Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Is there alternative to manual entry of IP addresses in dictionaries

Good day all,

I have been tasked with creating a dictionary of IP addresses to then be used in a filter policy. In this case I have 3 CIDR IP addresses that in total add up to over 85k! And my type-writing cpm is dismal. And while that may be good if I am paid by the hour, I do have a life however limited by current health/government restrictions. So is there an alternative to making such large entries into a dictionary?

Additionally, is there a limit on the number of entries allowed in a dictionary?

I can't imagine how this will affect filtering time. Should that be a concern?

Regards,

David

Category: Email Security Appliances
Reply

Comments

  • TKWITSTKWITS Cybersecurity Overlord ✭✭✭

    I'm not sure if this applies, but it might help.

    If you can generate a CSV or TSV of the IPs, and convert it to the required format it'd probably save you some time.

  • prestonpreston Enthusiast ✭✭
    edited January 28

    Hi @DOtero, You could try creating the dictionary with partial addresses i.e.192.168.2. or like 192.168.2.1

    and then create a policy for From or To depending on what you are trying to do, and set the filter to Contains, so in the examples given

    they should detect anything that includes 192.168.2.1 - 192.168.2.254 and the second example should detect 192.168.2.1 to 192.168.2.199

    I know this wouldn't include all the subnets but would reduce the amout that you need to add

    as you don't have the option to use Regex it's the only way to detect I can see as even in the Connection Management option you can only allow allowed or denied IPs not whole subnets.

Sign In or Register to comment.