Is there a way to find which iptables rule was responsible for dropping a packet?
You could add a TRACE rule early in the chain to log every rule that the packet traverses.
I would consider using iptables -L -v -n | less
to let you search the rules. I would look port; address; and interface rules that apply. Given that you have so many rules you are likely running a mostly closed firewall, and are missing a permit rule for the traffic.
How is the firewall built? It may be easier to look at the builder rules than the built rules.
Since iptables -L -v -n
has counters you could do the following.
iptables -L -v -n > Sample1
#Cause the packet that you suspect is being dropped by iptables
iptables -L -v -n > Sample2
diff Sample1 Sample2
This way you will see only the rules that incremented.
Run iptables -L -v -n
to see the packet and byte counters for every table and for every rule.