X-Git-Url: https://git.openstreetmap.org/chef.git/blobdiff_plain/faf8ae12e85eabb050b0f5eceb2cb67ad1de5261..e03067e0599313ff544f05dc5b49eaa5203c5978:/cookbooks/networking/templates/default/shorewall-rules.erb

diff --git a/cookbooks/networking/templates/default/shorewall-rules.erb b/cookbooks/networking/templates/default/shorewall-rules.erb
index ffa55a9be..0b13f7ba0 100644
--- a/cookbooks/networking/templates/default/shorewall-rules.erb
+++ b/cookbooks/networking/templates/default/shorewall-rules.erb
@@ -1,9 +1,13 @@
 # DO NOT EDIT - This file is being maintained by Chef
 
+<% if node[:lsb][:release].to_f >= 16.04 -%>
+?SECTION NEW
+<% else -%>
 SECTION NEW
+<% end -%>
 
-# ACTION	SOURCE	DEST	PROTO		DEST		SOURCE	ORIGINAL	RATE
+# ACTION	SOURCE	DEST	PROTO		DEST		SOURCE	ORIGINAL	RATE	USER	MARK	CONNLIMIT
 #						PORTS		PORTS	DEST		LIMIT
-<% @rules.each do |r| -%>
-<%= r[:action] %>		<%= r[:source] %>	<%= r[:dest] %>	<%= r[:proto] %>		<%= r[:dest_ports] %>	<%= r[:source_ports] %>	-	<%= r[:rate_limit] %>
+<% node[:networking][:firewall][@family].each do |r| # ~FC034 -%>
+<%= r[:action] %>		<%= r[:source] %>	<%= r[:dest] %>	<%= r[:proto] %>		<%= r[:dest_ports] %>	<%= r[:source_ports] %>	-	<%= r[:rate_limit] %>	-	-	<%= r[:connection_limit] %>
 <% end -%>