Am 31.08.2011 15:18, schrieb Always Learning: >>> uname -a = 2.6.35.4 #2 (don't know how this got installed) > >> This is not a CentOS-provided kernel; as has been said elsewhere >> in the thread, this is likely an OpenVZ kernel. Your hosting No stock OpenVZ kernel, see http://download.openvz.org/kernel/branches/ for the available OpenVZ kernel branches. 2.6.32 is the most recent. > A very helpful and knowledgeable poster, Walter Haidinger, in his email > dated Wed, 31 Aug 2011 13:10:16 +0200 (12:10 BST), gave what appears to > be an ideal solution. > * get a more recent iptables from netfilter.org > * install to a different location > * how to install it Please note that wanted to provide fix to your problem, which is hardly an ideal solution. You might want to read my reply to KB post and my emphasis on keeping a "clean" distribution. > The server provider's suggestion > > modprobe ipt_string So your kernel is missing the required iptables kernel module too. I really doubt that you've permission to load a kernel module from inside of an OpenVZ container. AFAIK this must be done on the host. Once the kernel module is loaded, you can try if your stock iptables works. If not, you'll have to try a newer release as I suggested in the first place. > So I am observing. > Thank you. Good luck, you're welcome. Regards, Walter