From e0bdd2e7f686ca0c7f382c1c2766765de216a019 Mon Sep 17 00:00:00 2001
From: Romain Brucker <romain.brucker@amalto.com>
Date: Tue, 10 Nov 2015 09:21:32 -0600
Subject: [PATCH] Editing iptable module to use -m state --state instead of -m
 conntrack --ctstate

---
 system/iptables.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/system/iptables.py b/system/iptables.py
index 3e42a711db4..b9368e0688f 100644
--- a/system/iptables.py
+++ b/system/iptables.py
@@ -246,7 +246,7 @@ def append_comm(rule, param):
 def append_conntrack(rule, param):
     if param:
         rule.extend(['-m'])
-        rule.extend(['conntrack'])
+        rule.extend(['state'])
 
 def append_limit(rule, param):
     if param:
@@ -273,7 +273,7 @@ def construct_rule(params):
     append_param(rule, params['comment'], '--comment', False)
     if params['ctstate']:
         append_conntrack(rule, params['ctstate'])
-        append_param(rule, ','.join(params['ctstate']), '--ctstate', False)
+        append_param(rule, ','.join(params['ctstate']), '--state', False)
     append_limit(rule, params['limit'])
     append_param(rule, params['limit'], '--limit', False)
     return rule