#!/bin/sh

echo 'vvv systemctl status arno-iptables-firewall.service vvv'
systemctl status arno-iptables-firewall.service
echo '^^^ systemctl status arno-iptables-firewall.service ^^^'

echo 'vvv journalctl vvv'
journalctl
echo '^^^ journalctl ^^^'

echo 'vvv iptables -S vvv'
iptables -S 2>/dev/null
echo '^^^ iptables -S ^^^'

echo 'vvv ip6tables -S vvv'
ip6tables -S 2>/dev/null
echo '^^^ ip6tables -S ^^^'

echo Checking config file for expected content ...
if ! diff /etc/arno-iptables-firewall/conf.d/00debconf.conf debian/tests/expected-config.d/00debconf.conf; then
	echo ... failed!
	exit 1
else
	echo ... succeeded!
fi

echo Checking for expected iptables rules ...
# LC_ALL=C to make sure to sort by native byte values
LC_ALL=C
if ! (
	{
		echo ... Regular test ...
		iptables -S 2>/dev/null | sort >/tmp/current_iptables_-S_sorted
		sort debian/tests/expected-config.d/iptables_-S >/tmp/iptables_-S_sorted
		diff /tmp/current_iptables_-S_sorted /tmp/iptables_-S_sorted
	} || {
		# Workaround to deal with Salsa CI's behaviour
		# See https://salsa.debian.org/salsa-ci-team/pipeline/issues/131
		echo ... Salsa specific test ...
		iptables -S 2>/dev/null | sort >/tmp/current_iptables_-S_sorted
		sort debian/tests/expected-config.d/salsa_iptables_-S >/tmp/iptables_-S_sorted
		diff /tmp/current_iptables_-S_sorted /tmp/iptables_-S_sorted
	}
); then
	echo ... failed!
	exit 1
else
	echo ... succeeded!
fi

echo Checking for expected ip6tables rules ...
# LC_ALL=C to make sure to sort by native byte values
LC_ALL=C
if ! (
	{
		echo ... Regular test ...
		ip6tables -S 2>/dev/null | sort >/tmp/current_ip6tables_-S_sorted
		sort debian/tests/expected-config.d/ip6tables_-S >/tmp/ip6tables_-S_sorted
		diff /tmp/current_ip6tables_-S_sorted /tmp/ip6tables_-S_sorted
	} || {
		# Workaround to deal with Salsa CI's potential behaviour
		# Currently, 2019-11-23, it does not differ from the regular test
		echo ... Salsa specific test ...
		ip6tables -S 2>/dev/null | sort >/tmp/current_ip6tables_-S_sorted
		sort debian/tests/expected-config.d/salsa_ip6tables_-S >/tmp/ip6tables_-S_sorted
		diff /tmp/current_ip6tables_-S_sorted /tmp/ip6tables_-S_sorted
	}
); then
	echo ... failed!
	exit 1
else
	echo ... succeeded!
fi
