Long shot, but:
Somebody else posted a similar problem in another forum. As it turns out, the SELinux context is wrong.
Run ls -laZ on iptables-multi. It should return with:
-rwxr-xr-x. root root system_u:object_r:iptables_exec_t:s0 /sbin/iptables-multiAll the other iptables files are symlinked to it:
[root@cacti tmp]# ls -laZ /sbin/iptables*lrwxrwxrwx. root root system_u:object_r:bin_t:s0 /sbin/iptables -> iptables-multi-rwxr-xr-x. root root system_u:object_r:iptables_exec_t:s0 /sbin/iptables-multilrwxrwxrwx. root root system_u:object_r:bin_t:s0 /sbin/iptables-restore -> iptables-multilrwxrwxrwx. root root system_u:object_r:bin_t:s0 /sbin/iptables-save -> iptables-multiIf the SELinux context is not correct, change it with the chcon command on the main file:
chcon -u system_u -t iptables_exec_t /sbin/iptables-multiIf the SELinux context on the symlinks are not correct, fix them using the above command (although this time with the bin_t type)