policy-routing -h

1. policy-routing - Operator for configuring policy-based routing declaratively
2.  
3. Usage: policy-routing [-v] [-n] apply config_file
4. policy-routing [-v] [-n] rule ...
5. policy-routing [-v] [-n] route ...
6.  
7. Options:
8. -v Increase verbosity by decreasing minimum log level a message needs to be
9. logged. Can also enable sh -x and sh -v
10.  
11. -q Decrease verbosity by increasing minimum log level a message needs to be
12. logged
13.  
14. -n Turn on no-execute mode, only print what would be done
15.  
16. Verbosity: there are 6 log levels (trace, debug, info, warning, error,
17. fatal). Every -v decreases the minimum log level a message needs to have to
18. be logged, while -q increases the minimum log level. Log level starts at
19. "info", so -v changes that to "debug". The next two -v enable -x and -v,
20. respectively. Funny behavior: -vvvvqqqqqq means "no log messages at all, but
21. sh -x and sh -v"
22.  
23. Sub-commands:
24. apply $config_file Make the rules and routes as specified in the
25. given config file, removing all other rules
26. and routes the kernel currently has configured
27.  
28. clear $config_file Remove the rules and routes as specified in the
29. given config file, resulting in state as if you
30. never ran `policy-routing apply $config_file`
31.  
32. rule <-4|-6> $id ... Make sure the given rule is as specified, deleting
33. the not-as-specified one if needed. The ID is stored
34. as priority, meaning the priority is used as ID; having
35. multiple matching rules is not supported with this tool
36. and will have unexpected behavior.
37. Subcommands:
38. apply Make sure the specified rule exists
39. clear Remove the specified rule, if it exists
40.  
41. Arguments (* = required):
42.  
43. * table $table Routing table to use for packets matching this rule
44. from $prefix Source address of the packet in this prefix
45.  
46. Examples:
47. policy-routing rule 30001 from 2001:db8:1::/48 table 3000
48. policy-routing rule 30011 from 2001:db8:2::/48 table 3001
49.  
50. route <-4|-6> ... Make sure the given route is as specified, deleting
51. the not-as-specified one if needed
52. Subcommands:
53. apply Make sure the specified route exists
54. clear Remove the specified route, if it exists
55.  
56. Arguments (* = required):
57. * table $table Routing table where to add this route
58. * dest $dest Destination network for this route
59. via $gateway Next-hop for packets to $dest - allowed multiple
60. times
61. dev $device Interface to put this packets
62.  
63. At least one of dev and via is required. If you have multiple next-hops
64. for a single route, you have to specify multiple via's - would you call
65. `route apply` multiple times, only the last one would be in the table in
66. the end.
67.  
68. Examples:
69. policy-routing route table table 3000 dest default via fe80::1 dev wg0
70. policy-routing route table table 3001 dest default via fe80::1%ppp0
71.  
72. Warning! This operator is designed to be the only source for policy-based
73. routing state in the kernel, any rules and routes (except the main table)
74. configured otherwise may get lost on running this. You can inspect the
75. current state with `ip rule show` and `ip route show table all` (might
76. be a lot of output).
77.  
78. Only a minimal subset is implemented for now, as mandated by the YAGNI
79. principle.