Null bağlantıları banlama

Nullroute IP using route command

Suppose that bad IP is 65.21.34.4, type following command at shell:

# route add 65.21.34.4 gw 127.0.0.1 lo

You can verify it with following command:
# netstat -nr

OR
# route -n

You can also use reject target (thanks to Gabriele):
# route add -host IP-ADDRESS reject
# route add -host 64.1.2.3 reject

To confirm the null routing status, use ip command as follows:
# ip route get 64.1.2.3

Output:
RTNETLINK answers: Network is unreachable

Drop entire subnet 192.67.16.0/24:
# route add -net 192.67.16.0/24 gw 127.0.0.1 lo

You can also use ip command to null route network or ip, enter:
# ip route add blackhole 202.54.5.2/29
# route -n
How do I remove null routing? How do I remove blocked IP address?

Simple use router delete command,
# route delete 65.21.34.4

This is cool, as you do not have to play with iptables rules.

No Comments

Post a Comment