Dear Nataraj, >> > You are going to have to add rules to both your INPUT and OUTPUT >> > chains to allow this traffic through. Could you send on a copy of >> > /etc/sysconfig/iptables, if that is how your are loading these rules? >> > I could then send you the exact commands to run. > > One thing I notice is that you call the my_drop chain from INPUT, OUTPUT > and FORWARD chains. Since you are trying to route packets in/out the > same interface, there is no way to tell whether the packets are actually > being dropped on INPUT, OUTPUT or FORWARD. If you were to change > things, at least temporarily so that your DROP printed a different > message for INPUT, OUTPUT and FORWARD, you would at least be able to > tell where the packets are being dropped. The fastest way to do this > might be to duplicate the my_drop chain as my_drop_input, my_drop_output > and my_drop_forward, change the message in each and call the correct one > from each chain. Then you would at least know where the problem was. Thanks for the tip. I am going to give it a try. Best Regards Marcus