Dear Friends:
During my long learning process about routing and LARTC (which, I assert,
has only just begun), I''ve often longed for a script that would throw
away
all my errant attempts at building a configuration, so I could start anew,
from a "tabula rasa." Many months ago, I asked if anyone had such a
script, and never got quite what I needed. So, I built my own. And, in
the spirit of collaboration, from which I''ve so richly benefitted here,
I''m
sharing it for all to use...PROVIDED, should you find errors or bugs or
make enhancements or improvements, please post them here (or email them to
me) so this can be an ever-improving tool for other newbies like me.
I call it "greenfield," because it restores the configuration to a
pristine
condition, ready to be built upon. In the process of tearing down routes,
it always leaves intact those routes on certain devices that are needed for
local administration (in my case, eth0 and lo), so I don''t lose my
X-Windows access to the Linux box in the bargain.
#!/bin/bash
#During debugging, show pre-execution conditions
echo ***Before
echo ...Rules...
ip ru sh
echo ...Routes...
ip ro sh
echo ...Rules for table WAN1...
ip ro sh table WAN1
echo ...Rules for table WAN2...
ip ro sh table WAN2
echo
#This script flushes all routes and rules, EXCEPT those specified to remain
# Copyright, 2003, Carol Anne Ogdin. This script is freely available
# for use under the terms of the GNU General Public License published at
# http://www.gnu.org/copyleft/gpl.html. Any improvements/enhancements
# gratefully accepted; send them to caogdin (at) deepwoods (dot) com.
# (Constants for the script)
# We must know the device names of interfaces (such as our local LAN, and
lo)
# that should NEVER be taken down, so we can retain LAN-based control of
the
# router (where our administrator is working). For AWK, they''re
separated
# by an "or" operator (vertical bar)
iifs="eth0|lo" # interfaces we never touch (awk regexp)
# Next, we need to know the non-standard tables (if any) we use. Again,
for
# AWK, these need to be separated by vertical bars.
# (In a future version, this information could be obtained by parsing
# /etc/iproute2/rt_tables
ours="WAN1|WAN2" # our table/lookup names used (awk
regexp)
# (End of constants)
keepers="dev ($iifs)" # devices NOT to be removed
tables="lookup ($ours)" # rules that look like this are to be
removed
# Initialize, and clean up any lingering stuff from prior test executions
# Step 1: Remove all default route(s), if any
# Note a condition of this script: Every ip ro sh and ip ru sh must
# produce lines that are complete entries. The only exception is the
# "default" route which is separately deleted first because, if
you''re
# configured for "split access," (see LARTC) may display on several
# successive lines.
ip route delete default &>/dev/null # Always get rid of default first
# How the AWK program is constructed to delete all routes on $iifs
# $0 !~ $keepers {{ Select only lines that aren''t to be kept
# print "ip route delete "Issue the command-building command
# $0 and output the routing table entry as
arguments
# | "bash" } Finally, pipe the constructed command to
bash
# Step 2: Remove main routes not excluded by $keepers
ip route show | awk -v k="$keepers" ''$0 !~ k \
{ print " ip route delete " $0 | "bash" }''
# Step 3: Remove all routes from our tables
for wan in ${ours//|/ }; do
ip route flush table $wan &>/dev/null
done
# Remove all our rules
# How the AWK program is constructed to get the results we want
# $0 ~ $tables {{ Select only lines that are to be removed
# sub(/from all /,""); For those lines, delete any "from all
" string
# print "ip rule delete " Issue the command-building command
# substr($0, 8) and output all except the rule #
# | "bash" } Finally, pipe the constructed command to
bash
ip rule show | awk -v k="$tables" ''$0 ~ k \
{ sub(/from all/,""); print "ip rule delete " substr($0,
8) | "bash" }''
ip route flush cache # Flush the cache so nothing lingers
# End of GNU General Public Licensed script.
# While testing this script: Show results.
echo
echo ***After
echo ...Rules...
ip ru sh
echo ...Routes...
ip ro sh
echo ...Rules for table WAN1...
ip ro sh table WAN1
echo ...Rules for table WAN2...
ip ro sh table WAN2
--Carol Anne
Carol Anne Ogdin http://www.net-working.com
530/295-3657
Deep Woods Technology, Inc. http://www.deepwoods.com
CAOgdin@deepwoods.com
Leveraging technology to
restore the soul of the
organization
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/