Using "man route" in Centos shows
reject install a blocking route, which will force a route lookup to fail. This is for example used to mask out net-
works before using the default route. This is NOT for firewalling.
Why they say "not for firewalling" I'm not sure...but instead of that, I've been adding IP's to block to my pre-chain-split.sh
file in the /etc/Bastille/firewall.d
directory (ISPConfig2) and it works great.
For example to block a class C add the following:
iptables -A INPUT -s 123.456.789.0/24 -j DROP
and then restart Bastille: /etc/init.d/bastille-firewall restart
Hope this helps!