From e8648c993dd6df01f1a0c7f65e168e86ff21dfc5 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Fri, 18 May 2012 10:50:13 -0700 Subject: [PATCH] Use blackhole routes rather than unreachable. Signed-off-by: Tom Eastep --- Shorewall/Perl/Shorewall/Providers.pm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Providers.pm b/Shorewall/Perl/Shorewall/Providers.pm index 7a1b1b926..2802bb390 100644 --- a/Shorewall/Perl/Shorewall/Providers.pm +++ b/Shorewall/Perl/Shorewall/Providers.pm @@ -1045,8 +1045,8 @@ sub setup_null_routing() { emit "> \${VARDIR}/undo_rfc1918_routing\n"; for ( rfc1918_networks ) { emit( qq(if ! \$IP -4 route ls | grep -q '^$_.* dev '; then), - qq( run_ip route replace unreachable $_), - qq( echo "qt \$IP -4 route del unreachable $_" >> \${VARDIR}/undo_rfc1918_routing), + qq( run_ip route replace blackhole $_), + qq( echo "qt \$IP -4 route del blackhole $_" >> \${VARDIR}/undo_rfc1918_routing), qq(fi\n) ); } }