Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
What is the difference between iptables and /sbin/route?
Which one is used for what purpose?
I see that both can be used to block an IP from reaching your host.
iptables - administration tool for IPv4 packet filtering and NAT
Quote:
route - show / manipulate the IP routing table
iptables, basically is a firewall, it filters the packets routed through a box, or the packets to/from a box
route, manages the routings to/from network/hosts
If you are being attacked or abused by a particular host, just enter the following command to deny all access to the host:
/sbin/route add -host <ip address> reject
Replace with the IP address of the host you want to block. The address will stay blocked until you bounce the interface. Alternatively, you could allow access by:
/sbin/route del -host <ip address> reject
Hence I'm still confused if I could route to block IP address or not.
It did block the IP i wanted to block...but not sure if it is as secure as iptables.
you can use either. route reject is more esoteric than iptables, but if it works for you then you can probably use it without worry.
I'm not sure what you mean exactly by "as secure". If you mean that you can use it with confidence that it will: 1) truly reject all packets from the given IP and 2) persist across other route table changes then it should be fine. If you're asking the general community which method is preferable, most will say iptables, as it's in wide use and is made for exactly these kinds of operations.
If you have more detailed security questions on the use of routing table rejects vs iptables, you might post them in the linux-security forum. From my observations, the linux-networking forum answers more the "how-to" of network security issues, the linux-security forum is better to answer the "why".
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.