QNUM=200
IPT_FILTER_PRE="-p tcp -m multiport --sports 80,443"
IPT_FILTER_POST="-p tcp --dport 80"

ipt()
{
 iptables -C $@ 2>/dev/null || iptables -I $@
}

ipt PREROUTING -t raw $IPT_FILTER_PRE -j NFQUEUE --queue-num $QNUM --queue-bypass
ipt POSTROUTING -t mangle $IPT_FILTER_POST -j NFQUEUE --queue-num $QNUM --queue-bypass