Hi,
I assumed that the connection to port 901 was from an unprivileged client port. Maybe that's not the case. Try again with exactly the same commands but completely remove the '1024:65535'. I.e. :
ipchains -A input -p tcp -d any/0 901 -j ACCEPT
ipchains -A output -p tcp ! -y -s any/0 901 -d any/0 -j ACCEPT
Also, where are you trying to use swat from, where is the firewall, and where would the swat server be running ? Is this 3 different machines, 2 , or just one with everything ?
Rgds