how to remove rules

[Nick Taylor]

On Tue, 23 Nov 2004, Askar wrote:

> Date: Tue, 23 Nov 2004 14:29:35 +0500
> From: Askar <askarali at gmail.com>
> To: netfilter <netfilter at lists.netfilter.org>
> Subject: how to remove rules
>
> hi
> I have trying to remove the extra rules from my routing tables,
> however with no luck
> Also I want to know these duplicate entries have an effect on packets
> going routed?
> I have this overwhelming rules lists from my predessor who added the
> "ip rule add fwmark" entries in firewall script, and on each run of
> firewall script its creates an extra entry in routing table.
> Now I want to get rid of  an extras "from all fwmark 0x2 lookup
> squid.out" leaving only one that what's I needs.
>
>
> here is the output of "ip rule ls"
>
> 0:      from all lookup local
> 32742:  from all fwmark 0x2 lookup squid.out
> ...........
> 32764:  from all fwmark 0x2 lookup squid.out
> 32765:  from all fwmark 0x2 lookup squid.out
> 32766:  from all lookup main
> 32767:  from all lookup 253
>
>
Well, I had this same problem, and I didn't find an official solution, so
the following shell script does what I need.  It's exactly the opposite of
elegant, but at least it's not nonfunctional.

#!/bin/sh

FWMARKS=`ip rule list | grep fwmark | wc -l`

if [ $FWMARKS != "0" ]; then
  echo $FWMARKS fwmarks exist, flushing...
  ip rule list | grep fwmark | cut -d " " -f 6 | \
    xargs --max-args=1 ip rule del fwmark
else
  echo $FWMARKS fwmarks exist, la dee da...
fi