Hi everyone.
I wish to block TOR using the list published by CP.
AFAIU, my options are:
1. Network feeds.
2. IOC feeds.
3. Dynamic object.
Network feeds isn't supported on VSX - sk79700.
As for IOC feeds, I had a hard time figuring out if it's supported.
I tried using it, but I couldn't do "Test Feed", as it didn't recognize any FW object.
I've added the object anyway, and installed policy.
Under the new object I don't see any observables.
In CLI, ioc_feeds doesn't show anything.
If I try adding through ioc_feeds, it says it's missing the AV-AB blades, even though they are installed.
We had some weird issue I can't remember right now, that these blades didn't work properly because it needed them to be active on the VS 0 as well.
Last is dynamic object, but building some mechanism is a bit to time consuming right now.
Any thoughts?
.png "Wolfgang"){kind=avatar}
