#!/bin/bash
set -e
$NFT add table test-ip
$NFT add counter test-ip https-traffic
$NFT add quota test-ip https-quota 25 mbytes
$NFT add map test-ip ports { type inet_service : quota \; }
$NFT add table ip6 test-ip6
$NFT add quota ip6 test-ip6 http-quota over 25 mbytes
$NFT add counter ip6 test-ip6 http-traffic
$NFT add quota ip6 test-ip6 ssh-quota 10 mbytes
counter_handle=$($NFT list ruleset -a | awk '/https-traffic/{print $NF}')
quota_handle=$($NFT list ruleset -a | awk '/ssh-quota/{print $NF}')
$NFT delete counter test-ip handle $counter_handle
$NFT delete quota ip6 test-ip6 handle $quota_handle
EXPECTED="table ip test-ip {
quota https-quota {
25 mbytes
}
map ports {
type inet_service : quota
}
}
table ip6 test-ip6 {
quota http-quota {
over 25 mbytes
}
counter http-traffic {
packets 0 bytes 0
}
}"
GET="$($NFT list ruleset)"
if [ "$EXPECTED" != "$GET" ] ; then
DIFF="$(which diff)"
[ -x $DIFF ] && $DIFF -u <(echo "$EXPECTED") <(echo "$GET")
exit 1
fi