> request system external-list show type ip name "EDL TEST Block List"

EDL TEST Block List
Total valid entries : 0
Total ignored entries : 0
Total invalid entries : 7528
Total displayed entries : 100
Invalid ips:
<FF><FE>1

• PANOS 9.0.x
• PANOS 9.1.x
• Palo Alto 5220 Firewall

• Format error on EDL list file hosted in remote server 
• Multiple spaces, special characters in comments, wrong encoding format

Original EDL File

1.1.1.1/32    #    Palo Logs    MVPower DVR TV Shell Unauthenticated Command Execution Vulnerability   
2.2.2.2/32    #    Palo Logs    MVPower DVR TV Shell Unauthenticated Command Execution Vulnerability     
3.3.3.3/32    #    Palo Logs    MVPower DVR TV Shell Unauthenticated Command Execution Vulnerability       
4.4.4.4/32    #    SecureWorks.    Smallshell ASP Webshell Upload Detection (webshell)   
5.5.5.5/32    #    SecureWorks.    Spyware: APIKey Backdoor Traffic Detection   
6.6.6.6/32    #    SecureWorks    Spyware: Smallshell ASP Webshell Upload Detection   
7.7.7.7/32    #    SecureWorks    Spyware: Smallshell ASP Webshell Upload Detection 
 

1. Remove multiple spaces.
2. Avoid using special characters in comments.
3. Use either ASCII or UTF-8 format.

1.1.1.1/32 #Palo Logs MVPower DVR TV Shell Unauthenticated Command Execution Vulnerability
2.2.2.2/32 #Palo Logs MVPower DVR TV Shell Unauthenticated Command Execution Vulnerability     
3.3.3.3/32 #Palo Logs MVPower DVR TV Shell Unauthenticated Command Execution Vulnerability       
4.4.4.4/32 #SecureWorks Smallshell ASP Webshell Upload Detection webshell    
5.5.5.5/32 #SecureWorks Spyware APIKey Backdoor Traffic Detection
6.6.6.6/32 #SecureWorks Spyware Smallshell ASP Webshell Upload Detection     
7.7.7.7/32 #SecureWorks Spyware Smallshell ASP Webshell Upload Detection   

4. Refresh list.

> request system external-list refresh type ip name "EDL TEST Block List"

5. Verify the EDL list

> request system external-list show type ip name "EDL TEST Block List"

Review our Formatting Guidelines for an External Dynamic List