Block attackers IP with null routes? In Linux

 Someone might attack on your system.

You can drop attacker IP using IPtable or  you can use route command to null route unwanted traffic.

A null route (also called as blackhole route) is a network route or kernel routing table entry that goes nowhere. Matching packets are dropped (ignored) rather than forwarded, acting as a kind of very limited firewall. The act of using null routes is often called blackhole filtering.

You can nullroute (like some time ISP do prevent your network device from sending any data to a remote system.) stopping various attacks coming from a single IP (read as spammers or hackers): 

 

Nullroute IP using route command  (Bock single ip )

Suppose that bad IP is 69.21.38.4, type following command at shell:

route  add 65.21.34.4 gw 127.0.0.1 lo

You can verify it with following command:
netstat -nr
OR
 route -n

How do I remove null routing? How do I remove blocked IP address?

Simple use router deletes command,

route delete 65.21.34.4

OR

Its very simple restart the network server every routes will be remove from the server

/etc/init.d/network restart

You can verify it with following command now that block ip shouldn’t in the output

netstat -nr
OR
 route -n

Block entire subnet 192.67.16.0/24:  (Block entire ip range)

route add -net 192.67.16.0/24 gw 127.0.0.1 lo

You can verify it with following command:
netstat -nr
OR
 route -n

Remove  entire subnet 192.67.16.0/24:  from route

Its very simple restart the network server every routes will be remove from the server

/etc/init.d/network restart