Allow custom chains to be present, other than the INPUT, FORWARD, OUTPUT default chains.

iptables/_rule.sls

   - require_in:
     - iptables: iptables_{{ chain_name }}_policy
   {%- endif %}
+  - require:
+    - iptables: iptables_{{ chain_name }}{% if rule.family is defined %}_{{ rule.family }}{% endif %}
   - save: True

iptables/rules.sls

 
 {%- for chain_name, chain in service.get('chain', {}).iteritems() %}
 
+iptables_{{ chain_name }}:
+  iptables.chain_present:
+    - family: ipv4
+    - name: {{ chain_name }}
+    - table: filter
+
+{%-   if grains.ipv6|default(False) and service.ipv6|default(True) %}
+iptables_{{ chain_name }}_ipv6:
+  iptables.chain_present:
+    - family: ipv6
+    - name: {{ chain_name }}
+    - table: filter
+    - require_in:
+      - iptables: iptables_{{ chain_name }}_ipv6_policy
+
 {%- if chain.policy is defined %}
 iptables_{{ chain_name }}_policy:
   iptables.set_policy:
     - chain: {{ chain_name }}
     - policy: {{ chain.policy }}
     - table: filter
+    - require:
+      - iptables: iptables_{{ chain_name }}
 
 {%-   if grains.ipv6|default(False) and service.ipv6|default(True) %}
 iptables_{{ chain_name }}_ipv6_policy:
     - chain: {{ chain_name }}
     - policy: {{ chain.policy }}
     - table: filter
+    - require:
+      - iptables: iptables_{{ chain_name }}_ipv6
 {%-   endif %}
 {%- endif %}