#!/bin/bash

set -e

RULESET="add table x
add table y
flush ruleset"

$NFT -f - <<< "$RULESET"
if [ $? -ne 0 ] ; then
        echo "E: unable to load good ruleset" >&2
        exit 1
fi

KERNEL_RULESET="$($NFT list ruleset)"
if [ "" != "$KERNEL_RULESET" ] ; then
	DIFF="$(which diff)"
	echo "Got a ruleset, but expected empty: "
	echo "$KERNEL_RULESET"
	exit 1
fi

RULESET="table ip x {
}
table ip y {
}"

$NFT -f - <<< "$RULESET"
if [ $? -ne 0 ] ; then
        echo "E: unable to load good ruleset" >&2
        exit 1
fi

RULESETFAIL="flush ruleset
create table ip nat
create table inet filter
create chain ip nat testchain
delete table ip testtable"

# testtable doesn't exist, batch expected to fail
$NFT -f - <<< "$RULESETFAIL" && exit 2

KERNEL_RULESET="$($NFT list ruleset)"
if [ "$RULESET" != "$KERNEL_RULESET" ] ; then
        DIFF="$(which diff)"
        [ -x $DIFF ] && $DIFF -u <(echo "$RULESET") <(echo "$KERNEL_RULESET")
        exit 1
fi