From 1d80af79bc062020f61580574664c4d68253bdba Mon Sep 17 00:00:00 2001
From: Jamil Bou Kheir <jamilbk@users.noreply.github.com>
Date: Wed, 17 Jan 2024 03:45:39 -0800
Subject: [PATCH] Revert docker-init.sh

---
 rust/Dockerfile     |  2 +-
 rust/docker-init.sh | 14 ++++++--------
 2 files changed, 7 insertions(+), 9 deletions(-)

diff --git a/rust/Dockerfile b/rust/Dockerfile
index 7c081de9d..981931ebd 100644
--- a/rust/Dockerfile
+++ b/rust/Dockerfile
@@ -87,7 +87,7 @@ COPY . .
 
 ARG TARGET
 ARG PACKAGE
-RUN cargo build -p ${PACKAGE} $([ -n "${TARGET}" ] && "--target ${TARGET}")
+RUN cargo build -p ${PACKAGE} $([ -v "${TARGET}" ] && "--target ${TARGET}")
 
 # Image which is used to run the application binary
 FROM alpine:${ALPINE_VERSION} AS runtime
diff --git a/rust/docker-init.sh b/rust/docker-init.sh
index b70d8bd5f..84cd97813 100755
--- a/rust/docker-init.sh
+++ b/rust/docker-init.sh
@@ -3,14 +3,12 @@
 if [ "${FIREZONE_ENABLE_MASQUERADE}" = "1" ]; then
   IFACE="tun-firezone"
   # Enable masquerading for ethernet and wireless interfaces
-  iptables -C FORWARD -i $IFACE -j ACCEPT > /dev/null 2>&1 || iptables -A FORWARD -i $IFACE -j ACCEPT
-  iptables -C FORWARD -o $IFACE -j ACCEPT > /dev/null 2>&1 || iptables -A FORWARD -o $IFACE -j ACCEPT
-  iptables -t nat -C POSTROUTING -o e+ -j MASQUERADE > /dev/null 2>&1 || iptables -t nat -A POSTROUTING -o e+ -j MASQUERADE
-  iptables -t nat -C POSTROUTING -o w+ -j MASQUERADE > /dev/null 2>&1 || iptables -t nat -A POSTROUTING -o w+ -j MASQUERADE
-  ip6tables -C FORWARD -i $IFACE -j ACCEPT > /dev/null 2>&1 || ip6tables -A FORWARD -i $IFACE -j ACCEPT
-  ip6tables -C FORWARD -o $IFACE -j ACCEPT > /dev/null 2>&1 || ip6tables -A FORWARD -o $IFACE -j ACCEPT
-  ip6tables -t nat -C POSTROUTING -o e+ -j MASQUERADE > /dev/null 2>&1 || ip6tables -t nat -A POSTROUTING -o e+ -j MASQUERADE
-  ip6tables -t nat -C POSTROUTING -o w+ -j MASQUERADE > /dev/null 2>&1 || ip6tables -t nat -A POSTROUTING -o w+ -j MASQUERADE
+  iptables-nft -A FORWARD -i $IFACE -j ACCEPT
+  iptables-nft -A FORWARD -o $IFACE -j ACCEPT
+  iptables-nft -t nat -A POSTROUTING -o eth+ -j MASQUERADE
+  ip6tables-nft -A FORWARD -i $IFACE -j ACCEPT
+  ip6tables-nft -A FORWARD -o $IFACE -j ACCEPT
+  ip6tables-nft -t nat -A POSTROUTING -o eth+ -j MASQUERADE
 fi
 
 if [ "${LISTEN_ADDRESS_DISCOVERY_METHOD}" = "gce_metadata" ]; then