Target already registered when applying rule for both IPv4 and IPv6 for TPROXY

[nathanqthai]

Similiar to #135, the error python-iptables: target "TPROXY" already registered appears when trying to create and insert a rule for both IPv4 and IPv6. The program exists immediately upon error after calling the wrapped function.

The following causes this error to occur:

chain = iptc.Chain(iptc.Table(iptc.Table.MANGLE), "PREROUTING")
rule = iptc.Rule()
rule.protocol = "tcp"
rule.dst = "<SOME IPV4 ADDRESS>"
match = iptc.Match(rule, "multiport")
match.dports =  "1:65534"
rule.add_match(match)
target = rule.create_target("TPROXY")
target.tproxy_mark = "0x1/0x1"
target.on_port = "1234"
target.on_ip= "127.0.0.1"
chain.insert_rule(rule)

chain6 = iptc.Chain(iptc.Table6(iptc.Table6.MANGLE), "PREROUTING")
rule6 = iptc.Rule6()
rule6.protocol = "tcp"
rule6.dst = "<SOME IPV6 ADDRESS>"
match6 = iptc.Match(rule6, "multiport")
match6.dports =  "1:65534"
rule6.add_match(match6)
target6 = rule6.create_target("TPROXY")
target6.tproxy_mark = "0x1/0x1"
target6.on_port = "1234"
target6.on_ip= "0:0:0:0:0:0:0:1"
chain6.insert_rule(rule6)

[nathanqthai]

After some testing, I found that this works fine if I add the IPv6 rule first.

[ldx]

Yeah, it's usually better to only use one address family per process in python-iptables.

[nathanqthai]

that's an acceptable solution for me, thanks