How can I create Address objects and groups in command line interface (CLI) for 5.8 and below?

NOTE:This article applies to firmware version prior to SonicOS 5.8.2.0

This article illustrates how to create address objects and address groups using the Command Line Interface (CLI) of the SonicWall

Address Objects

• Creating Address Object of type Network
• Creating Address Object of type Range
• Creating Address Object of type Host
• Editing Address Objects
• Deleting Address Objects
• Displaying Address Objects

Address Groups

• Creating Address Groups
• Adding Address Objects to a group
• Adding Address Groups to a group
• Editing Address Groups
• Deleting an Address Group

Creating Address Objects in bulk

Procedure:

Login to the SonicWall CLI using either SSH or Serial connection. For more information on how to login to the CLI, please refer KB ID 170505641032025
Enter the administrator username and password.
You will be presented with the root prompt of the CLI.
Enter "configure" <enter> to enter the device configuration mode.

Address Objects

• All commands should be in lowercase.
• Names of objects are case sensitive
• An object name containing spaces should be enclosed by double quotes (eg "Lab Network ")
• All address objects are by default in the LAN zone.
• If no zone is selected, the address object would be created in zone LAN.
• Address Objects of Type FQDN and MAC Address are not currently supported.
  
  The following commands are available in the address-object prompt:
  

Creating Address Object of type Network
 

address-object <name for address object> <Enter>
network 192.168.100.0 255.255.255.0 <Enter>
zone LAN <Enter>
exit <Enter>

Creating Address Object of type Range

 address-object <name for address object> <Enter>
range 192.168.168.100 192.168.168.200 <Enter>
zone DMZ <Enter>
exit <Enter>

Creating Address Object of type Host

address-object <name for address object> <Enter>
host 192.168.168.112 <Enter>
zone DMZ <Enter>
exit <Enter>

For 6.2.7.1 firmware type
config()# address-object ipv4 test host 1.1.1.1 zone LAN

For 5.9.1.8 firmware type

config(0017C55C9E22)# address-object ipv4 test1

(add-ipv4-address-object[test1])# host 1.1.1.1

(add-ipv4-address-object[test1])# zone WAN

Editing Address Objects

address-object <name of a previously created address object> <Enter>
zone LAN <Enter>
exit <Enter>

Deleting Address Objects
 

no address-object <name of a previously created address object> <Enter>
exit <Enter>

Displaying Address Objects
 

show address-object <name of a previously created address object> <Enter>
show address-object  <Enter> 

Creating Address Groups
 

address-group <name for the address group> <Enter>

The following commands are available in the address-group prompt

Adding Address Objects to a group
 

address-group <name for the address group> <Enter>
address-object <name of a previously created address object> <Enter>
exit <Enter>

Adding Address Groups to a group
 

address-group <name of a previously created address group > <Enter>
address-group <name of a previously created address group> <Enter>
exit <Enter>

Editing Address Groups

address-group <name of a previously created address group > <Enter>
no address-object <name of a previously created address object> <Enter>
no address-group <name of a previously created address group> <Enter>
exit <Enter>

Deleting an Address Group

no address-group <name of a previously created address group > <Enter>
exit <Enter>

Creating Address Objects in bulk

In scenarios where large number of address objects are required to be created, SonicWall CLI has no direct method of creating such large number of address objects. However, if the objects to be created are less than hundred, the workaround would be to use the SonicWall GUI. In NSA firmwares, the Add Address Object window does not auto-close after creating an object. This speeds-up creation of the next object where only the name and IP address has to be changed.

If the objects to be created number in the hundreds or thousands, a better method would be to Copy and Paste the commands from a text file. The text file contents would be similar to this

address-object test1
host 19.168.168.1
zone DMZ
exit
address-object test2
host 19.168.168.2
zone DMZ
exit
address-object test3
host 19.168.168.3
zone DMZ
exit
address-object test4
host 19.168.168.4
zone DMZ
exit
address-object test5
host 19.168.168.5
zone DMZ
exit
address-object test6
host 19.168.168.6
zone DMZ
exit
address-object test7
host 19.168.168.7
zone DMZ
exit
address-object test8
host 19.168.168.8
zone DMZ
exit
address-object test9
host 19.168.168.9
zone DMZ
exit
address-object test10
host 19.168.168.10
zone DMZ
exit
To create a script as above for hundreds of address objects, use a similar script as the following: @Echo Off
 
Set Count=1
:LOOP
echo address-object Host-%count%
echo host 10.10.10.%count%
echo zone LAN
echo exit
Set /A Count=%Count%+1
If %Count% lss 100 GoTo :LOOP
Set Count=
exit
Save the above script as a batch file (. bat) and run it with a redirection to a file. For example: Address.bat>file.txt
The above command will create a file called file.txt with the following output:

address-object Host-1
host 10.10.10.1
zone LAN
exit
address-object Host-2
host 10.10.10.2
zone LAN
exit
address-object Host-3
host 10.10.10.3
zone LAN
exit
      ....................upto 10.10.10.100

Copy the contents of file.txt
Login to the CLI and navigate to the Config prompt.
Paste the contents of file.txt.