使用route的reject拒绝境外ip通信

作者：weixin_40725706 | 2024-03-13 18:22:24

踩

#以下是centos系统格式版，（win不支持，搜本博，错误路由方式处理）


 curl -# -O http://ftp.apnic.net/stats/apnic/legacy-apnic-latest
 cat legacy-apnic-latest  |  grep  -v '*' | grep  -v + >  1.txt
 sed -i  's/256/24/g' 1.txt
 sed -i  's/512/23/g' 1.txt
 sed -i  's/1024/22/g' 1.txt
 sed -i  's/2048/21/g' 1.txt
 sed -i  's/4096/20/g' 1.txt
 sed -i  's/8192/19/g' 1.txt
 sed -i  's/16384/18/g' 1.txt
 sed -i  's/32768/17/g' 1.txt
 sed -i  's/65536/16/g' 1.txt
 sed -i  's/131072/15/g' 1.txt
 sed -i  's/262144/14/g' 1.txt
 sed -i  's/524288/13/g' 1.txt
 sed -i  's/1048576/12/g' 1.txt
 sed -i  's/2097152/11/g' 1.txt
 sed -i  's/4194304/10/g' 1.txt
 sed -i  's/8388608/9/g' 1.txt
 sed -i  's/16777216/8/g' 1.txt
 
 sed -i 's/|/ /g'  1.txt
 
 sed -i 's/apnic  ipv4 //g'  1.txt
 awk  '{print $1,$2}' 1.txt | sed  's_ _/_g' > 2.txt
 sed  's/^/& route add -net /g' 2.txt| sed  's/$/&  reject/g'   > reject.sh
 
[root@localhost ~]# more  reject.sh
 route add -net 128.134.0.0/16  reject
 route add -net 128.184.0.0/16  reject
 route add -net 128.250.0.0/16  reject
...


[root@localhost ~]# route  -n |  more 
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
....
8.128.0.0       -               255.192.0.0     !     0      -        0 -
8.208.0.0       -               255.240.0.0     !     0      -        0 -
....


#查看全部
 route  -n | grep '!' 
 
#批量删除全部reject条目
 route  -n | grep '!'  | awk   '{ print "route delete -net " $1 " netmask " $3 " reject "}'  | bash


单条删除
add 变delete
route delete -net 8.8.8.8 netmask   255.255.255.255  reject 
 
注： 错误写法
route add -net .8.8.8.8/32 reject 
SIOCADDRT: 无效的参数
因不支持/32
 
reject丢弃数据包，不作回应，甚至不回应arp的询问

声明：本文内容由网友自发贡献，不代表【wpsshop博客】立场，版权归原作者所有，本站不承担相应法律责任。如您发现有侵权的内容，请联系我们。转载请注明出处：https://www.wpsshop.cn/w/weixin_40725706/article/detail/229924