Does anyone know how long a custom dynamic block list take to refresh? Is it suppose to refresh\pull every 15 minutes? And if you do a commit does that make the change immediate?
Here is my scenario, we are using a custom dynamic block list to add xp pcs to restrict the internet. When the pc is upgraded to Win7 we than remove the ip from the block list. It is now closing in on an hour and multiple commits and the ips are still acting as if they are still part of this list.
Anyone one know how long before they will not be read as if they are part of the block list?
Yes, a commit will cause an EBL refresh. I just tested this on my box and saw the Pan(w)achrome message pop up saying the EBL refresh was successful.
I also use panxapi.py to refresh the list and also to show what addresses are being blocked whenever I want using these two commands in a script. The IP address and my API key are already included in the panrc file so don't need to be included in these commands:
./panxapi.py -Xo 'request system external-list refresh name "DShield_Top_20"'
./panxapi.py -Xo 'request system external-list show name "DShield_Top_20"'
Hope this helps.
Very handy to block well known scanners to bring down noise coming from internet (OpenBL for example).
In big environments can be used as whitelist instead.
For example script will generate list of (physical) domain controllers to a file and firewalls allow active directory specific applications towards this dynamic block list etc.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!