since your hunting here - chances are you will want an easy to use editor - so use NANO. nano /etc/vz/vz.conf Then do Control W and SEARCH for IPTABLES Comment out (by adding a # symbol to the line ) the current IPTABLES= line and then copy/paste and add this line directly underneath the line you just commented out. IPTABLES="ipt_REJECT ipt_recent ipt_owner ipt_REDIRECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state iptable_nat ip_nat_ftp" It is important to make sure this is all in 1 line and that it does not wrap. Now Control-S and save - overwriting the current file. Finally do an /etc/init.d/vz restart to restart openVZ. Congratulations - your ProxMox VPE (openVz) server is now setup to allow IPTABLES From here you can install CSF - install BFD/APF or your chosen IPTABLES based firewall.