kuznet@amber:~ $ ip ru ls 0: from all lookup local 200: from 188.8.131.52/24 to 184.108.40.206/24 lookup main 210: from 220.127.116.11/24 to 18.104.22.168/24 lookup main 220: from 22.214.171.124/24 lookup inr.ruhep realms inr.ruhep/radio-msu 300: from 126.96.36.199 to 188.8.131.52/24 lookup main 310: from 184.108.40.206 to 220.127.116.11/24 lookup main 320: from 18.104.22.168 lookup inr.ruhep map-to 22.214.171.124 32766: from all lookup main kuznet@amber:~ $
In the first column is the rule priority value followed by a colon. Then the selectors follow. Each key is prefixed with the same keyword that was used to create the rule.
lookup is followed by a routing table identifier,
as it is recorded in the file
If the rule does NAT (f.e. rule #320), it is shown by the keyword
map-to followed by the start of the block of addresses to map.
The sense of this example is pretty simple. The prefixes 126.96.36.199/24 and 188.8.131.52/24 form the internal network, but they are routed differently when the packets leave it. Besides that, the host 184.108.40.206 is translated into another prefix to look like 220.127.116.11 when talking to the outer world.