#!/bin/bash
#
# Script to add /remove IPs to iptables

[[ -n "${IPTABLES_COMMENT}" ]] && comment="-m comment --comment \"$4\"" || comment=""
: ${IPTABLES_CHAIN:=INPUT}

function iptableAdd () {
    if [[ -z "${IPTABLES_INSERT}" ]]; then
        iptables $comment -A $IPTABLES_CHAIN -s "$1" -j DROP

    else
        iptables $comment -I $IPTABLES_CHAIN "$IPTABLES_INSERT" -s "$1" -j DROP
    fi
}

function iptableDel () {
    iptables $comment -D $IPTABLES_CHAIN -s "$1" -j DROP
}

function ip6tableAdd () {
    if [[ -z "${IPTABLES_INSERT}" ]]; then
        ip6tables $comment -A $IPTABLES_CHAIN -s "$1" -j DROP
    else
        ip6tables $comment -I $IPTABLES_CHAIN "$IPTABLES_INSERT" -s "$1" -j DROP
    fi
}

function ip6tableDel () {
    ip6tables $comment -D $IPTABLES_CHAIN -s "$1" -j DROP
}

#determine action
if [ "$1" = "add" ]; then #add
    if [[ "$2" =~ .*[.].* ]]; then #ipv4
        echo "add $2 for $3 with $4"
        iptableAdd "$2"
    elif [[ "$2" =~ .*[:].* ]]; then #ipv6
        echo "IPV6 : add $2 for $3 with $4"
        ip6tableAdd "$2"
    fi
elif [ "$1" = "del" ]; then #del
    if [[ "$2" =~ .*[.].* ]]; then #ipv4
        echo "del $2 for $3 with $4"
        iptableDel "$2"
    elif [[ "$2" =~ .*[:].* ]]; then #ipv6
        echo "IPV6 : add $2 for $3 with $4"
        ip6tableDel "$2"
    fi
else
    echo  "unknown action"
fi