#!/bin/bash

if [ -z "$sip" ] || [ -z "$dip" ] || [ -z "$sport" ] || [ -z "$dport" ]; then
    >&2 echo 'missing required env var'
    exit 1
fi

rule_exists() {
    iptables -t nat -C "$@" 2>/dev/null
}

apply_rule() {
    if [ "$UNDO" = "1" ]; then
        if rule_exists "$@"; then
            iptables -t nat -D "$@"
        fi
    else
        if ! rule_exists "$@"; then
            iptables -t nat -A "$@"
        fi
    fi
}

apply_rule PREROUTING -p tcp -d $sip --dport $sport -j DNAT --to-destination $dip:$dport
apply_rule OUTPUT -p tcp -d $sip --dport $sport -j DNAT --to-destination $dip:$dport

if [ "$UNDO" = 1 ]; then
    conntrack -D -p tcp -d $sip --dport $sport
fi