X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/331a509335cfdd223f4b39a0c02387b772aa7c87..a831a0ea78e0711a697f2fc18c25aef3e5a63c79:/cookbooks/networking/resources/firewall_rule.rb

diff --git a/cookbooks/networking/resources/firewall_rule.rb b/cookbooks/networking/resources/firewall_rule.rb
index 665c0cb84..218a6b5f4 100644
--- a/cookbooks/networking/resources/firewall_rule.rb
+++ b/cookbooks/networking/resources/firewall_rule.rb
@@ -141,15 +141,15 @@ action_class do
       rule << "add @#{set} { #{ip} saddr ct count #{new_resource.connection_limit} }"
     end
 
-    # if new_resource.rate_limit =~ %r{^s:(\d+)/sec:(\d+)$}
-    #   set = "#{new_resource.rule}-#{ip}"
-    #   rate = Regexp.last_match(1)
-    #   burst = Regexp.last_match(2)
-    #
-    #   node.default[:networking][:firewall][:sets] << set
-    #
-    #   rule << "add @#{set} { #{ip} saddr limit rate #{rate}/second burst #{burst} packets }"
-    # end
+    if new_resource.rate_limit =~ %r{^s:(\d+)/sec:(\d+)$}
+      set = "ratelimit-#{new_resource.rule}-#{ip}"
+      rate = Regexp.last_match(1)
+      burst = Regexp.last_match(2)
+
+      node.default[:networking][:firewall][:sets] << set
+
+      rule << "add @#{set} { #{ip} saddr limit rate #{rate}/second burst #{burst} packets }"
+    end
 
     rule << case action
             when :accept then "accept"