I'm not at a point where I can do a lot of testing right now, but there are a couple of things you can try.
Your
-A FORWARD -j REJECT
line probably isn't doing anything without NAT, but you might comment that out or set your action to ACCEPT and reload the firewall to see if it makes a difference.
It also looks like you're logging rejected requests. You could try logging in to the server and then grepping your logs for 'iptables denied'.
|