On cisco router device you can clear all ip nat translations once doing:
|
1 |
Router#clear ip nat translation * |
but when you try remove only one translation you have to write long command i.e.
|
1 |
Router#clear ip nat translation udp inside <ip> <port> <ip> <port> outside <ip> <port> <ip> <port> |
which also cannot be easy cut and past from show command result. Fortunetly in cisco device there is a TCL shell, activated by:
|
1 |
Router#tclsh |
Sample script to clear ip nat selectively:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 |
proc clearnat {x} { set result [exec {sh ip nat translation}] set data [split $result "\n"] foreach item $data { if {[string match *$x* $item]} { set wordList [regexp -all -inline {\S+} $item] set proto [ lindex $wordList 0 ] set insglob [ lindex $wordList 1 ] regsub -all ":" $insglob " " insglob set inslocal [ lindex $wordList 2 ] regsub -all ":" $inslocal " " inslocal set outlocal [ lindex $wordList 3 ] regsub -all ":" $outlocal " " outlocal set outglob [ lindex $wordList 4 ] regsub -all ":" $outglob " " outglob clear ip nat translation $proto inside $insglob $inslocal outside $outlocal $outglob } } } |
Paste it in tclsh and fire up with:
|
1 |
Router(tcl)#clearnat <ip> |
For me it was first met of tcl scripting, so it isn’t written optimally. TCL script looks pretty odd to my previous scripting experience ;)