Difference between revisions of "Using dynamic DNS based rules with Dynamic Objects"
From Tech-Wiki
(Created page with "Category:Check Point '''Back to Gaia''' In order to allow FQDN objects, or even dynamic DNS entries, you could leverage Dynamic Objects, despite it h...") |
|||
| Line 10: | Line 10: | ||
# dynamic_objects -n dynamic_dns_hosts | # dynamic_objects -n dynamic_dns_hosts | ||
| − | |||
Operation completed successfully | Operation completed successfully | ||
| Line 17: | Line 16: | ||
# dig +short cloud.hostname.com google.com google.com.au|sort -u|awk '{print $1" "$1}'|xargs dynamic_objects -a -o dynamic_dns_hosts -r | # dig +short cloud.hostname.com google.com google.com.au|sort -u|awk '{print $1" "$1}'|xargs dynamic_objects -a -o dynamic_dns_hosts -r | ||
| − | |||
Operation completed successfully | Operation completed successfully | ||
Revision as of 15:43, 18 September 2018
In order to allow FQDN objects, or even dynamic DNS entries, you could leverage Dynamic Objects, despite it has impacts on SecureXL when using templates.
Create a dynamic object as a destination and place it in your rule, then on the command line do the following:
The dynamic object name here is "dynamic_dns_hosts" and must match the dynamic object created in the SmartDashboard.
# dynamic_objects -n dynamic_dns_hosts Operation completed successfully
To populate the dynamic object run the following:
# dig +short cloud.hostname.com google.com google.com.au|sort -u|awk '{print $1" "$1}'|xargs dynamic_objects -a -o dynamic_dns_hosts -r
Operation completed successfully
Check the object has been updated (shows both in the logs in tracker as well):
It's recommended to create a cron task to update this periodically.
Another alternative:
[*https://bitbucket.org/chkp/dynobj/overview chkp / dynobj — Bitbucket]