39 lines
610 B
Bash
Executable File
39 lines
610 B
Bash
Executable File
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
IPTABLES=${IPTABLES:-/usr/sbin/iptables}
|
|
|
|
# ---------- filter/default table ----------
|
|
|
|
ipt() {
|
|
"$IPTABLES" "$@"
|
|
}
|
|
|
|
ensure_chain() {
|
|
local chain="$1"
|
|
ipt -N "$chain" 2>/dev/null || true
|
|
}
|
|
|
|
add_rule() {
|
|
local chain="$1"
|
|
shift
|
|
ipt -C "$chain" "$@" 2>/dev/null || ipt -A "$chain" "$@"
|
|
}
|
|
|
|
# ---------- nat table ----------
|
|
|
|
ipt_nat() {
|
|
"$IPTABLES" -t nat "$@"
|
|
}
|
|
|
|
ensure_nat_chain() {
|
|
local chain="$1"
|
|
ipt_nat -N "$chain" 2>/dev/null || true
|
|
}
|
|
|
|
add_nat_rule() {
|
|
local chain="$1"
|
|
shift
|
|
ipt_nat -C "$chain" "$@" 2>/dev/null || ipt_nat -A "$chain" "$@"
|
|
}
|