Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 23 Nov 2025 06:28:09 +0000
From:      bugzilla-noreply@freebsd.org
To:        bugs@FreeBSD.org
Subject:   [Bug 291163] feature request: blacklist-helper support for route --blackhole
Message-ID:  <bug-291163-227@https.bugs.freebsd.org/bugzilla/>

index | next in thread | raw e-mail

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=291163

            Bug ID: 291163
           Summary: feature request: blacklist-helper support for route
                    --blackhole
           Product: Base System
           Version: 15.0-STABLE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: bin
          Assignee: bugs@FreeBSD.org
          Reporter: dave@daveg.ca

I noticed blacklistd recently.  I like it.  Simpler than other packages, yet
highly useful.  One omission though.  blacklist-helper should support the
packet "filter" being route --blackhole as-in

route add --blackhole 1.2.3.4/32 127.0.0.1

or

route add --blackhole 2001:123::1/128 ::1

Why?  Well because anyone running a routing protocol (say OSPF) will gain the
added benefit that the blackhole route is distributed among all the other
routing protocol speakers.

I realize that this is imperfect protection --- but on a big network of
machines, it makes a lot of sense.  And I'm only asking for the option.

If someone would like, I could probably come up with a patch... but I don't
want to put in the work unless it's welcome.

-- 
You are receiving this mail because:
You are the assignee for the bug.

home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-291163-227>