clear ip nat selectively

Sun 12 May 2013 by admin

On cisco router device you can clear all ip nat translations once doing:

Router#clear ip nat translation *

but when you try remove only one translation you have to write long command i.e.

Router#clear ip nat translation udp inside <ip> <port> <ip> <port> outside <ip> <port> <ip> <port>

which also cannot be easy cut and past from show command result. Fortunetly in cisco device there is a TCL shell, activated by:


Sample script to clear ip nat selectively:

proc clearnat {x} {
set result [exec {sh ip nat translation}]
set data [split $result "\n"]

foreach item $data {

    if {[string match *$x* $item]} {
    set wordList [regexp -all -inline {\S+} $item]
    set proto [ lindex $wordList 0 ]
    set insglob [ lindex $wordList 1 ]
    regsub -all ":" $insglob " " insglob
    set inslocal [ lindex $wordList 2 ]
    regsub -all ":" $inslocal " " inslocal
    set outlocal [ lindex $wordList 3 ]
    regsub -all ":" $outlocal " " outlocal
    set outglob [ lindex $wordList 4 ]
    regsub -all ":" $outglob " " outglob
    clear ip nat translation $proto inside $insglob $inslocal outside $outlocal $outglob



Paste it in tclsh and fire up with:

Router(tcl)#clearnat <ip>

For me it was first met of tcl scripting, so it isn't written optimally. TCL script looks pretty odd to my previous scripting experience ;)