Merge "Create all chains before any rules"
diff --git a/iptables/_rule.sls b/iptables/_rule.sls
index 3fea39c..3ae7c22 100644
--- a/iptables/_rule.sls
+++ b/iptables/_rule.sls
@@ -4,9 +4,13 @@
- position: {{ rule.position }}
{%- else %}
iptables.append:
- {%- if loop.index != 1 %}
- require:
+ {%- if loop.index != 1 %}
- iptables: iptables_{{ chain_name }}_{% if service_name is defined %}{{ service_name }}_{% endif %}{{ loop.index - 1 }}
+ {%- else %}
+ {%- for chain in chains %}
+ - iptables: iptables_{{ chain }}
+ {%- endfor %}
{%- endif %}
{%- endif %}
- table: {{ rule.get('table', 'filter') }}
diff --git a/iptables/rules.sls b/iptables/rules.sls
index ec39e15..f3fb66f 100644
--- a/iptables/rules.sls
+++ b/iptables/rules.sls
@@ -1,6 +1,7 @@
{% from "iptables/map.jinja" import service with context %}
{%- if grains.get('virtual_subtype', None) not in ['Docker', 'LXC'] %}
+{%- set chains = service.get('chain', {}).keys() %}
{%- for chain_name, chain in service.get('chain', {}).iteritems() %}
iptables_{{ chain_name }}: