Fix the error messages produced by nft_init.sh in normal operation. Simplify the script.

miniupnpd/netfilter_nft/scripts/nft_init.sh

@@ -1,47 +1,23 @@
 #!/bin/sh
+#
+# establish the chains that miniupnpd will update dynamically
+#
+# 'add' doesn't raise an error if the object already exists. 'create' does.
+#
 
-nft list table nat > /dev/null
+#opts="--echo"
-nft_nat_exists=$?
-nft list table inet filter > /dev/null
-nft_filter_exists=$?
-#nft list table inet mangle > /dev/null
-#nft_mangle_exists=$?
 
-if [ $nft_nat_exists -eq "1" ]; then
+echo "create nat table"
-	echo "create nat"
+nft ${opts} add table nat
-	nft "add table nat"
-fi
-if [ $nft_filter_exists -eq "1" ]; then
-	echo "create filter"
-	nft "add table inet filter"
-fi
-#if [ $nft_mangle_exists -eq "1" ]; then
-#	echo "create mangle"
-#	nft "add table mangle"
-#fi
 
-nft list chain nat MINIUPNPD > /dev/null
+echo "create chain in nat table"
-nft_nat_miniupnpd_exists=$?
+nft ${opts} add chain nat MINIUPNPD
-nft list chain nat MINIUPNPD-POSTROUTING > /dev/null
-nft_nat_miniupnpd_pcp_peer_exists=$?
-nft list chain inet filter MINIUPNPD > /dev/null
-nft_filter_miniupnpd_exists=$?
-#nft list chain inet mangle MINIUPNPD > /dev/null
-#nft_mangle_miniupnpd_exists=$?
 
-if [ $nft_nat_miniupnpd_exists -eq "1" ]; then
+echo "create pcp peer chain in nat table"
-	echo "create chain in nat"
+nft ${opts} add chain nat MINIUPNPD-POSTROUTING
-	nft "add chain nat MINIUPNPD"
+
-fi
+echo "create filter table"
-if [ $nft_nat_miniupnpd_pcp_peer_exists -eq "1" ]; then
+nft ${opts} add table inet filter
-	echo "create pcp peer chain in nat"
+
-	nft "add chain nat MINIUPNPD-POSTROUTING"
+echo "create chain in filter table"
-fi
+nft ${opts} add chain inet filter MINIUPNPD
-if [ $nft_filter_miniupnpd_exists -eq "1" ]; then
-	echo "create chain in filter "
-	nft "add chain inet filter MINIUPNPD"
-fi
-#if [ $nft_mangle_miniupnpd_exists -eq "1" ]; then
-#	echo "create chain in mangle"
-#	nft "add chain inet mangle MINIUPNPD"
-#fi