Chain INPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0          
ACCEPT     all  --  192.168.20.0/24      0.0.0.0/0          
drop-and-log-it  all  --  192.168.20.0/24      0.0.0.0/0          
ACCEPT     icmp --  0.0.0.0/0            216.161.174.4      
ACCEPT     all  --  0.0.0.0/0            216.161.174.4      state RELATED,ESTABLISHED 
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          multiport dports 21,23,25,53,80,110,199,1994,1998,1999 
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0          multiport dports 21,23,25,53,80,110,199,1994,1998,1999 
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          multiport dports 22,47,143,443,993,1723 
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0          multiport dports 22,47,143,443,993,1723 
drop-and-log-it  all  --  0.0.0.0/0            0.0.0.0/0          

Chain FORWARD (policy DROP)
target     prot opt source               destination         
ACCEPT     tcp  --  0.0.0.0/0            192.168.20.246     tcp dpt:22 
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0          state RELATED,ESTABLISHED 
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0          
drop-and-log-it  all  --  0.0.0.0/0            0.0.0.0/0          

Chain OUTPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0          
ACCEPT     all  --  216.161.174.4        192.168.20.0/24    
ACCEPT     all  --  192.168.20.0/24      192.168.20.0/24    
drop-and-log-it  all  --  0.0.0.0/0            192.168.20.0/24    
ACCEPT     all  --  216.161.174.4        0.0.0.0/0          
drop-and-log-it  all  --  0.0.0.0/0            0.0.0.0/0          

Chain drop-and-log-it (5 references)
target     prot opt source               destination         
LOG        all  --  0.0.0.0/0            0.0.0.0/0          LOG flags 0 level 6 
REJECT     all  --  0.0.0.0/0            0.0.0.0/0          reject-with icmp-port-unreachable