diff --git a/manifests/params.pp b/manifests/params.pp
@@ -57,7 +57,6 @@
             $service_name = 'iptables-persistent'
             $package_name = 'iptables-persistent'
           }
-
         }
         'Ubuntu': {
           if versioncmp($::operatingsystemrelease, '14.10') >= 0 {
@@ -67,7 +66,6 @@
             $service_name = 'iptables-persistent'
             $package_name = 'iptables-persistent'
           }
-
         }
         default: {
           $service_name = 'iptables-persistent'

diff --git a/metadata.json b/metadata.json
@@ -1,6 +1,6 @@
 {
   "name": "puppetlabs-firewall",
-  "version": "2.5.0",
+  "version": "2.6.0",
   "author": "puppetlabs",
   "summary": "Manages Firewalls such as iptables",
   "license": "Apache-2.0",
@@ -78,7 +78,7 @@
       "version_requirement": ">= 5.5.10 < 7.0.0"
     }
   ],
-  "template-url": "https://github.com/puppetlabs/pdk-templates#master",
-  "template-ref": "heads/master-0-g88b05c7",
+  "template-url": "https://github.com/puppetlabs/pdk-templates#main",
+  "template-ref": "heads/main-0-g88b05c7",
   "pdk-version": "1.17.0"
 }
diff --git a/spec/acceptance/nodesets/centos-7-x64.yml b/spec/acceptance/nodesets/centos-7-x64.yml
diff --git a/spec/acceptance/nodesets/debian-8-x64.yml b/spec/acceptance/nodesets/debian-8-x64.yml
diff --git a/spec/acceptance/nodesets/default.yml b/spec/acceptance/nodesets/default.yml
diff --git a/spec/acceptance/nodesets/docker/centos-7.yml b/spec/acceptance/nodesets/docker/centos-7.yml
diff --git a/spec/acceptance/nodesets/docker/debian-8.yml b/spec/acceptance/nodesets/docker/debian-8.yml
diff --git a/spec/acceptance/nodesets/docker/ubuntu-14.04.yml b/spec/acceptance/nodesets/docker/ubuntu-14.04.yml
diff --git a/spec/acceptance/nodesets/new/aio/debian-8-64mda.yml b/spec/acceptance/nodesets/new/aio/debian-8-64mda.yml
diff --git a/spec/acceptance/nodesets/new/aio/redhat-6-64mda.yml b/spec/acceptance/nodesets/new/aio/redhat-6-64mda.yml
diff --git a/spec/acceptance/nodesets/new/aio/redhat-7-64mda.yml b/spec/acceptance/nodesets/new/aio/redhat-7-64mda.yml
diff --git a/spec/acceptance/nodesets/new/aio/ubuntu-1404-64mda.yml b/spec/acceptance/nodesets/new/aio/ubuntu-1404-64mda.yml
diff --git a/spec/acceptance/nodesets/new/aio/ubuntu-1604-64mda.yml b/spec/acceptance/nodesets/new/aio/ubuntu-1604-64mda.yml
diff --git a/spec/acceptance/nodesets/new/pe/centos-5-64mda.yml b/spec/acceptance/nodesets/new/pe/centos-5-64mda.yml
diff --git a/spec/acceptance/nodesets/new/pe/centos-6-64mda.yml b/spec/acceptance/nodesets/new/pe/centos-6-64mda.yml
diff --git a/spec/acceptance/nodesets/new/pe/centos-7-64mda.yml b/spec/acceptance/nodesets/new/pe/centos-7-64mda.yml
diff --git a/spec/acceptance/nodesets/new/pe/debian-6-64mda.yml b/spec/acceptance/nodesets/new/pe/debian-6-64mda.yml
diff --git a/spec/acceptance/nodesets/new/pe/debian-7-64mda.yml b/spec/acceptance/nodesets/new/pe/debian-7-64mda.yml
diff --git a/spec/acceptance/nodesets/new/pe/debian-8-64mda.yml b/spec/acceptance/nodesets/new/pe/debian-8-64mda.yml
diff --git a/spec/acceptance/nodesets/new/pe/oracle-5-64mda.yml b/spec/acceptance/nodesets/new/pe/oracle-5-64mda.yml
diff --git a/spec/acceptance/nodesets/new/pe/oracle-6-64mda.yml b/spec/acceptance/nodesets/new/pe/oracle-6-64mda.yml
diff --git a/spec/acceptance/nodesets/new/pe/oracle-7-64mda.yml b/spec/acceptance/nodesets/new/pe/oracle-7-64mda.yml
diff --git a/spec/acceptance/nodesets/new/pe/redhat-5-64mda.yml b/spec/acceptance/nodesets/new/pe/redhat-5-64mda.yml
diff --git a/spec/acceptance/nodesets/new/pe/redhat-6-64mda.yml b/spec/acceptance/nodesets/new/pe/redhat-6-64mda.yml
diff --git a/spec/acceptance/nodesets/new/pe/redhat-7-64mda.yml b/spec/acceptance/nodesets/new/pe/redhat-7-64mda.yml
diff --git a/spec/acceptance/nodesets/new/pe/scientific-5-64mda.yml b/spec/acceptance/nodesets/new/pe/scientific-5-64mda.yml
diff --git a/spec/acceptance/nodesets/new/pe/scientific-6-64mda.yml b/spec/acceptance/nodesets/new/pe/scientific-6-64mda.yml
diff --git a/spec/acceptance/nodesets/new/pe/scientific-7-64mda.yml b/spec/acceptance/nodesets/new/pe/scientific-7-64mda.yml
diff --git a/spec/acceptance/nodesets/new/pe/sles-10-64mda.yml b/spec/acceptance/nodesets/new/pe/sles-10-64mda.yml
diff --git a/spec/acceptance/nodesets/new/pe/sles-11-64mda.yml b/spec/acceptance/nodesets/new/pe/sles-11-64mda.yml
diff --git a/spec/acceptance/nodesets/new/pe/sles-12-64mda.yml b/spec/acceptance/nodesets/new/pe/sles-12-64mda.yml
diff --git a/spec/acceptance/nodesets/new/pe/ubuntu-1004-64mda.yml b/spec/acceptance/nodesets/new/pe/ubuntu-1004-64mda.yml
diff --git a/spec/acceptance/nodesets/new/pe/ubuntu-1204-64mda.yml b/spec/acceptance/nodesets/new/pe/ubuntu-1204-64mda.yml
diff --git a/spec/acceptance/nodesets/new/pe/ubuntu-1404-64mda.yml b/spec/acceptance/nodesets/new/pe/ubuntu-1404-64mda.yml
diff --git a/spec/acceptance/nodesets/new/pe/ubuntu-1604-64mda.yml b/spec/acceptance/nodesets/new/pe/ubuntu-1604-64mda.yml
diff --git a/spec/fixtures/iptables/conversion_hash.rb b/spec/fixtures/iptables/conversion_hash.rb
@@ -234,38 +234,43 @@
     },
   },
   'comment_string_character_validation' => {
-    line: '-A INPUT -s 192.168.0.1/32 -m comment --comment "000 allow from 192.168.0.1, please"',
+    line: '-A INPUT -s 192.168.0.1/32 -m comment --comment "000 allow from 192.168.0.1, please" -j ACCEPT',
     table: 'filter',
     params: {
       source: '192.168.0.1/32',
+      action: 'accept',
     },
   },
   'multiple_comments' => {
-    line: '-A INPUT -s 192.168.0.1/32 -m comment --comment "000 allow from 192.168.0.1, please" -m comment --comment "another comment"',
+    line: '-A INPUT -s 192.168.0.1/32 -m comment --comment "000 allow from 192.168.0.1, please" -m comment --comment "another comment" -j ACCEPT',
     table: 'filter',
     params: {
       name: '000 allow from 192.168.0.1, please;another comment',
+      action: 'accept',
     },
   },
-  'comments_without_quotes' => {
-    line: '-A INPUT -s 192.168.0.1/32 -m comment --comment comment_without_quotes',
+  'comments_without_quotes_with_underscores' => {
+    line: '-A INPUT -s 192.168.0.1/32 -m comment --comment comment_without_quotes -j ACCEPT',
     table: 'filter',
     params: {
       name: '9000 comment_without_quotes',
+      action: 'accept',
     },
   },
-  'comments_without_quotes' => {
-    line: '-A INPUT -s 192.168.0.1/32 -m comment --comment 100-comment_without-quotes',
+  'comments_without_quotes_with_dashes' => {
+    line: '-A INPUT -s 192.168.0.1/32 -m comment --comment 100-comment_without-quotes -j ACCEPT',
     table: 'filter',
     params: {
       name: '100-comment_without-quotes',
+      action: 'accept',
     },
   },
   'string_escape_sequences' => {
-    line: '-A INPUT -m comment --comment "000 parse escaped \\"s, \\"s, \\\'s, \\\'s, \\\\s and \\\\s"',
+    line: '-A INPUT -m comment --comment "000 parse escaped \\"s, \\"s, \\\'s, \\\'s, \\\\s and \\\\s" -j ACCEPT',
     table: 'filter',
     params: {
       name: '000 parse escaped "s, "s, \'s, \'s, \\s and \\s',
+      action: 'accept',
     },
   },
   'log_level_debug' => {
@@ -1385,7 +1390,7 @@
       table: 'filter',
       string: 'GET /index.html',
     },
-    args: ['-t', :filter, '-p', :tcp, '-m', 'string', '--string', "'GET /index.html'", '-m', 'comment', '--comment', '000 string_matching'],
+    args: ['-t', :filter, '-p', :tcp, '-m', 'string', '--string', "GET /index.html", '-m', 'comment', '--comment', '000 string_matching'],
   },
   'string_matching_2' => {
     params: {
@@ -1394,7 +1399,7 @@
       string: 'GET /index.html',
       string_algo: 'bm',
     },
-    args: ['-t', :filter, '-p', :tcp, '-m', 'string', '--string', "'GET /index.html'", '--algo', :bm, '-m', 'comment', '--comment', '000 string_matching'],
+    args: ['-t', :filter, '-p', :tcp, '-m', 'string', '--string', "GET /index.html", '--algo', :bm, '-m', 'comment', '--comment', '000 string_matching'],
   },
   'string_matching_3' => {
     params: {
@@ -1404,7 +1409,7 @@
       string_from: '1',
       string_to: '65535',
     },
-    args: ['-t', :filter, '-p', :tcp, '-m', 'string', '--string', "'GET /index.html'", '--from', '1', '--to', '65535', '-m', 'comment', '--comment', '000 string_matching'],
+    args: ['-t', :filter, '-p', :tcp, '-m', 'string', '--string', "GET /index.html", '--from', '1', '--to', '65535', '-m', 'comment', '--comment', '000 string_matching'],
   },
   'nfqueue_jump1' => {
     params: {

diff --git a/spec/spec_helper_acceptance_local.rb b/spec/spec_helper_acceptance_local.rb
@@ -20,7 +20,11 @@ def ip6tables_flush_all_tables
 def install_iptables
   run_shell('iptables -V')
 rescue
-  run_shell('apt-get install iptables -y')
+  if os[:family] == 'redhat'
+    run_shell('yum install iptables-services -y')
+  else
+    run_shell('apt-get install iptables -y')
+  end
 end
 
 def iptables_version