When resetting IPTables, the apt-get and wget command functions correctly and also downloads what I want. But once I activate this firewall, it isn't functional. Pings still work.
I want to allow all outgoing connections. That's why I added "iptables -P OUTPUT ACCEPT" at the end.
IPTables Firewall: http://pastebin.com/pTGyiz7c
iptables -L -n -v: http://pastebin.com/6Q8Mbgfh
basvdlei & Dom is answer is right,
iptables -I INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
but, wget or apt need one more thing: DNS add below line works fine in my situation
iptables -A INPUT -p udp --dport 53 -j ACCEPT
You need to allow incoming packets, related to your outgoing connections.
iptables -I INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
If that doesn't work:
iptables -I INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
Differences are discussed here: https://unix.stackexchange.com/questions/108169/what-is-the-difference-between-m-conntrack-ctstate-and-m-state-state
Your firewall is missing major part.
The first packet go to outside correctely (as the OUTPUT policy is ACCEPT).
The fist incoming packet is rejected as there is nothing allow in INPUT rule.
You should have a iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT to allow the connection tracking to allow the packet to come.
The second packet will be allowed to go out too as the OUTPUT policy is ACCEPT.
Add a rule to log what is reject is important.
Add iptables -A INPUT -j LOG --log-prefix "DROP4 INPUT " at the end of the INPUT rule.
A remark : do you need all the opened ports in INPUT ? The mysql service opened to Internet is not really a good idea...
