#!/bin/bash

# NFT_TEST_REQUIRES(NFT_TEST_HAVE_reset_set)

set -e

trap '[[ $? -eq 0 ]] || echo FAIL' EXIT

RULESET="table t {
	set s {
		type ipv4_addr . inet_proto . inet_service
		flags interval, timeout
		counter
		timeout 30m
		elements = {
			1.0.0.1 . udp . 53 counter packets 5 bytes 30 expires 20m,
			2.0.0.2 . tcp . 22 counter packets 10 bytes 100 timeout 15m expires 10m
		}
	}
	map m {
		type ipv4_addr : ipv4_addr
		quota 50 bytes
		elements = {
			1.2.3.4 quota 50 bytes used 10 bytes : 10.2.3.4,
			5.6.7.8 quota 100 bytes used 50 bytes : 50.6.7.8
		}
	}
}"

echo -n "applying test ruleset: "
$NFT -f - <<< "$RULESET"
echo OK

drop_seconds() {
	sed 's/[0-9]\+m\?s//g'
}
expires_minutes() {
	sed -n 's/.*expires \([0-9]*\)m.*/\1/p'
}

echo -n "get set elem matches reset set elem: "
elem='element t s { 1.0.0.1 . udp . 53 }'
[[ $($NFT "get $elem ; reset $elem" | \
	grep 'elements = ' | drop_seconds | uniq | wc -l) == 1 ]]
echo OK

echo -n "counters are reset, expiry left alone: "
NEW=$($NFT "get $elem")
grep -q 'counter packets 0 bytes 0' <<< "$NEW"
[[ $(expires_minutes <<< "$NEW") -lt 20 ]]
echo OK

echo -n "get map elem matches reset map elem: "
elem='element t m { 1.2.3.4 }'
[[ $($NFT "get $elem ; reset $elem" | \
	grep 'elements = ' | uniq | wc -l) == 1 ]]
echo OK

echo -n "quota value is reset: "
$NFT get element t m '{ 1.2.3.4 }' | grep -q 'quota 50 bytes : 10.2.3.4'
echo OK

echo -n "other elements remain the same: "
OUT=$($NFT get element t s '{ 2.0.0.2 . tcp . 22 }')
grep -q 'counter packets 10 bytes 100 timeout 15m' <<< "$OUT"
VAL=$(expires_minutes <<< "$OUT")
[[ $val -lt 10 ]]
$NFT get element t m '{ 5.6.7.8 }' | grep -q 'quota 100 bytes used 50 bytes'
echo OK

echo -n "list set matches reset set: "
EXP=$($NFT list set t s | drop_seconds)
OUT=$($NFT reset set t s | drop_seconds)
$DIFF -u <(echo "$EXP") <(echo "$OUT")
echo OK

echo -n "list map matches reset map: "
EXP=$($NFT list map t m)
OUT=$($NFT reset map t m)
$DIFF -u <(echo "$EXP") <(echo "$OUT")
echo OK

echo -n "remaining elements are reset: "
OUT=$($NFT list ruleset)
grep -q '2.0.0.2 . tcp . 22 counter packets 0 bytes 0' <<< "$OUT"
grep -q '5.6.7.8 quota 100 bytes : 50.6.7.8' <<< "$OUT"
echo OK