#!/bin/bash

RULESET="table x {
	set y {
		type ipv4_addr
		limit rate 1/second counter
		elements = { 5.5.5.5 limit rate 1/second counter packets 0 bytes 0 }
	}
	chain y {
		type filter hook output priority filter; policy accept;
		ip daddr @y
	}
}"

$NFT -f - <<< $RULESET
# should work
if [ $? -ne 0 ]
then
	exit 1
fi

# should work
$NFT add element x y { 1.1.1.1 limit rate 1/second counter }
if [ $? -ne 0 ]
then
	exit 1
fi

# should fail
$NFT add element x y { 2.2.2.2 limit rate 1/second }
if [ $? -eq 0 ]
then
	exit 1
fi

# should fail
$NFT add element x y { 3.3.3.3 counter limit rate 1/second }
if [ $? -eq 0 ]
then
	exit 1
fi

# should work
$NFT add element x y { 4.4.4.4 }
if [ $? -ne 0 ]
then
	exit 1
fi

exit 0