Difference between revisions of "Using dynamic DNS based rules with Dynamic Objects"
From Tech-Wiki
(Created page with "Category:Check Point '''Back to Gaia''' In order to allow FQDN objects, or even dynamic DNS entries, you could leverage Dynamic Objects, despite it h...") |
|||
| (5 intermediate revisions by the same user not shown) | |||
| Line 6: | Line 6: | ||
Create a dynamic object as a destination and place it in your rule, then on the command line do the following: | Create a dynamic object as a destination and place it in your rule, then on the command line do the following: | ||
| + | The dynamic object name here is "dynamic_host" and must match the dynamic object created in the SmartDashboard. | ||
| − | + | # dynamic_objects -n dynamic_host | |
| − | + | ||
| − | # dynamic_objects -n | + | |
| − | + | ||
Operation completed successfully | Operation completed successfully | ||
| Line 16: | Line 14: | ||
To populate the dynamic object run the following: | To populate the dynamic object run the following: | ||
| − | # dig +short cloud.hostname.com google.com | + | # dig +short cloud.hostname.com google.com|sort -u|awk '{print $1" "$1}'|xargs dynamic_objects -a -o dynamic_host -r |
| − | + | ||
Operation completed successfully | Operation completed successfully | ||
| − | |||
Check the object has been updated (shows both in the logs in tracker as well): | Check the object has been updated (shows both in the logs in tracker as well): | ||
| − | |||
It's recommended to create a cron task to update this periodically. | It's recommended to create a cron task to update this periodically. | ||
| − | |||
Another alternative: | Another alternative: | ||
| − | [ | + | [https://bitbucket.org/chkp/dynobj/overview chkp / dynobj — Bitbucket] |
Latest revision as of 15:41, 18 September 2018
In order to allow FQDN objects, or even dynamic DNS entries, you could leverage Dynamic Objects, despite it has impacts on SecureXL when using templates.
Create a dynamic object as a destination and place it in your rule, then on the command line do the following:
The dynamic object name here is "dynamic_host" and must match the dynamic object created in the SmartDashboard.
# dynamic_objects -n dynamic_host Operation completed successfully
To populate the dynamic object run the following:
# dig +short cloud.hostname.com google.com|sort -u|awk '{print $1" "$1}'|xargs dynamic_objects -a -o dynamic_host -r
Operation completed successfully
Check the object has been updated (shows both in the logs in tracker as well):
It's recommended to create a cron task to update this periodically.
Another alternative: chkp / dynobj — Bitbucket