2 files changed, 19 insertions, 1 deletions

diff --git a/op-mode-definitions/webproxy.xml.in b/op-mode-definitions/webproxy.xml.in
index 4e555c3d9..57df44ff8 100644
--- a/op-mode-definitions/webproxy.xml.in
+++ b/op-mode-definitions/webproxy.xml.in
@@ -87,6 +87,17 @@
               <help>Update the webproxy blacklist database</help>
             </properties>
             <command>sudo ${vyos_op_scripts_dir}/webproxy_update_blacklist.sh --update-blacklist</command>
+            <children>
+              <tagNode name="vrf">
+                <properties>
+                  <help>Update webproxy blacklist database via specified VRF</help>
+                  <completionHelp>
+                    <path>vrf name</path>
+                  </completionHelp>
+                </properties>
+                <command>sudo ${vyos_op_scripts_dir}/webproxy_update_blacklist.sh --update-blacklist --vrf "${5}" </command>
+              </tagNode>
+            </children>
           </node>
         </children>
       </node>
diff --git a/src/op_mode/webproxy_update_blacklist.sh b/src/op_mode/webproxy_update_blacklist.sh
index 4fb9a54c6..05ea86f9e 100755
--- a/src/op_mode/webproxy_update_blacklist.sh
+++ b/src/op_mode/webproxy_update_blacklist.sh
@@ -45,6 +45,9 @@ do
     --auto-update-blacklist)
         auto="yes"
         ;;
+    --vrf)
+        vrf="yes"
+        ;;
     (-*) echo "$0: error - unrecognized option $1" 1>&2; exit 1;;
     (*) break;;
     esac
@@ -76,7 +79,11 @@ fi
 
 if [[ -n $update ]] && [[ $update -eq "yes" ]]; then
     tmp_blacklists='/tmp/blacklists.gz'
-    curl -o $tmp_blacklists $blacklist_url
+    if [[ -n $vrf ]] && [[ $vrf -eq "yes" ]]; then
+        sudo ip vrf exec $1 curl -o $tmp_blacklists $blacklist_url
+    else
+        curl -o $tmp_blacklists $blacklist_url
+    fi
     if [ $? -ne 0 ]; then
         echo "Unable to download [$blacklist_url]!"
         exit 1