From ece6872b811d54d4c696208dc418ea41ed07c855 Mon Sep 17 00:00:00 2001
From: Daniel Vigueras <dvigueras@doalitic.com>
Date: Mon, 18 Jan 2016 16:00:09 +0100
Subject: [PATCH] iptables: add --limit-burst option

---
 system/iptables.py | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/system/iptables.py b/system/iptables.py
index 2b71e1f9380..725259f14a1 100644
--- a/system/iptables.py
+++ b/system/iptables.py
@@ -211,6 +211,10 @@ options:
     description:
       - "Specifies the maximum average number of matches to allow per second. The number can specify units explicitly, using `/second', `/minute', `/hour' or `/day', or parts of them (so `5/second' is the same as `5/s')."
     required: false
+  limit_burst:
+    description:
+      - "Specifies the maximum burst before the above limit kicks in."
+    required: false
 '''
 
 EXAMPLES = '''
@@ -266,8 +270,9 @@ def construct_rule(params):
     append_param(rule, params['comment'], '--comment', False)
     append_match(rule, params['ctstate'], 'state')
     append_csv(rule, params['ctstate'], '--state')
-    append_match(rule, params['limit'], 'limit')
+    append_match(rule, params['limit'] or params['limit_burst'], 'limit')
     append_param(rule, params['limit'], '--limit', False)
+    append_param(rule, params['limit_burst'], '--limit-burst', False)
     return rule
 
 
@@ -319,6 +324,7 @@ def main():
             comment=dict(required=False, default=None, type='str'),
             ctstate=dict(required=False, default=[], type='list'),
             limit=dict(required=False, default=None, type='str'),
+            limit_burst=dict(required=False, default=None, type='str'),
         ),
     )
     args = dict(