If you manage several Fireboxes and want to use the same blocked sites or blocked sites exceptions for more than one device, you can create a list of the sites to block in a plain text (.txt) file and import the file into each device. The limit for static blocked sites in the database is 250,000 IP addresses.
For Fireboxes that run Fireware v11.12 or higher, the auto-block list can include a maximum of 1,000 IP addresses for T Series models and 8,000 IP addresses for M Series models. For Fireboxes that run lower versions of Fireware, the auto-block limit can include a maximum of 1,000 IP addresses for all Firebox models.
The IP addresses in the text file must be separated by spaces or line breaks. Use slash notation to specify networks. Use a pipe character to add a comment. To indicate a range of addresses, separate the start and end addresses with a hyphen.
An example text import file might look like this:
22.214.171.124|Requested by compliance tester 126.96.36.199/24|Requested by compliance tester 188.8.131.52-184.108.40.206|Requested by compliance tester 220.127.116.11|London office 18.104.22.168|New York office
You can use Policy Manager to import the IP addresses to the Blocked Sites or Blocked Sites Exceptions list for the current Firebox.
- Select Setup > Default Threat Protection > Blocked Sites.
The Blocked Sites Configuration dialog appears.
- To import blocked sites from a file, click the Blocked Sites tab.
Or, to import blocked sites exceptions, click the Blocked Site Exceptions tab.
- Click Import.
The Select a File dialog box appears.
- Browse to select the file. Click Select a File.
The sites in the file appear in the Blocked Sites or Blocked Sites Exceptions list.
- Click OK.