From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: <9front-bounces@9front.inri.net> X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI autolearn=ham autolearn_force=no version=3.4.4 Received: from 9front.inri.net (9front.inri.net [168.235.81.73]) by inbox.vuxu.org (Postfix) with ESMTP id D89362491A for ; Wed, 31 Jul 2024 04:11:21 +0200 (CEST) Received: from gaff.inri.net ([168.235.82.67]) by 9front; Tue Jul 30 22:09:35 -0400 2024 Message-ID: Date: Tue, 30 Jul 2024 22:09:35 -0400 From: sl@stanleylieber.com To: 9front@9front.org, sl@stanleylieber.com MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: scale-out grid self-signing self-signing framework Subject: Re: [9front] how to create a blackhole/null route Reply-To: 9front@9front.org Precedence: bulk > today's commits fixed multiple kernel bugs and resolved this issue > for me. here's how to setup a successful blackhole route: > > # create a null device with junk ip address > ; ip/ipconfig null /dev/mordor 192.69.69.69 255.255.255.0 > > # fuck bytedance > ; echo 'add 47.128.0.0 255.255.0.0 192.69.69.69' >/net/iproute the method above accepts traffic but does not send anything back. a recent commit enabled the following method of blocking traffic entirely (it never gets passed to userland): # fuck bytedance aux/dial -e -o hangup 'ipmux!ver=4;src=47.128.0.0&255.252.0.0' rc -c 'echo 0 > /srv/blocked.47.128' no dial process is left running, we just hold open the fd. remove the block like so: ; rm /srv/blocked.47.128 sl