In the last sort of ghba.sh, changing the key to k4 will give output like this:
8 12 0 65.105.133.4 alice.emf0.com.
1 20 0 65.105.133.6 dumper.emailfactory.com.
7 115 0 65.121.78.17 sender2.overstock.com.
6 105 0 65.121.78.26 sender3.overstock.com.
222 2 48 65.172.163.151 mailer1.georgewbush.com.
2 38 0 65.208.171.19 vt219.superbonkers.com.
1 43 0 65.208.171.38 vt338.yippieya.com.
8 10 0 65.214.161.203
5 5 0 65.214.161.207
2 3 0 65.214.161.215
6 14 0 65.214.161.238
4 3 0 65.214.161.242
1 0 0 65.214.161.253
5 0 0 65.214.161.31
1 19 0 65.214.161.5
1 19 0 65.214.161.59
3 23 0 65.214.161.6
1 30 0 65.214.161.70
1 16 0 65.214.161.74
9 21 0 65.214.161.79
11 2 0 65.214.161.85
2 8 0 65.214.161.87
1 8 0 65.214.161.95
65.214.161 is crap, so down the tubes forever (freebsd):
%route add -net 65.214.161 127.0.0.1
add net 65.214.161: gateway 127.0.0.1
my route table is filling out nicely with such jerks, second column showing
the nulrouted IPs and neworks:
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 199.0.66.1 UGSc 345 85431 fxp0
12.129.205/24 127.0.0.1 UGSc 23 0 lo0
38.118.136.169 127.0.0.1 UGHS 0 0 lo0
61.172.244.239 127.0.0.1 UGHS 0 8668 lo0
64.70.17/24 127.0.0.1 UGSc 1 0 lo0
64.70.53/24 127.0.0.1 UGSc 0 0 lo0
64.70.53.138 127.0.0.1 UGHS 0 4299 lo0
64.95.116/24 127.0.0.1 UGSc 1 0 lo0
64.156.187/24 127.0.0.1 UGSc 9 0 lo0
64.191.35/24 127.0.0.1 UGSc 0 0 lo0
64.191.83/24 127.0.0.1 UGSc 4 0 lo0
64.191.92/24 127.0.0.1 UGSc 3 0 lo0
64.191.94/24 127.0.0.1 UGSc 1 0 lo0
64.191.94.12 127.0.0.1 UGHS 0 0 lo0
64.191.94.15 127.0.0.1 UGHS 0 2277 lo0
64.191.94.16 127.0.0.1 UGHS 0 949 lo0
64.253.207/24 127.0.0.1 UGSc 0 0 lo0
65.60.49/24 127.0.0.1 UGSc 3 0 lo0
65.214.161/24 127.0.0.1 UGSc 5 0 lo0
66.54.93/24 127.0.0.1 UGSc 0 0 lo0
66.55.165/24 127.0.0.1 UGSc 0 0 lo0
66.55.167/24 127.0.0.1 UGSc 0 0 lo0
66.55.169/24 127.0.0.1 UGSc 0 0 lo0
66.63.162/24 127.0.0.1 UGSc 1 0 lo0
66.63.167/24 127.0.0.1 UGSc 1 0 lo0
66.63.174/24 127.0.0.1 UGSc 1 0 lo0
66.63.194/24 127.0.0.1 UGSc 0 0 lo0
66.103.151.35 127.0.0.1 UGHS 0 32442 lo0
66.103.151.36 127.0.0.1 UGHS 0 26444 lo0
66.110.75/24 127.0.0.1 UGSc 1 0 lo0
66.114.254/24 127.0.0.1 UGSc 0 0 lo0
66.240.189/24 127.0.0.1 UGSc 0 0 lo0
67.108.25/24 127.0.0.1 UGSc 0 0 lo0
68.208.213.34 127.0.0.1 UGHS 0 21632 lo0
69.1.234/24 127.0.0.1 UGSc 0 0 lo0
69.6.60/24 127.0.0.1 UGSc 1 0 lo0
69.36.194/24 127.0.0.1 UGSc 0 0 lo0
69.36.197/24 127.0.0.1 UGSc 0 0 lo0
69.60.98/24 127.0.0.1 UGSc 1 0 lo0
80.139.230.244 127.0.0.1 UGHS 0 0 lo0
127.0.0.1 127.0.0.1 UH 108 22 lo0
200.223.214.147 127.0.0.1 UGHS 0 11747 lo0
206.112.88 127.0.0.1 UGSc 0 0 lo0
207.88.245 127.0.0.1 UGSc 3 0 lo0
207.90.33.18 127.0.0.1 UGHS 0 65975 lo0
207.218.165.205 127.0.0.1 UGHS 0 519296 lo0
207.218.165.206 127.0.0.1 UGHS 0 492954 lo0
207.218.165.207 127.0.0.1 UGHS 0 529495 lo0
209.235.115 127.0.0.1 UGSc 0 0 lo0
216.180.114.33 127.0.0.1 UGHS 0 59907 lo0
220.184.134.103 127.0.0.1 UGHS 0 1079 lo0
the "Use" column shows the traffic generated by these IPs AFTER they are
nulrouted.
if you reboot the machine, you lose the route table, so I have stupid litte
script to capture the nulrouted IPs to a file that can be used to
re-nulroute after start up:
vi /usr/local/bin/nulroute_dump.sh
#!/bin/sh
touch /var/tmp//nulroute_dump.rpt
netstat -rn | egrep ".* 127\.0\.0\.1" | awk '{ print $1 }' >
/var/tmp//nulroute_dump.tmp
cat /var/tmp//nulroute_dump.rpt /var/tmp//nulroute_dump.tmp | sort -fn |
uniq -i > /var/tmp//nulroute_dump.tmp.tmp
mv /var/tmp//nulroute_dump.tmp.tmp /var/tmp//nulroute_dump.rpt
exit 0
which give an output file:
%less /var/tmp//nulroute_dump.rpt
12.129.205/24
38.118.136.169
61.172.244.239
64.156.187/24
64.191.35/24
64.191.83/24
64.191.92/24
64.191.94.12
64.191.94.15
64.191.94.16
64.191.94/24
64.253.207/24
64.70.17/24
64.70.53.138
64.70.53/24
64.95.116/24
65.214.161/24
65.60.49/24
66.103.151.35
66.103.151.36
66.110.75/24
66.114.254/24
66.240.189/24
66.54.93/24
66.55.165/24
66.55.167/24
66.55.169/24
66.63.162/24
66.63.167/24
66.63.174/24
66.63.194/24
67.108.25/24
68.208.213.34
69.1.234/24
69.36.194/24
69.36.197/24
69.6.60/24
69.60.98/24
80.139.230.244
127.0.0.1
200.223.214.147
206.112.88
207.218.165.205
207.218.165.206
207.218.165.207
207.88.245
207.90.33.18
209.235.115
216.180.114.33
220.184.134.103
Len
