From f92c7f7a4470c8adf2f52004135308394cdd6804 Mon Sep 17 00:00:00 2001
From: Chris Rutter <crutter@maileig.com>
Date: Tue, 11 Jun 2013 11:34:50 -0400
Subject: [PATCH] fix for default burst value of 5 fixes #200

---
 lib/puppet/provider/firewall/iptables.rb | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lib/puppet/provider/firewall/iptables.rb b/lib/puppet/provider/firewall/iptables.rb
index 43ae556..39f50a7 100644
--- a/lib/puppet/provider/firewall/iptables.rb
+++ b/lib/puppet/provider/firewall/iptables.rb
@@ -247,6 +247,12 @@ Puppet::Type.type(:firewall).provide :iptables, :parent => Puppet::Provider::Fir
       hash[:log_level] = '4'
     end
 
+    # Iptables defaults to burst '5', so it is ommitted from the output of iptables-save.
+    # If the :limit value is set and you don't have a burst set, we assume it to be '5'.
+    if hash[:limit] && ! hash[:burst]
+      hash[:burst] = '5'
+    end
+
     hash[:line] = line
     hash[:provider] = self.name.to_s
     hash[:table] = table
-- 
2.45.2