zhangyuchi · April 14, 2016 07:26
diff --git a/iprule.sh b/iprule.sh
 #Route packets with source addresses from 192.203.80/24 according to routing table inr.ruhep:
 ip ru add from 192.203.80.0/24 table inr.ruhep prio 220

 #Translate packet source address 193.233.7.83 into 192.203.80.144 and route it according to table #1 (actually, it is inr.ruhep):
 ip ru add from 193.233.7.83 nat 192.203.80.144 table 1 prio 320

 #Delete the unused default rule:
 ip ru del prio 32767

 kuznet@amber:~ $ ip ru ls
 0:	from all lookup local 
 200:	from 192.203.80.0/24 to 193.233.7.0/24 lookup main
 210:	from 192.203.80.0/24 to 192.203.80.0/24 lookup main
 220:	from 192.203.80.0/24 lookup inr.ruhep realms inr.ruhep/radio-msu
 300:	from 193.233.7.83 to 193.233.7.0/24 lookup main
 310:	from 193.233.7.83 to 192.203.80.0/24 lookup main
 320:	from 193.233.7.83 lookup inr.ruhep map-to 192.203.80.144
 32766:	from all lookup main 
 kuznet@amber:~ $
 In the first column is the rule priority value followed by a colon. Then the selectors follow. Each key is prefixed with the same keyword that was used to create the rule.
 The keyword lookup is followed by a routing table identifier, as it is recorded in the file /etc/iproute2/rt_tables.
 If the rule does NAT (f.e. rule #320), it is shown by the keyword map-to followed by the start of the block of addresses to map.
 The sense of this example is pretty simple. The prefixes 192.203.80.0/24 and 193.233.7.0/24 form the internal network, but they are routed differently when the packets leave it. Besides that, the host 193.233.7.83 is translated into another prefix to look like 192.203.80.144 when talking to the outer world.
	#Route packets with source addresses from 192.203.80/24 according to routing table inr.ruhep:
	ip ru add from 192.203.80.0/24 table inr.ruhep prio 220

	#Translate packet source address 193.233.7.83 into 192.203.80.144 and route it according to table #1 (actually, it is inr.ruhep):
	ip ru add from 193.233.7.83 nat 192.203.80.144 table 1 prio 320

	#Delete the unused default rule:
	ip ru del prio 32767

	kuznet@amber:~ $ ip ru ls
	0: from all lookup local
	200: from 192.203.80.0/24 to 193.233.7.0/24 lookup main
	210: from 192.203.80.0/24 to 192.203.80.0/24 lookup main
	220: from 192.203.80.0/24 lookup inr.ruhep realms inr.ruhep/radio-msu
	300: from 193.233.7.83 to 193.233.7.0/24 lookup main
	310: from 193.233.7.83 to 192.203.80.0/24 lookup main
	320: from 193.233.7.83 lookup inr.ruhep map-to 192.203.80.144
	32766: from all lookup main
	kuznet@amber:~ $
	In the first column is the rule priority value followed by a colon. Then the selectors follow. Each key is prefixed with the same keyword that was used to create the rule.
	The keyword lookup is followed by a routing table identifier, as it is recorded in the file /etc/iproute2/rt_tables.
	If the rule does NAT (f.e. rule #320), it is shown by the keyword map-to followed by the start of the block of addresses to map.
	The sense of this example is pretty simple. The prefixes 192.203.80.0/24 and 193.233.7.0/24 form the internal network, but they are routed differently when the packets leave it. Besides that, the host 193.233.7.83 is translated into another prefix to look like 192.203.80.144 when talking to the outer world.