Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- policy-routing - Operator for configuring policy-based routing declaratively
- Usage: policy-routing [-v] [-n] apply config_file
- policy-routing [-v] [-n] rule ...
- policy-routing [-v] [-n] route ...
- Options:
- -v Increase verbosity by decreasing minimum log level a message needs to be
- logged. Can also enable sh -x and sh -v
- -q Decrease verbosity by increasing minimum log level a message needs to be
- logged
- -n Turn on no-execute mode, only print what would be done
- Verbosity: there are 6 log levels (trace, debug, info, warning, error,
- fatal). Every -v decreases the minimum log level a message needs to have to
- be logged, while -q increases the minimum log level. Log level starts at
- "info", so -v changes that to "debug". The next two -v enable -x and -v,
- respectively. Funny behavior: -vvvvqqqqqq means "no log messages at all, but
- sh -x and sh -v"
- Sub-commands:
- apply $config_file Make the rules and routes as specified in the
- given config file, removing all other rules
- and routes the kernel currently has configured
- clear $config_file Remove the rules and routes as specified in the
- given config file, resulting in state as if you
- never ran `policy-routing apply $config_file`
- rule <-4|-6> $id ... Make sure the given rule is as specified, deleting
- the not-as-specified one if needed. The ID is stored
- as priority, meaning the priority is used as ID; having
- multiple matching rules is not supported with this tool
- and will have unexpected behavior.
- Subcommands:
- apply Make sure the specified rule exists
- clear Remove the specified rule, if it exists
- Arguments (* = required):
- * table $table Routing table to use for packets matching this rule
- from $prefix Source address of the packet in this prefix
- Examples:
- policy-routing rule 30001 from 2001:db8:1::/48 table 3000
- policy-routing rule 30011 from 2001:db8:2::/48 table 3001
- route <-4|-6> ... Make sure the given route is as specified, deleting
- the not-as-specified one if needed
- Subcommands:
- apply Make sure the specified route exists
- clear Remove the specified route, if it exists
- Arguments (* = required):
- * table $table Routing table where to add this route
- * dest $dest Destination network for this route
- via $gateway Next-hop for packets to $dest - allowed multiple
- times
- dev $device Interface to put this packets
- At least one of dev and via is required. If you have multiple next-hops
- for a single route, you have to specify multiple via's - would you call
- `route apply` multiple times, only the last one would be in the table in
- the end.
- Examples:
- policy-routing route table table 3000 dest default via fe80::1 dev wg0
- policy-routing route table table 3001 dest default via fe80::1%ppp0
- Warning! This operator is designed to be the only source for policy-based
- routing state in the kernel, any rules and routes (except the main table)
- configured otherwise may get lost on running this. You can inspect the
- current state with `ip rule show` and `ip route show table all` (might
- be a lot of output).
- Only a minimal subset is implemented for now, as mandated by the YAGNI
- principle.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement