diff --git a/netflow/iptables.sh b/netflow/iptables.sh
index 69c117d..5b08d0f 100644
--- a/netflow/iptables.sh
+++ b/netflow/iptables.sh
@@ -11,21 +11,21 @@ __main() {
 	_owner_id=52000
 	_chain="output_netflow_owner_${_owner_id}"
 
-	cat <<'EOF' | iptables-legacy-restore -v
-*mangle
-:$_chain - [0:0]
-COMMIT
-EOF
-
-	cat <<'EOF' | ip6tables-legacy-restore -v
-*mangle
-:$_chain - [0:0]
-COMMIT
-EOF
-
 	for cmd in iptables ip6tables; do
 
-		$cmd -t mangle -N "$_chain" 2>/dev/null || true
+		if ! $cmd -t mangle -N "$_chain" 2>/dev/null; then
+			cat <<'EOF' | iptables-legacy-restore -v
+*mangle
+:$_chain - [0:0]
+COMMIT
+EOF
+
+			cat <<'EOF' | ip6tables-legacy-restore -v
+*mangle
+:$_chain - [0:0]
+COMMIT
+EOF
+		fi
 
 		if ! $cmd -t mangle -C OUTPUT -m owner --gid-owner "$_owner_id" -j "$_chain" 2>/dev/null; then
 			$cmd -t mangle -A OUTPUT -m owner --gid-owner "$_owner_id" -j "$_chain"