我的 OpenVPN 服务器没有连接互联网

我的服务器上已安装并运行 OpenVPN。我希望所有来自客户端的流量都通过 VPN 服务器路由。

客户端连接正常但无法连接到互联网。

服务器配置：

port 443
proto udp
dev tun
ca /etc/openvpn/certs/ca.crt
cert /etc/openvpn/certs/brimstone.crt
key /etc/openvpn/certs/brimstone.key  # This file should be kept secret
dh /etc/openvpn/certs/dh4096.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push redirect-gateway def1
keepalive 10 120
tls-cipher DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-AES128-SHA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
cipher AES-256-CBC
auth SHA384
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3

iptables-保存：

# Generated by iptables-save v1.4.14 on Fri Jul 24 07:44:57 2015
*raw
:PREROUTING ACCEPT [69770:12550856]
:OUTPUT ACCEPT [52469:5225827]
COMMIT
# Completed on Fri Jul 24 07:44:57 2015
# Generated by iptables-save v1.4.14 on Fri Jul 24 07:44:57 2015
*nat
:PREROUTING ACCEPT [171:11702]
:POSTROUTING ACCEPT [136:8184]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -s 10.8.0.0/24 -o venet0 -j MASQUERADE
COMMIT
# Completed on Fri Jul 24 07:44:57 2015
# Generated by iptables-save v1.4.14 on Fri Jul 24 07:44:57 2015
*mangle
:PREROUTING ACCEPT [69770:12550856]
:INPUT ACCEPT [69068:12508784]
:FORWARD ACCEPT [684:41112]
:OUTPUT ACCEPT [52469:5225827]
:POSTROUTING ACCEPT [53153:5266939]
COMMIT
# Completed on Fri Jul 24 07:44:57 2015
# Generated by iptables-save v1.4.14 on Fri Jul 24 07:44:57 2015
*filter
:INPUT DROP [25:2952]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [320:45993]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -m state --state NEW -j ACCEPT
-A INPUT -p udp -m state --state NEW -m udp --dport 443 -j ACCEPT
-A FORWARD -s 10.8.0.0/24 -j ACCEPT
COMMIT
# Completed on Fri Jul 24 07:44:57 2015

配置转发/路由时我是否遗漏了什么？

编辑：

事实证明我犯了一个非常愚蠢的错误......我写下了我需要的 iptables 规则，然后在实际应用它们时忘记了一条。

我忘了允许已建立或相关的会话转发。