Hi,
In 1.0.0 version in default.rb block "rebuild-iptables" goes before directory "/etc/iptables.d" creation, so running in default CentOS fails because of no-existant directory.

Also:

Errno::ENOENT
-------------
No such file or directory - /usr/sbin/rebuild-iptables

  Resource Declaration:
  ---------------------
  # In /var/chef/cache/cookbooks/iptables/providers/rule.rb

   28:   execute 'rebuild-iptables' do
   29:     command '/usr/sbin/rebuild-iptables'
   30:     action :nothing
   31:   end
   32:

I also had this failure, but it doesn't seem to be an issue with the cookbook, it was an issue in my environment. This line

:hashbang => ::File.exist?('/usr/bin/ruby') ? '/usr/bin/ruby' : '/opt/chef/embedded/bin/ruby' 

seemed to cause the failure because I had installed ruby with rvm, and chef with gem install, so no ruby existed at /usr/bin/ruby or /opt/chef/embedded/bin/ruby. I got this to work by linking /usr/bin/ruby to the ruby that was installed by rvm.

@river-fall that sounds like you're invoking the iptables_rule LWRP before you've actually installed the /usr/sbin/rebuild-iptables script using the default recipe.

@zrobisho This cookbook -- and most of Chef's cookbooks -- are only intended to support the full-stack Chef Client installer which installs into /opt. As you mention, if you have nonstandard install mechanisms you can wrap this cookbook with a recipe beforehand that creates the symlink.