#!/bin/bash

set -e

tmpfile=$(mktemp)
if [ ! -w $tmpfile ] ; then
        echo "Failed to create tmp file" >&2
        exit 0
fi

trap "rm -rf $tmpfile" EXIT # cleanup if aborted

RULESET="add table x
add chain x y
add rule x y ip saddr 1.1.1.1 counter
flush ruleset
add table x
add chain x y
add rule x y ip saddr 2.2.2.2 counter"

echo "$RULESET" > $tmpfile
$NFT -f $tmpfile
if [ $? -ne 0 ] ; then
        echo "E: unable to load good ruleset" >&2
        exit 1
fi

EXPECTED="table ip x {
	chain y {
		ip saddr 2.2.2.2 counter packets 0 bytes 0
	}
}"

GET="$($NFT list ruleset)"

if [ "$EXPECTED" != "$GET" ] ; then
	DIFF="$(which diff)"
	[ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET")
	exit 1
fi