看看我的ipttables有什么问题

tian1118

*nat
REROUTING ACCEPT [247]
OSTROUTING ACCEPT [209]
:OUTPUT ACCEPT [209]
-A POSTROUTING -s 192.168.0.0/255.255.255.0 -o eth1 -j SNAT --to-source a.b.c.d
-A POSTROUTING -s 192.168.0.0/255.255.255.0 -j MASQUERADE
COMMIT

*filter
:INPUT DROP [1083]
:FORWARD DROP [23305]
:OUTPUT ACCEPT [1568]

-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT

-A FORWARD -i eth0 -o eth1 -j ACCEPT
-A FORWARD -i eth1 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
COMMIT