Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Nickel

Block Malicious IP addresses using script

Hello to all,
we are currently using CheckPoint R80.10 and have a VM (Hyper-V) as the management Gateway and a cluster of three security gateways (checkpoint appliances).
I have followed the following article (link here) .
I have gone through the first part of the article since I want to only add a straight forward text file containing a list of IP addresses that I want to block. The script is activated, no issues there. I noticed that when checking the status of this script the response from the gateways is blank ( as in no error is given).

FWMGMT.jpg

The feed leading to the blocklist text file is also accessible from the security gateways:

FWGW.jpg

For the time being to test this out, I am using just one external IP address in the blocklist text file which is used by a test machine.
When following the external IP address of this machine on smart tracker I can see that it is not being blocked in any way which should mean that the script is either not working for me or there is something I am missing.
Can anyone help me out please?
Thank you.

0 Kudos
2 Replies
Highlighted
Sapphire

I would rather ask TAC - what is the output of

fw samp get | grep threatcloud_ip_block

0 Kudos
Highlighted
Nickel

Thank you for your reply, will contact our TAC, as with regards to the given command, no response is given.

0 Kudos