o que há de errado com minha configuração ufw no servidor Ubuntu?

Eu configurei o firewall ufw para o meu servidor Ubuntu no linode da seguinte forma:

NotequeissoénoterminalLish,infelizmenteassimqueeuligooufw,eunãoconsigo:

• vejameuwebsitedetestepelaporta80donavegador,ouatéenrole-oparaobterseuscabeçalhosderesposta;

• Nãoconsigofazersshnoservidor,atéaporta22está"permitindo acesso";

A ação padrão do ufw é negar, o que acredito ser uma boa prática para um firewall "defensivo". Eu sou novo no material de administração do sistema, então não tenho certeza de qual parte eu fiz de errado ...

Alguma opinião?

ATUALIZADO conforme sugerido: Aqui estão as impressões do iptables-save:

# Generated by iptables-save v1.4.4 on Tue Dec 14 09:55:24 2010
*security
:INPUT ACCEPT [80376:49275670]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [39230:5028423]
COMMIT
# Completed on Tue Dec 14 09:55:24 2010
# Generated by iptables-save v1.4.4 on Tue Dec 14 09:55:24 2010
*raw
:PREROUTING ACCEPT [81286:49365430]
:OUTPUT ACCEPT [39230:5028423]
COMMIT
# Completed on Tue Dec 14 09:55:24 2010
# Generated by iptables-save v1.4.4 on Tue Dec 14 09:55:24 2010
*nat
:PREROUTING ACCEPT [1419:87729]
:POSTROUTING ACCEPT [2334:168647]
:OUTPUT ACCEPT [2334:168647]
COMMIT
# Completed on Tue Dec 14 09:55:24 2010
# Generated by iptables-save v1.4.4 on Tue Dec 14 09:55:24 2010
*mangle
:PREROUTING ACCEPT [81286:49365430]
:INPUT ACCEPT [81274:49361314]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [39230:5028423]
:POSTROUTING ACCEPT [39230:5028423]
COMMIT
# Completed on Tue Dec 14 09:55:24 2010
# Generated by iptables-save v1.4.4 on Tue Dec 14 09:55:24 2010
*filter
:INPUT ACCEPT [713:54735]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [666:62866]
:ufw-after-forward - [0:0]
:ufw-after-input - [0:0]
:ufw-after-logging-forward - [0:0]
:ufw-after-logging-input - [0:0]
:ufw-after-logging-output - [0:0]
:ufw-after-output - [0:0]
:ufw-before-forward - [0:0]
:ufw-before-input - [0:0]
:ufw-before-logging-forward - [0:0]
:ufw-before-logging-input - [0:0]
:ufw-before-logging-output - [0:0]
:ufw-before-output - [0:0]
:ufw-logging-allow - [0:0]
:ufw-logging-deny - [0:0]
:ufw-not-local - [0:0]
:ufw-reject-forward - [0:0]
:ufw-reject-input - [0:0]
:ufw-reject-output - [0:0]
:ufw-skip-to-policy-forward - [0:0]
:ufw-skip-to-policy-input - [0:0]
:ufw-skip-to-policy-output - [0:0]
:ufw-track-input - [0:0]
:ufw-track-output - [0:0]
:ufw-user-forward - [0:0]
:ufw-user-input - [0:0]
:ufw-user-limit - [0:0]
:ufw-user-limit-accept - [0:0]
:ufw-user-logging-forward - [0:0]
:ufw-user-logging-input - [0:0]
:ufw-user-logging-output - [0:0]
:ufw-user-output - [0:0]
-A ufw-after-input -p udp -m udp --dport 137 -j ufw-skip-to-policy-input 
-A ufw-after-input -p udp -m udp --dport 138 -j ufw-skip-to-policy-input 
-A ufw-after-input -p tcp -m tcp --dport 139 -j ufw-skip-to-policy-input 
-A ufw-after-input -p tcp -m tcp --dport 445 -j ufw-skip-to-policy-input 
-A ufw-after-input -p udp -m udp --dport 67 -j ufw-skip-to-policy-input 
-A ufw-after-input -p udp -m udp --dport 68 -j ufw-skip-to-policy-input 
-A ufw-after-input -m addrtype --dst-type BROADCAST -j ufw-skip-to-policy-input 
-A ufw-after-logging-forward -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] " 
-A ufw-before-forward -j ufw-user-forward 
-A ufw-before-input -i lo -j ACCEPT 
-A ufw-before-input -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A ufw-before-input -m state --state INVALID -j ufw-logging-deny 
-A ufw-before-input -m state --state INVALID -j DROP 
-A ufw-before-input -p icmp -m icmp --icmp-type 3 -j ACCEPT 
-A ufw-before-input -p icmp -m icmp --icmp-type 4 -j ACCEPT 
-A ufw-before-input -p icmp -m icmp --icmp-type 11 -j ACCEPT 
-A ufw-before-input -p icmp -m icmp --icmp-type 12 -j ACCEPT 
-A ufw-before-input -p icmp -m icmp --icmp-type 8 -j ACCEPT 
-A ufw-before-input -p udp -m udp --sport 67 --dport 68 -j ACCEPT 
-A ufw-before-input -j ufw-not-local 
-A ufw-before-input -s 224.0.0.0/4 -j ACCEPT 
-A ufw-before-input -d 224.0.0.0/4 -j ACCEPT 
-A ufw-before-input -j ufw-user-input 
-A ufw-before-output -o lo -j ACCEPT 
-A ufw-before-output -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A ufw-before-output -j ufw-user-output 
-A ufw-logging-allow -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] " 
-A ufw-logging-deny -m state --state INVALID -m limit --limit 3/min --limit-burst 10 -j RETURN 
-A ufw-logging-deny -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] " 
-A ufw-not-local -m addrtype --dst-type LOCAL -j RETURN 
-A ufw-not-local -m addrtype --dst-type MULTICAST -j RETURN 
-A ufw-not-local -m addrtype --dst-type BROADCAST -j RETURN 
-A ufw-not-local -m limit --limit 3/min --limit-burst 10 -j ufw-logging-deny 
-A ufw-not-local -j DROP 
-A ufw-skip-to-policy-forward -j DROP 
-A ufw-skip-to-policy-input -j ACCEPT 
-A ufw-skip-to-policy-output -j ACCEPT 
-A ufw-track-input -p tcp -m state --state NEW -j ACCEPT 
-A ufw-track-input -p udp -m state --state NEW -j ACCEPT 
-A ufw-track-output -p tcp -m state --state NEW -j ACCEPT 
-A ufw-track-output -p udp -m state --state NEW -j ACCEPT 
-A ufw-user-input -p tcp -m tcp --dport 23 -j DROP 
-A ufw-user-limit -m limit --limit 3/min -j LOG --log-prefix "[UFW LIMIT BLOCK] " 
-A ufw-user-limit -j REJECT --reject-with icmp-port-unreachable 
-A ufw-user-limit-accept -j ACCEPT 
COMMIT
# Completed on Tue Dec 14 09:55:24 2010