My iptables script is getting bloated, redundant, and there's code duplication everywhere, how can I clean it up?

Use shell script functions?
Develop it in a different language, like python?

iptables -F this is most important (flush all rules)
iptables -X (delete all chains)
iptables -Z (clear all the counted packages in all chains)

Well, you could get rid of the code duplication, that would be a start.

Does this mean that you are generating your iptables rule set from something like a bash script? If so, much as I like python, i don't think that doing the same thing in python (or other higher level scripting language) is going to make much difference.

My feeling is that you probably need to sit down with a clean sheet of paper and work out a new, more elegant, design than something that has grown over time, and may have become a bit byzantine in structure. But then, I haven't seen what you have at the moment, so its a complete guess as to what you have.

If you decide to post your script, please do it in a pastebin, not in the thread. This will reduce clutter in the thread, as well as allow opening the script in a separate tab or window or even workspace, so the readers can easily switch between it & the posts about it w/o losing their places in either one (the thread or the script).

Sort it into sections, use subroutines, remove extraneous code, change from individual ip addresses to ranges when appropriate, etc.

There are a lot of ways to do this, but most of them involve just sitting down and doing manual clean up of the script.

It might help to print out the different tables separately. E.G. iptables -L INPUT. This may help show where the bloat is and where it isn't.