Ok Karl… Null routing – real easy 🙂
If you wanted to null route a single IP (192.168.0.1), you would run (as root):
/sbin/route add 192.168.0.1 127.0.0.1 -blackhole
If you wanted to null route a block of IPs (192.168.0.0/24), then use:
/sbin/route add -net 192.168.0.0/24 127.0.0.1 -blackhole
If you would rather generate a “Destination Host Unreachable” ICMP response instead of blackholing the traffic, replace -blackhole with -reject
Oh and to make them permanent… add them to /etc/rc.local or (preferrably) a script running in /usr/local/etc/rc.d/ 😉
/etc/rc.conf
static_routes=”d1 d2 d3″
route_d1=”-net 192.168.0.0/16 127.0.0.1 -reject”
route_d2=”-net 10.0.0.0/8 127.0.0.1 -reject”
route_d3=”-net 172.16.0.0/12 127.0.0.1 -reject”