From 5f6d6315e5043ee7c43b5e1856c9d1cccf45a7b9 Mon Sep 17 00:00:00 2001
From: Alex Stockinger <alex@atomicjar.com>
Date: Thu, 28 Jul 2022 06:16:32 +0000
Subject: [PATCH] Make `Rule.Prepend()` behave like `Rule.Append()` regarding
 uniqueness

---
 pkg/iptables/iptables.go | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/pkg/iptables/iptables.go b/pkg/iptables/iptables.go
index 3ec6543..be3ecd5 100644
--- a/pkg/iptables/iptables.go
+++ b/pkg/iptables/iptables.go
@@ -129,6 +129,15 @@ func NewIPv6Rule(table, chain string, spec ...string) Rule {
 }
 
 func (r *rule) Prepend(client Client) error {
+	// TODO There's already a PR to implement InsertUnique() in go-iptables. Once that hopefully gets merged this should be replaced.
+	// https://github.com/coreos/go-iptables/pull/92
+	exists, err := client.Exists(r.table, r.chain, r.spec...)
+	if err != nil {
+		return err
+	}
+	if exists {
+		return nil
+	}
 	if err := client.Insert(r.table, r.chain, 1, r.spec...); err != nil {
 		return fmt.Errorf("failed to add iptables rule: %v", err)
 	}