# DO NOT EDIT - This file is being maintained by Chef
+<% if node[:lsb][:release].to_f >= 16.04 -%>
?SECTION NEW
+<% else -%>
+SECTION NEW
+<% end -%>
-# ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE
+# ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER MARK CONNLIMIT
# PORTS PORTS DEST LIMIT
-<% @rules.each do |r| -%>
-<%= r[:action] %> <%= r[:source] %> <%= r[:dest] %> <%= r[:proto] %> <%= r[:dest_ports] %> <%= r[:source_ports] %> - <%= r[:rate_limit] %>
+<% node[:networking][:firewall][@family].each do |r| # ~FC034 -%>
+<%= r[:action] %> <%= r[:source] %> <%= r[:dest] %> <%= r[:proto] %> <%= r[:dest_ports] %> <%= r[:source_ports] %> - <%= r[:rate_limit] %> - - <%= r[:connection_limit] %>
<% end -%>