Wednesday, January 14, 2009

Bulk Host/Network Object Import

Using the method described here you can import bulk commands through the Fortinet GUI. If you have a long list of IP addresses you want to import and have Microsoft Word handy you can use the following trick to turn your list into a bulk import file:

-copy and paste your IP addresses (one IP address per line) into a new Word document
-bring up the replace dialog in Word and insert the following
-Find what: (<*>).(<*>).(<*>).(<*>)
-Replace with: edit h-\1.\2.\3.\4^lset subnet \1.\2.\3.\4^lnext
-check "Use wildcards"
-click "Replace All"

-add "config firewall address" to the top of your file
-save your file as plain text
-follow this procedure to import your bulk commands.


edit h-
set subnet

Obviously you can adjust the naming convention to suit your needs. You can also use the above syntax for creating lots of network objects by replacing the netmask with or similar.


Anonymous said...

This is cool and very useful. These bulk import tips are great. Thanks for the info.


Anonymous said...

Does this need to be updated for 4.3? Having some problems. I wanted to include the interface and the name of a tag:

edit "\1.\2.\3.\4"^lset associated-interface "wan1"^lset color 13^lset tags "61398"^lset subnet \1.\2.\3.\4^lnext

CLI didn't like the quotes and now I have 130 bad addresses in the config I can't delete. I will revert to backup config I made before the import :-) I think if I change the quote type it will work. Darn ASCII char set!

toffitomek said...

Can you import IPs via CLI into FortiManager...?