ip-rule(8)

The ip rule command manages the kernel's policy-based routing (PBR) rules. Rules determine which routing table will be consulted to find the route for a packet, based on criteria like source/destination address, protocol, port, or firewall mark.

Rules are evaluated in priority order (lower number = higher priority). Each rule specifies a selector (what packets to match) and an action (which routing table to use, or DROP/REJECT the packet).

Policy-based routing allows advanced traffic management, such as routing packets differently based on source IP, implementing multi-ISP failover, or applying QoS rules without modifying the main routing table.

Display all policy rules in priority order

ip rule list

Route packets from 192.168.1.0/24 using routing table 100

ip rule add from 192.168.1.0/24 table 100

Route packets marked with 0x64 (decimal 100) using table 200; works with iptables/nftables

ip rule add fwmark 0x64 table 200

Route packets from 10.0.0.0/8 arriving on eth0 using table 50

ip rule add from 10.0.0.0/8 iif eth0 table 50

Delete the rule routing 192.168.1.0/24 to table 100

ip rule delete from 192.168.1.0/24 table 100

Reject all packets from 10.0.0.1 with priority 100

ip rule add priority 100 from 10.0.0.1 reject

Use the main routing table for destination 172.16.0.0/12, checked after lower-priority rules

ip rule add to 172.16.0.0/12 table main priority 200

Delete all policy rules (excluding rule 0, which is the default main table)

ip rule flush