#!/bin/sh
#
# establish the table and chains that miniupnpd will update dynamically
#

. "$(dirname "$0")/miniupnpd_functions.sh"

if $NFT --check list table inet $TABLE >/dev/null 2>&1; then
	echo "init: nftable $TABLE already exists (shouldn't happen!), declining to do anything"
	exit 0
fi

echo "init: creating nftable $TABLE"
cat > /tmp/miniupnpd.nft <<EOF
table inet $TABLE {
    chain $CHAIN {
        type filter hook forward priority filter;
    }
EOF

if [ "$NAT_TABLE" != "$TABLE" ]; then
	echo "init: creating nftable $NAT_TABLE"
	cat >> /tmp/miniupnpd.nft <<EOF
}

table inet $NAT_TABLE {
EOF
fi

cat >> /tmp/miniupnpd.nft <<EOF
    chain $PREROUTING_CHAIN {
        type nat hook prerouting priority dstnat;
    }

    chain $POSTROUTING_CHAIN {
        type nat hook postrouting priority srcnat;
    }
}
EOF

$NFT -f /tmp/miniupnpd.nft