How do I block attackers IP with null routes ?

Written by tag Tuesday, 13 August 2013 19:58


Nullroute IP using route command

Suppose that bad IP is, type following command at shell:

# route add gw lo

You can verify it with following command:

# netstat -nr


# route -n

You can also use reject target:

# route add -host IP-ADDRESS reject
# route add -host reject

To confirm the null routing status, use ip command as follows:

# ip route get


RTNETLINK answers: Network is unreachable

Drop entire subnet

# route add -net gw lo

You can also use the ip command to null route network or ip, enter:

# ip route add blackhole
# route -n

How do I remove null routing? How do I remove a blocked IP address?

Simple use the router delete command,

# route delete