kuznet@amber:~ $ ip ru ls 0: from all lookup local 200: from 220.127.116.11/24 to 18.104.22.168/24 lookup main 210: from 22.214.171.124/24 to 126.96.36.199/24 lookup main 220: from 188.8.131.52/24 lookup inr.ruhep realms inr.ruhep/radio-msu 300: from 184.108.40.206 to 220.127.116.11/24 lookup main 310: from 18.104.22.168 to 22.214.171.124/24 lookup main 320: from 126.96.36.199 lookup inr.ruhep map-to 188.8.131.52 32766: from all lookup main kuznet@amber:~ $
In the first column is the rule priority value followed by a colon. Then the selectors follow. Each key is prefixed with the same keyword that was used to create the rule.
lookup is followed by a routing table identifier,
as it is recorded in the file
If the rule does NAT (f.e. rule #320), it is shown by the keyword
map-to followed by the start of the block of addresses to map.
The sense of this example is pretty simple. The prefixes 184.108.40.206/24 and 220.127.116.11/24 form the internal network, but they are routed differently when the packets leave it. Besides that, the host 18.104.22.168 is translated into another prefix to look like 22.214.171.124 when talking to the outer world.