From 6a87eed58690ec8ccb0e6a37da3bdbb45f38e7ff Mon Sep 17 00:00:00 2001
From: Brian Coca <brian.coca+git@gmail.com>
Date: Tue, 3 Nov 2015 12:12:39 -0500
Subject: [PATCH] made ctstate default to [] and evaluation conditional on the
 list being popoulated

---
 system/iptables.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/system/iptables.py b/system/iptables.py
index e78295cc291..8c2a67eb636 100644
--- a/system/iptables.py
+++ b/system/iptables.py
@@ -262,8 +262,9 @@ def construct_rule(params):
     append_param(rule, params['to_ports'], '--to-ports', False)
     append_comm(rule, params['comment'])
     append_param(rule, params['comment'], '--comment', False)
-    append_conntrack(rule, params['ctstate'])
-    append_param(rule, ','.join(params['ctstate']), '--ctstate', False)
+    if params['ctstate']:
+        append_conntrack(rule, params['ctstate'])
+        append_param(rule, ','.join(params['ctstate']), '--ctstate', False)
     return rule