To null route (also known as "blackhole" or "block") an attacker's IP address on a Linux system, you can use the ip command with the route option and the blackhole target.
For example, to null route the IP address 192.0.2.1, you can use the following command:
ip route add blackhole 192.0.2.1
This will add a null route for the specified IP address to the system routing table, effectively dropping all incoming and outgoing traffic to and from that address.
To make the null route persistent across reboots, you can add the command to a script that runs at startup, such as /etc/rc.local or /etc/init.d/local.
Note that null routing an IP address may not be sufficient to fully protect your system from an attacker, as they may use other IP addresses or techniques to continue their attacks. It is recommended to implement additional security measures, such as a firewall and network intrusion detection system, to protect your system from attackers.
For more information about null routing IP addresses and managing the system routing table in Linux, you can refer to the ip man page or search online for tutorials and examples.