iptables settings for openvz hardware node

vz.conf

IPTABLES="ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_state ip_nat_ftp ipt_recent ip_conntrack_ftp xt_mac ip_conntrack_irc ipt_owner ipt_REDIRECT iptable_nat, ip_tables"
IPTABLES_MODULES="$IPTABLES xt_connlimit nf_nat"