From: Tom Hughes Date: Sun, 5 Mar 2023 14:00:05 +0000 (+0000) Subject: Disable rate and connection limits X-Git-Url: https://git.openstreetmap.org./chef.git/commitdiff_plain/5fdb5f0bbc9e38b2a8b6f2136319b11dd5af435b Disable rate and connection limits --- diff --git a/cookbooks/networking/resources/firewall_rule.rb b/cookbooks/networking/resources/firewall_rule.rb index 48a5074d7..36500c022 100644 --- a/cookbooks/networking/resources/firewall_rule.rb +++ b/cookbooks/networking/resources/firewall_rule.rb @@ -133,19 +133,19 @@ action_class do rule << "ct state new" end - if new_resource.connection_limit != "-" - rule << "ct count #{new_resource.connection_limit}" - end - - if new_resource.rate_limit =~ %r{^s:(\d+)/sec:(\d+)$} - set = "#{new_resource.rule}-#{ip}" - rate = Regexp.last_match(1) - burst = Regexp.last_match(2) - - node.default[:networking][:firewall][:sets] << set - - rule << "add @#{set} { #{ip} saddr limit rate #{rate}/second burst #{burst} packets }" - end + # if new_resource.connection_limit != "-" + # rule << "ct count #{new_resource.connection_limit}" + # end + + # if new_resource.rate_limit =~ %r{^s:(\d+)/sec:(\d+)$} + # set = "#{new_resource.rule}-#{ip}" + # rate = Regexp.last_match(1) + # burst = Regexp.last_match(2) + # + # node.default[:networking][:firewall][:sets] << set + # + # rule << "add @#{set} { #{ip} saddr limit rate #{rate}/second burst #{burst} packets }" + # end rule << case action when :accept then "accept"