Firewall domain group simplifying

Hi Forum,

question I want to migrate my old rules from IP based to dns based.
I have lots of this rules

set firewall group address-group ILO address ‘10.10.144.130-10.10.144.161’

When I want to use DNS based /group-domain rules, my config is much larger then before

set firewall group domain-group ILO address mydomain01.example.com
set firewall group domain-group ILO address mydomain02.example.com
set firewall group domain-group ILO address mydomain03.example.com
set firewall group domain-group ILO address mydomain04.example.com
set firewall group domain-group ILO address mydomain05.example.com
set firewall group domain-group ILO address mydomain06.example.com
set firewall group domain-group ILO address mydomain07.example.com

Any idea how to use mydomain01.example.com-mydomain61.example.com like the old IP based rules?

I don’t think there’s anything like that in place because it creates many unknowns during implementation. What exactly is your expectation from "mydomain01.example.com-mydomain61.example.com"? Do you expect VyOS to resolve "mydomain01.example.com" to an IP, then resolve "mydomain61.example.com" to an IP, then create a similar ruleset to address-group range out of it? What would happen to this logic if more than one IP is returned from resolving the above FQDNs?

I implement the solution with set a network group . at the same time run a task scheduler scirpt to reslove the domain name to ip address and then register the ip address into the netwrok group with vyos api .
It works well for me till now.