Added ciptables on the model of ctables

[clvz]

Hi,

I added the ciptables script, which is generalized version of your ctables tool. It allows to set fine grained iptables rules.

[deitch]

I like this. It does 2 things:

1. Inverts the order of args (<guest> <cmd> instead of <cmd> <guest>)
2. Provides generic iptables support

Can we merge them? If we add commands up and down so that ciptables <guest> up and ciptables <guest> down are shortcuts, we can have a single script for the whole thing.

[clvz]

Merging both of them is a great idea. I could do that tomorrow.

However, I've been tinkering a bit with docker networking and I'd like to extend this tool to include the ip command too, same way as iptables is supported now.

Bringing all of this together, I see it as a common script in which we could move the functions such as finding the docker container PID and so on, and then two specialized scripts: one for iptables + up/down features, and one for calling ip against a specific container, both of them leveraging the common code.

(also, the readme file should be updated accordingly)

What do you think?

[deitch]

Sounds good. Personally, I would like to have the whole thing rewritten in golang, so it can be a single binary. Although, at some point, we just are duplicating nsenter