Log this.

A brief discussion of logging: iptables does some of the ugliest logging known to humanity, but it does have everything you need in it. There are lots of applications out there to make iptables logs understandable. Look on http://freshmeat.net
The reason I set the log-level to debug in the firewall was so that the iptables logging doesn't get dumped to the console. Thats annoying. However, you probably want it logged into its own file.
To do this, edit /etc/syslog.conf, and add this line to the top: kern.=debug /var/log/iptables
Then, restart syslog (/sbin/service syslog restart).

A brief discussion of logging: iptables does some of the ugliest logging known to humanity, but it does have everything you need in it. There are lots of applications out there to make iptables logs understandable. Look on http://freshmeat.net