Nullroute IP using route command
Suppose that bad IP is 65.21.34.4, type following command at shell:
# route add 65.21.34.4 gw 127.0.0.1 lo
You can verify it with following command:
# netstat -nr
OR
# route -n
You can also use reject target (thanks to Gabriele):
# route add -host IP-ADDRESS reject
# route add -host 64.1.2.3 reject
To confirm the null routing status, use ip command as follows:
# ip route get 64.1.2.3
Output:
RTNETLINK answers: Network is unreachable
Drop entire subnet 192.67.16.0/24:
# route add -net 192.67.16.0/24 gw 127.0.0.1 lo
You can also use ip command to null route network or ip, enter:
# ip route add blackhole 202.54.5.2/29
# route -n
How do I remove null routing? How do I remove blocked IP address?
Simple use router delete command,
# route delete 65.21.34.4
This is cool, as you do not have to play with iptables rules.