#!/bin/bash

tmpfile=""
tmpfile1=""
set -x

clean_tmpfile()
{
	if [ ! -z "$tmpfile" ];then
		rm -f "$tmpfile"
	fi
	if [ ! -z "$tmpfile1" ];then
                rm -f "$tmpfile1"
	fi
}

trap clean_tmpfile EXIT

tmpfile=$(mktemp) || exit 1
tmpfile1=$(mktemp) || exit 1

do_diff()
{
	diff -u "$1" "$2"
	if [ $? -ne 0 ]; then
		echo "iptables configuration is not restored" 1>&2
		exit 1
	else
		exit 0
	fi
}

$XT_MULTI iptables -N FOO || exit 1
$XT_MULTI iptables -I INPUT || exit 1
$XT_MULTI iptables -I FOO || exit 1
$XT_MULTI iptables -I FOO || exit 1

$XT_MULTI iptables-save | grep -v "^#" > "$tmpfile" || exit 1
$XT_MULTI iptables-restore < "$tmpfile" || exit 1

$XT_MULTI iptables -N BAR || exit 1
$XT_MULTI iptables -A BAR || exit 1

$XT_MULTI iptables-restore  < "$tmpfile" || exit 1
$XT_MULTI iptables-save | grep -v "^#" > "$tmpfile1" || exit 1

do_diff $tmpfile1 "$tmpfile"