From a10209cbe98fdd24e965172f2fa9709eb97546f7 Mon Sep 17 00:00:00 2001
From: George Brighton <gebn@users.noreply.github.com>
Date: Tue, 27 Dec 2016 07:27:22 +0000
Subject: [PATCH] iptables: Fixes invalid ip6tables option (#19657)

fixes #19656
---
 lib/ansible/modules/system/iptables.py | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/lib/ansible/modules/system/iptables.py b/lib/ansible/modules/system/iptables.py
index ef45a1cdb68..e22328ea8c2 100644
--- a/lib/ansible/modules/system/iptables.py
+++ b/lib/ansible/modules/system/iptables.py
@@ -23,6 +23,11 @@ BINS = dict(
     ipv6='ip6tables',
 )
 
+ICMP_TYPE_OPTIONS = dict(
+    ipv4='--icmp-type',
+    ipv6='--icmpv6-type',
+)
+
 ANSIBLE_METADATA = {'status': ['preview'],
                     'supported_by': 'core',
                     'version': '1.0'}
@@ -403,7 +408,11 @@ def construct_rule(params):
     append_param(rule, params['uid_owner'], '--uid-owner', False)
     append_jump(rule, params['reject_with'], 'REJECT')
     append_param(rule, params['reject_with'], '--reject-with', False)
-    append_param(rule, params['icmp_type'], '--icmp-type', False)
+    append_param(
+        rule,
+        params['icmp_type'],
+        ICMP_TYPE_OPTIONS[params['ip_version']],
+        False)
     return rule