This time I do need help. It isn't strictly about packet filtering, and
so if someone can recommend a more appropriate group I'll move my
question there.

I'm trying to "blackhole" certain networks with static routes in
inetcfg. I'm having no problems with networks with masks of The routes for networks with masks of don't
work, however.

Example: I entered static routes for networks of the form a.b.0.0 and
a.c.0.0, each with masks of The routes are passive and the
metrics are 1. For each the destination is 10.0.x.y, which is an unused
but legitimate address on our private network. After entering the
routes and "reinitialize system" I am still able to ping IPs in those
networks. Again, route rules of the form p.q.r.0/ work
just fine.

Any ideas why these routes are not working?

Jim Wagner