Someone might attack on your system. You can drop attacker IP using IPtables. However, you can use route command to null route unwanted traffic. A null route (also called as blackhole route) is a network route or kernel routing table entry that goes nowhere. Matching packets are dropped (ignored) rather than forwarded, acting as a kind of very limited firewall. The act of using null routes is often called blackhole filtering.
You can nullroute (like some time ISP do prevent your network device from sending any data to a remote system.) stopping various attacks coming from a single IP (read as spammers or hackers):
Nullroute IP using route command
Suppose that bad IP is 22.214.171.124, type following command at shell:
# route add 126.96.36.199 gw 127.0.0.1 lo
You can verify it with following command:
# netstat -nr
# route -n
You can also use reject target (thanks to Gabriele):
# route add -host IP-ADDRESS reject
# route add -host 188.8.131.52 reject
To confirm the null routing status, use ip command as follows:
# ip route get 184.108.40.206
RTNETLINK answers: Network is unreachable
Drop entire subnet 220.127.116.11/24:
# route add -net 18.104.22.168/24 gw 127.0.0.1 lo
You can also use ip command to null route network or ip, enter:
# ip route add blackhole 22.214.171.124/29
# route -n
How do I remove null routing? How do I remove blocked IP address?
Simple use router delete command,
# route delete 126.96.36.199
This is cool, as you do not have to play with iptables rules.
- man pages route, ip and netstat command
- Blocking incoming access to selected/specific ip address
- How do I block outgoing access to selected/specific ip address?
Updated for accuracy.
- 30 Handy Bash Shell Aliases For Linux / Unix / Mac OS X
- Top 30 Nmap Command Examples For Sys/Network Admins
- 25 PHP Security Best Practices For Sys Admins
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- Top 20 OpenSSH Server Best Security Practices
- Top 20 Nginx WebServer Best Security Practices
- 20 Examples: Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
- 15 Greatest Open Source Terminal Applications Of 2012
- My 10 UNIX Command Line Mistakes
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- The Novice Guide To Buying A Linux Laptop