include base::iptables to avoid error when running as puppet apply

manifests/iptables.pp

@@ -8,6 +8,7 @@ class base::iptables {
         command     => '/usr/sbin/rebuild-iptables',
         refreshonly => true,
         require     => Package['stanford-server'],
+        path        => '/usr/bin',
         unless      => '[ -e /etc/no-iptables ]',
     }
 

manifests/iptables/rule.pp

@@ -17,7 +17,7 @@
 # Multiple ports, multiple sources, and multiple protocols can be specified.
 # If only one is given, the [] brackets are optional.  Description (optional)
 # is used to generate a comment at the top of the file and has no other
-# semantic meaning. 
+# semantic meaning.
 #
 # Protocol is required.  Source and port are optional; if omitted, connections
 # from any source or port are allowed.  Omitting source AND port is not
@@ -34,9 +34,12 @@ define base::iptables::rule(
     if ($source == '' and $port == '') {
         fail "Base::Iptables::Rule[$name] - you cannot omit both source and port"
     }
+
+    include base::iptables
+
     file { "/etc/iptables.d/${name}":
         ensure  => $ensure,
         content => template('base/iptables/rule.erb'),
         notify  => Exec['rebuild-iptables'],
     }
-}
\ No newline at end of file
+}