| Description | This article describes how to create bulk IP address objects and add them through scripting. |
| Scope | FortiGate. |
| Solution |
Essentially, it is necessary to have a list of either IP addresses or subnets.
For this example, the following will be used:
95.10.48.0/24
Before doing this, make sure that there are no duplicate entries use Excel to remove them):
In the Find What: field, enter the following:
“(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})(/\d{2})” < no quotes >
The problem with the above is that the regular expression only works on the IP address. If there is a list of FQDNs, that regular expression will not work. To address this, kindly use the expression to work with both the IP address and FQDNs.
“(.*)\.([\w_-]+(?:\.[\w_-]+)+)([\w.,@?^=%&:/~+#-]*)?” < no quotes >
In the Replace with: field enter:
"edit NameIP-$1.$2.$3.$4\nset subnet $1.$2.$3.$4$5\nnext\n" < no quotes >
- Select 'Find Next' to ensure it finds a subnet then select 'Replace' to verify it makes the change wanted. Note. Select all the contents of the text file before selecting 'Replace All'. (Ctrl+a).
edit NameIP-96.120.36.0
edit NameIP-97.239.248.0
edit NameIP-98.239.255.0
edit NameIP-99.150.140.0
edit NameIP-100.238.140.0
edit NameIP-101.233.116.0
edit NameIP-102.242.192.0
Note: If the device is operating in VDOM mode, it will be necessary to enter that specific VDOM by adding the following commands to the top of the textfile:
config vdom To add these addresses to the FortiGate:
Method 1: Copy the contents of the text file and directly paste it into CLI on FortiGate. Method 2: Upload via CLI script.
To run a script using the GUI:
The script runs immediately, and the Script Execution History table is updated: |
