System administration

Why doesn't NFQUEUE work?

Dear professionals! There are VPS. Task: catch all TCP packets from a specific user and write them to a file. It would seem that nothing complicated - from iptables through NFQUEUE, then catch on dumpcap. But it doesn't work on a virtual machine. What are the considerations? Help me please.
Below is a simplified test for trying to connect to port 80.

# iptables -A OUTPUT -m tcp -p tcp --dport=80 -j NFQUEUE --queue-num=2
# dumpcap -i nfqueue:2 &
[1] 20424
# Capturing on nfqueue:2
File: /tmp/wireshark_nfqueue-2_20140512211225_1QWcTP

# telnet google.com 80
Trying 74.125.136.138...
telnet: connect to address 74.125.136.138: Connection timed out
Trying 74.125.136.113...
^C
# fg
dumpcap -i nfqueue:2
Packets captured: 0
Packets received/dropped on interface nfqueue:2: 0/0 (0.0%)
# iptables -D OUTPUT -m tcp -p tcp --dport=80 -j NFQUEUE --queue-num=2
# telnet google.com 80
Trying 74.125.136.113...
Connected to google.com.
Escape character is '^]'.
^]

telnet> Connection closed.
# uname -r
2.6.32-042stab085.17
# dumpcap -v
Dumpcap 1.8.10 (SVN Rev Unknown from unknown)

Copyright 1998-2013 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with GLib 2.26.1, with libpcap, with libz 1.2.3, without POSIX
capabilities.

Running on Linux 2.6.32-042stab085.17, with locale en_US.UTF-8, with libpcap
version 1.4.0, with libz 1.2.3.

Built using gcc 4.4.7 20120313 (Red Hat 4.4.7-4).

See www.wireshark.org for more information.
# iptables
iptables v1.4.7: no command specified
Try `iptables -h' or 'iptables --help' for more information.

As you can see, as soon as I remove the rule associated with NFQUEUE, the packets immediately begin to pass. What could be the problem? Thanks in advance.