 set resource "https://raw.githubusercontent.com/emberstack/threat-feed/main/Feed/List/ThreatFeed.Domains.Advertising.txt"

 set refresh-rate 1

 next

 edit "Russia IP list"

 set type address

 set resource "https://filestore.fortinet.com/fortiguard/russia_reg_ip.list"

 set refresh-rate 1

 next

 edit "Donetsk IP list"

 set type address

 set resource "https://filestore.fortinet.com/fortiguard/dnr_lnr_ip.list"

 set refresh-rate 1

 next

 edit "Iran IP list"

 set type address

 set resource "https://filestore.fortinet.com/fortiguard/iran_reg_ip.list"

 set refresh-rate 1

 next

 edit "Krim IP list"

 set type address

 set resource "https://filestore.fortinet.com/fortiguard/crimea_ip.list"

 set refresh-rate 1

 next

 edit "Emerging Block List"

 set type address

 set resource "https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt"

 next

 edit "Compromised IPs"

 set type address

 set resource "https://rules.emergingthreats.net/blockrules/compromised-ips.txt"

 next

 edit "Threatfox IOC"

 set type address

 set resource "https://raw.githubusercontent.com/elliotwutingfeng/ThreatFox-IOC-IPs/10fab10d6bf5a8996a0eeb01a840307d6884f554/ips.txt"

end