lezboyd 0 Posted January 2, 2017 Share Posted January 2, 2017 I'd like to know if there is a way to import/use IP blocklists with the ESS Firewall. I have a couple of IP Blocklists related to Malware domains & Ads domains and would like to use them with ESS, but inputting the IP addresses one at a time, and doing it for hundreds of IP addresses is a chore I don't wanna do, especially since the lists update on a regular basis. Link to comment Share on other sites More sharing options...
itman 1,740 Posted January 3, 2017 Share Posted January 3, 2017 You cab easily import an existing list of URL addresses using Eset's URL Address Management feature that is accessible from Web Access Management. Note: If the list you want to use is in hosts file format i.e prefixed by 0.0.0.0, you will have to remove those prior to specifying the existing list in URL Address Management. Ref.: http://help.eset.com/ess/10/en-US/?idh_config_epfw_url_set_manager.htm Link to comment Share on other sites More sharing options...
lezboyd 0 Posted January 3, 2017 Author Share Posted January 3, 2017 Thanks for the reply. Will the lists have to be URL's or can they be IP addresses as well? If later, will ESS block these IP addresses only for the web browser or will they be blocked for any app that tries to connect to these IP addresses? I suppose a more direct question would be, can I do something similar in the Personal Firewall section as well? Link to comment Share on other sites More sharing options...
itman 1,740 Posted January 3, 2017 Share Posted January 3, 2017 URL Address Management import lists have to be URLs. The URL lists in URL Address Management apply to any app that Web Filtering is protecting. By default those would be browsers, .pdf readers, and e-mail clients. If other apps are desired, they will have to manually added to Web Filtering protection. This also means they will be monitored for all activity that Web Filtering protects against. If you want to block by IP address, you would have to create a firewall rule to do so. As far as I am aware of there is no way to import a list of IP addresses in a firewall rule; each would have to added manually. Link to comment Share on other sites More sharing options...
lezboyd 0 Posted January 3, 2017 Author Share Posted January 3, 2017 That's a bummer. What I have is a list of IP addresses. I have one last query. Is there a way to learn the format in which ESS saves its exported settings (which I am sure include Firewall rules) which I can then use to convert my IP list into a list of firewall rules and then just import them into ESS? Link to comment Share on other sites More sharing options...
itman 1,740 Posted January 3, 2017 Share Posted January 3, 2017 The settings export file is in .xml format. Not recommended to modify the file unless you know what you are doing. Also will become obvious when viewing the export file, there is no easy way to add a list of IP addresses to it. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,231 Posted January 4, 2017 Administrators Share Posted January 4, 2017 I think it's easily doable. Simply add a new zone (e.g. "IP block") with the IP addresses delimited by a comma. Then create a new blocking firewall rule that will have the zone listed on the Remote tab: Link to comment Share on other sites More sharing options...
itman 1,740 Posted January 4, 2017 Share Posted January 4, 2017 Yeah, that will work. You also don't need to create a new zone. I just tested by adding a list of IP addresses in a regular firewall rule. All IP addresses added will have to be delimited by a comma. Also, I don't know if Eset has some internal limit on number of IP addresses that can be specified. The OP appears to want to add hundreds of then. Also of consideration is the impact on web page rendering by Eset firewall when parsing such a large list? Link to comment Share on other sites More sharing options...
Recommended Posts