Basic IP nullrouting - MdNor/rocksoft GitHub Wiki

Let say you have detected 1 IP address causing high load or maybe even trying to DOS your server. Nullroute comes to the rescue.

Let say the IP address is 199.241.30.31,

1) Nullroute the IP

route add 199.241.30.31 gw 127.0.0.1 lo

Alternative command,

route add -host 199.241.30.31 reject

Uses netstat -nr to display all the routes, to make sure it is added into the route table, like so.

# netstat -nr
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
199.241.30.31 127.0.0.1       255.255.255.255 UGH       0 0          0 lo

2) Delete existing nullrouted IP

route delete 199.241.30.31

source