#!/bin/bash

set -e

$XT_MULTI iptables -N foo
$XT_MULTI iptables -A FORWARD -i eth23 -o eth42 -j ACCEPT
$XT_MULTI iptables -A FORWARD -i eth42 -o eth23 -g foo
$XT_MULTI iptables -t nat -A OUTPUT -o eth123 -m mark --mark 0x42 -j ACCEPT

EXPECT='-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N foo
-A FORWARD -i eth23 -o eth42 -j ACCEPT
-A FORWARD -i eth42 -o eth23 -g foo'

diff -u -Z <(echo -e "$EXPECT") <($XT_MULTI iptables -S)

EXPECT='-P INPUT ACCEPT -c 0 0
-P FORWARD ACCEPT -c 0 0
-P OUTPUT ACCEPT -c 0 0
-N foo
-A FORWARD -i eth23 -o eth42 -c 0 0 -j ACCEPT
-A FORWARD -i eth42 -o eth23 -c 0 0 -g foo'

diff -u -Z <(echo -e "$EXPECT") <($XT_MULTI iptables -v -S)

EXPECT='-P FORWARD ACCEPT
-A FORWARD -i eth23 -o eth42 -j ACCEPT
-A FORWARD -i eth42 -o eth23 -g foo'

diff -u -Z <(echo -e "$EXPECT") <($XT_MULTI iptables -S FORWARD)

EXPECT='-P FORWARD ACCEPT -c 0 0
-A FORWARD -i eth23 -o eth42 -c 0 0 -j ACCEPT
-A FORWARD -i eth42 -o eth23 -c 0 0 -g foo'

diff -u -Z <(echo -e "$EXPECT") <($XT_MULTI iptables -v -S FORWARD)

EXPECT='-P OUTPUT ACCEPT
-A OUTPUT -o eth123 -m mark --mark 0x42 -j ACCEPT'

diff -u -Z <(echo -e "$EXPECT") <($XT_MULTI iptables -t nat -S OUTPUT)

EXPECT='-P OUTPUT ACCEPT -c 0 0
-A OUTPUT -o eth123 -m mark --mark 0x42 -c 0 0 -j ACCEPT'

diff -u -Z <(echo -e "$EXPECT") <($XT_MULTI iptables -v -t nat -S OUTPUT)

# some of the following commands are supposed to fail
set +e

$XT_MULTI iptables -S nonexistent && {
	echo "list-rules in non-existent chain should fail"
	exit 1
}
$XT_MULTI iptables -S nonexistent 23 && {
	echo "list-rules in non-existent chain with given rule number should fail"
	exit 1
}
$XT_MULTI iptables -S FORWARD 234 || {
	echo "list-rules in existent chain with invalid rule number should succeed"
	exit 1
}