From 3c8d0c6d60ad1aa19641e560d9475d14b5a1b93f Mon Sep 17 00:00:00 2001
From: bjdgyc <bjdgyc@163.com>
Date: Mon, 26 Feb 2024 11:40:33 +0800
Subject: [PATCH] =?UTF-8?q?iptables=20=E6=B7=BB=E5=8A=A0=E6=B3=A8=E9=87=8A?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 server/handler/link_tun.go | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/server/handler/link_tun.go b/server/handler/link_tun.go
index 67e31c6..78c272c 100644
--- a/server/handler/link_tun.go
+++ b/server/handler/link_tun.go
@@ -45,15 +45,21 @@ func checkTun() {
 		base.CheckModOrLoad("iptable_filter")
 		base.CheckModOrLoad("iptable_nat")
 
+		// 添加注释
 		natRule := []string{"-s", base.Cfg.Ipv4CIDR, "-o", base.Cfg.Ipv4Master, "-m", "comment",
 			"--comment", "anylink tun nat", "-j", "MASQUERADE"}
-		if natExists, _ := ipt.Exists("nat", "POSTROUTING", natRule...); !natExists {
-			ipt.Insert("nat", "POSTROUTING", 1, natRule...)
+		err = ipt.InsertUnique("nat", "POSTROUTING", 1, natRule...)
+		if err != nil {
+			base.Error(err)
 		}
+
+		// 添加注释
 		forwardRule := []string{"-m", "comment", "--comment", "anylink forward filter", "-j", "ACCEPT"}
-		if forwardExists, _ := ipt.Exists("filter", "FORWARD", forwardRule...); !forwardExists {
-			ipt.Insert("filter", "FORWARD", 1, forwardRule...)
+		err = ipt.InsertUnique("filter", "FORWARD", 1, forwardRule...)
+		if err != nil {
+			base.Error(err)
 		}
+
 		base.Info(ipt.List("nat", "POSTROUTING"))
 		base.Info(ipt.List("filter", "FORWARD"))
 	}