I have a CentOS 4.3 internet gateway which wouldn't boot up recently. I reinstalled CentOS 4.3 and restored a backup copy of the iptables rules, but for some reason the INPUT chain isn't handling any packets. Is there a switch somewhere that needs to be set before it starts doing it's thing?

PREVIOUS:
[tyler@gateway ~]$ sudo /sbin/iptables -t filter -L -v
Password:
Chain INPUT (policy DROP 8252 packets, 1703K bytes)
pkts bytes target prot opt in out source destination
.blah
.blah
.blah

CURRENT:
[root@gateway named]# /sbin/iptables -t filter -L -v
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
.blah
.blah
.blah

See the zeros there? That doesn't look right to me.

have you enabled iptables.?
chkconfig --list iptables

Yes, the iptables service is running:

[root@gateway ~]# chkconfig --list iptables
iptables 0ff 1ff 2n 3n 4n 5n 6ff
[root@gateway ~]#

The FORWARD and OUTPUT chains are showing packets and bytes being processed. In order to get the FORWARD chain working I had to modify the /etc/sysctl.conf file to include this:

net.ipv4.ip_forward = 1

Maybe there's a similar option for the INPUT chain? I read the sysctl man pages but it didn't say, so I'm googling it now...

there's no option equivalent to net.ipv4.ip_forward for the INPUT chain...

please post your complete output for:my guess is that you have no INPUT rules to allow any packets...