kuznet@amber:~ $ ip ru ls 0: from all lookup local 200: from 22.214.171.124/24 to 126.96.36.199/24 lookup main 210: from 188.8.131.52/24 to 184.108.40.206/24 lookup main 220: from 220.127.116.11/24 lookup inr.ruhep realms inr.ruhep/radio-msu 300: from 18.104.22.168 to 22.214.171.124/24 lookup main 310: from 126.96.36.199 to 188.8.131.52/24 lookup main 320: from 184.108.40.206 lookup inr.ruhep map-to 220.127.116.11 32766: from all lookup main kuznet@amber:~ $
In the first column is the rule priority value followed by a colon. Then the selectors follow. Each key is prefixed with the same keyword that was used to create the rule.
lookup is followed by a routing table identifier,
as it is recorded in the file
If the rule does NAT (f.e. rule #320), it is shown by the keyword
map-to followed by the start of the block of addresses to map.
The sense of this example is pretty simple. The prefixes 18.104.22.168/24 and 22.214.171.124/24 form the internal network, but they are routed differently when the packets leave it. Besides that, the host 126.96.36.199 is translated into another prefix to look like 188.8.131.52 when talking to the outer world.