The commands needed to set an iptables configuration from an ERB template in Chef.

iptables.rb

template "/etc/sysconfig/iptables" do
  source "iptables.erb"
  owner "root"
  group "root"
  mode "0600"
end

# Ensure that the iptables file adheres to the selinux requirements
execute "chcon" do
  command "chcon system_u:object_r:system_conf_t:s0 /etc/sysconfig/iptables"
  action :run
end 

execute "service" do
  command "service iptables save"
  action :run
end 

service "iptables" do 
  action :restart
end