Blog: Alternative to null-routing in FreeBSD (using IPFW)

IPv4 Address:-

IPv6 Address:-

Service Provider:-

SSL Information:-

HTTP Protocol:-

Database:-

Web:-

Blog Menu

Recent articles (showing 1-10 out of 69):

11/Nov/2017

Add Google Authenticator Style 2FA (Two Factor Auth) to FreeBSD SSH

04/Dec/2016

IPsec Encryption Between FreeBSD Hosts

05/Jun/2016

CARP (IPv4 and IPv6) in FreeBSD 10+ (for failover IPs)

01/Jun/2016

Add DKIM Signing to FreeBSD Servers

01/Jun/2016

NetFlow v9 Exporting from FreeBSD routers/firewalls

01/Jun/2016

Link Failover in FreeBSD (without requiring switch configuration)

30/May/2016

OpenVPN Setup in FreeBSD (with NAT for IPv4 and IPv6)

30/May/2016

Using FreeBSD as a Hypervisor (using bhyve and vm-bhyve to manage them)

29/May/2016

Zen Broadband with IPv6 using FreeBSD ppp router

29/May/2016

Link Aggregation/Bonding in FreeBSD using LACP

Alternative to null-routing in FreeBSD (using IPFW) [24/May/2009] Null Routing in FreeBSD CARP in FreeBSD (HSRP/VRRP alternative)

Instead of using null-routing, you can use IPFW to block the traffic (the advantages include being able to set the ICMP response type). My favourite is to use "Communication prohibited by filter" response.

If you wanted to block 192.168.0.1 in this way, you would use:

/sbin/ipfw add 01000 unreach filter-prohib ip from 192.168.0.1 to me Copy

You can also adapt the above to only include certain types of traffic which is where it is more flexible than null-routing.

Null Routing in FreeBSD CARP in FreeBSD (HSRP/VRRP alternative)

Copyright © 2024 Daniel Austin MBCS.
Proudly hosted using the FreeBSD operating system.

Valid CSS!

E-mail me

Blog (Tech Hints & Tips)

▼ Logged-in Area ▼

Account Management

Mail Control Panel

▼ Useful Tools ▼

BGP Lookup Tool

Filterlist Generator

IP Information Tool

IP Subnet Calculator

Website Info Tool

▼ Other Pages ▼

Amateur Radio (2E0NNX)

Domains for Sale

Picture Gallery

LOGGED IN

Login

LOGIN ERROR

Unknown Location