linux routing question

Posted on 2006-05-07
Last Modified: 2010-03-17
At my job we have a script which will block traffic from an IP address.  For example, for an IP address = A.B.C.D the script would execute this command:

/sbin/route add -net A.B.C.0 netmask lo

Can anybody explain how this works?  I have been tring to understand why this should block the traffic from the IP but I don't understand.

We are using Redhat linux version 7.2.  If the server's gateway were then this would be the routing table:
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface   U         0 0          0 eth0       U         0 0          0 lo         UG        0 0          0 eth0
Question by:bryanlloydharris
    LVL 19

    Accepted Solution

    I think the routing command is telling your linux to route that nework USING "lo" (localhost adapter) so it will never answer packets to that network using eth0 (your default gateway) since it knows A.B.C.0/24 is reachable locally using "lo" (since no program will answer, internalli you will get a timeout, but nooce will care)

    this is not the best way to block traffic to an ip address, but works.

    I would do instead
    iptables -I INPUT -s A.B.C.D -j DROP

    and that's all. it's better since it will drop packets al soon as they try to enter to the server, while the routing solution will even reach your internal servers but will be answered to your "lo" interfase, therefore making invalid answers that timeout
    LVL 3

    Author Comment


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
    Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…
    Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    7 Experts available now in Live!

    Get 1:1 Help Now