为什么运行此脚本后会阻止浏览任何网站？

我在这里找到了这个脚本

如何阻止 synattack？

#!/bin/sh
FWVER=0.05

echo "Loading Protect rule set version $FWVER..\n"

# The location of the iptables program
#
IPTABLES=/sbin/iptables

#Setting the EXTERNAL and INTERNAL interfaces and addresses for the network
EXTIF="ens3"
EXTIP1="41.61.59.103"
EXTIMESENTER=10

UNIVERSE="0.0.0.0/0"

#Clearing any previous configuration
#
echo "  Clearing any existing rules and setting default policies.."
$IPTABLES -P INPUT DROP
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -F OUTPUT
$IPTABLES -P FORWARD ACCEPT
$IPTABLES -F FORWARD
# Otherwise, I can not seem to delete it later on
$IPTABLES -F add-to-connlimit-list
# Delete user defined chains
$IPTABLES -X
# Reset all IPTABLES counters
$IPTABLES -Z

echo "...load xt_recent..."
modprobe -r xt_recent
modprobe xt_recent ip_list_tot=5000 ip_pkt_list_tot=128
echo "...load list limitation..."
#######################################################################
# USER DEFINED CHAIN SUBROUTINES:
#
# add-to-connlimit-list
# To many connections from an IP address has been detected.
$IPTABLES -N add-to-connlimit-list
$IPTABLES -A add-to-connlimit-list -m recent --set --name BADGUY_CONN
$IPTABLES -A add-to-connlimit-list -j DROP
echo "...Accept incomming traffic..."

# loopback interfaces are valid.
#
$IPTABLES -A INPUT -i lo -s $UNIVERSE -d $UNIVERSE -j ACCEPT
$IPTABLES -A INPUT -p tcp ! --syn -m state --state NEW -j REJECT

# Just DROP invalid packets.
$IPTABLES -A INPUT -i $EXTIF -p tcp -m state --state INVALID -j DROP


# external interface, from any source, for any remaining ICMP traffic is valid
$IPTABLES -A INPUT -i $EXTIF -p ICMP -s $UNIVERSE -j DROP

#allow TcpPorts
$IPTABLES -A INPUT -i $EXTIF -m recent --update --hitcount 1 --seconds 432000 --name BADGUY_CONN -j DROP
$IPTABLES -A INPUT -i $EXTIF -d $EXTIP1 -p tcp -m connlimit --connlimit-above $EXTIMESENTER -j add-to-connlimit-list

$IPTABLES -A INPUT -i $EXTIF -d $EXTIP1 -m state --state NEW -p tcp -j ACCEPT

echo "...protect TcpPorts..."


# Allow any related traffic coming back to the server in. i moved it here to drop the attacker current connectivety as you told me
#
$IPTABLES -A INPUT -i $EXTIF -s $UNIVERSE -d $EXTIP1 -m state --state ESTABLISHED,RELATED -j ACCEPT

echo "...Allow any related traffic..."



# O.K. at this point, we will DROP the packet, however some will be dropped without logging just to make the log file
# less cluttered.
#
$IPTABLES -A INPUT -i $EXTIF -p udp -m multiport --dport 33434:33448 -j DROP
$IPTABLES -A INPUT -i $EXTIF -p tcp -m multiport --dport 23,2323 -j DROP

#this rule may not needed
$IPTABLES -A INPUT -s $UNIVERSE -d $UNIVERSE -j DROP

echo Protect rule set version $FWVER done.

但是当我在我的 ubuntu 机器上运行这个脚本时，我无法通过浏览器浏览任何网站

知道为什么吗？