Create a Post
Showing results for 
Search instead for 
Did you mean: 

Blocking malicious IP addresses (sk103154) in VSX

Jump to solution

UPDATE 04/08/2020: Please visit this page to download the latest version of the script:

Hello everyone,

my configuration is the following:

- A cluster of three security gateways (R80.20)

- Three Virtual Systems (configured on the three security gateways as follow: active/standby/backup)

I already activated the IOC Feed functionality on one of my VS to block outgoing traffic through Anti-Bot & Anti-Virus blades (sk132193), but I'd like to block incoming malicious traffic as well. I read the sk103154 documentation, which says the script must be ran on the management server.

I followed all steps, but when I run the script, it returns the following error:

[Expert@xntfw-pmgt1:0]# ./ -a on -g gw_list -f feed_urls -s /home/admin/blacklist/
Error: could not retrieve FWDIR from
Error: could not retrieve FWDIR from

( is the VS' IP)

Indeed, if I run the command responsible of that error into the script, I don't receive any output:

[Expert@xntfw-pmgt1:0]# cprid_util -server getenv -attr "FWDIR"


but, if I run the same command with the management IP of the Security Gateway, then it gives me the following output:

[Expert@xntfw-pmgt1:0]# cprid_util -server getenv -attr "FWDIR"

So... is this functionality available for VSX environments?


0 Kudos
20 Replies
This widget could not be displayed.