I have a one liner in another script (embedded in perl), but the shell one liner is this: while ip rule del priority 1000 >/dev/null 2>/dev/null ; do : ; done apparently "ip" is wise enough to exit non 0 if there are no more rules for this priority. HTH. Scott. PS, resent due to html is so evil bounce back @ this list. (I agree, but "meh, fine"). On Mon, Jul 1, 2013 at 5:51 AM, Raina Daijour <raina.daijour@xxxxxxxxx> wrote: > > I'm building a privacy network where users connect to an 'entry' server > using openvpn which then routes their traffic through one of a dozen > 'exit' servers. The exit server is specified by the client and passed to > a script running on the 'entry' server when the client connects which > then creates a new rule in the RPDB from the VPN assigned IP to the > custom routing table that has its default gateway pointing to the remote > server. When the user disconnects, this rule needs to be deleted or > another user that receives the same IP may end up with their traffic > being incorrectly routed. > > The problem I have is that sometimes the script doesn't run when a user > disconnects and we are left with a rule for an IP that doesn't exist > that needs to be deleted. Sometimes we end up with duplicate rules with > the exact same SELECTOR (the users IP) and TABLE_ID. The obvious > solution is to delete any rules matching the source IP when a user > connects but the 'ip rule delete' command doesn't delete all matching > rules, it only deletes the last inserted (highest priority) rule. Is > there any way to delete all rules matching a selector? Any advice/hint > would be greatly appreciated. > -- > To unsubscribe from this list: send the line "unsubscribe lartc" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe lartc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
