snipt

Ctrl+h for KB shortcuts

Bash

null/blackhole route

1
2
3
4
5
6
7
# network route that goes nowhere - blackhole filtering

# 1] available to almost every host implementing the ip module
# 2] almost 0 performance impact
# 3] can sustain higher throughput than conventional firewalls

route add -host 192.168.1.1 reject
https://snipt.net/embed/d88d78e7a1c92f2b7abcb2ca4eb8bf7b/
/raw/d88d78e7a1c92f2b7abcb2ca4eb8bf7b/
d88d78e7a1c92f2b7abcb2ca4eb8bf7b
bash
Bash
7
2019-07-23T13:39:02
True
False
False
/api/public/snipt/34065/
nullblackhole-route
<table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><a href="#L-1">1</a> <a href="#L-2">2</a> <a href="#L-3">3</a> <a href="#L-4">4</a> <a href="#L-5">5</a> <a href="#L-6">6</a> <a href="#L-7">7</a></pre></div></td><td class="code"><div class="highlight"><pre><span></span><span id="L-1"><a name="L-1"></a><span class="c1"># network route that goes nowhere - blackhole filtering</span> </span><span id="L-2"><a name="L-2"></a> </span><span id="L-3"><a name="L-3"></a><span class="c1"># 1] available to almost every host implementing the ip module</span> </span><span id="L-4"><a name="L-4"></a><span class="c1"># 2] almost 0 performance impact</span> </span><span id="L-5"><a name="L-5"></a><span class="c1"># 3] can sustain higher throughput than conventional firewalls</span> </span><span id="L-6"><a name="L-6"></a> </span><span id="L-7"><a name="L-7"></a>route add -host 192.168.1.1 reject </span></pre></div> </td></tr></table>
bash, blackhole, drop, filtering, ip, iptables, packet, reject, route