On Thu, 3 Jan 2013, Richard Barker wrote: > I used this command to block an attacker > route add -net x.x.x.x netmask 255.255.255.255 reject > > if I do a netstat -nrl I get this > x.x.x.x - 255.255.255.255 !H - - - - > > How do I get it removed ?
I've found different versions of route are terribly picky about syntax, in particular, some demand the netmask portion, and some don't. Try: route del -net x.x.x.x netmask 255.255.255.255 and route add -net x.x.x.x Your particuar 'man route' man page may provide some clues. If you don't want to reboot, you could take the interface down and bring it back up, though clearly you *DON'T* want to do this unless you have a console or alternate method of getting into and controlling the box as you could get locked out if things don't behave as they should. Try: service network restart That should restart the network with the box's 'default' network settings and any manually entered, but otherwise unsaved routes should go away. In general, iptables should be used to block attacks rather than adding null routes: iptables -A INPUT -s <sourceIP(/netmask) -j DROP <--- -A adds rule iptables -D INPUT -s <sourceIP(/netmask) -j DROP <--- -D deletes rule Check man iptables for help on that. =^_^= Tigerwolf _______________________________________________ Blueonyx mailing list Blueonyx@mail.blueonyx.it http://mail.blueonyx.it/mailman/listinfo/blueonyx