Create a Post
Showing results for 
Search instead for 
Did you mean: 

Blocking Multiple domain using script on R81.10

Hi Checkmates,

Is there a method to efficiently block a large number of domains, such as 1000 or more, using a script in the R81.10 environment? Currently, within our network, we have access policies to block domains and we maintain a network object group where we typically list domain FQDN which we wanted to block. However, we recently received a request to block over 1000 domains, and we're looking for a way to add them in bulk to our existing network object group. Is there a script or method available for this scenario?

#6200 #R81.10

0 Kudos
1 Reply

You might find it easier to upgrade to R81.20 and put all the domains in a Network Feed.
This will allow you to maintain this block list without having to manipulate objects in a group or pushing policy.

Having said that, you can script this with something like the following two commands and some looping:

  • mgmt_cli -s sid.txt add dns-domain name "" is-sub-domain false
  • mgmt_cli -s sid.txt set group name "MyGroup" members.add ""

A publish action every 100 or so iterations is recommended.

0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events