iptables with NTP
Solution 1:
When your computer tries to access the NTP server the source port will be indeterminate and the destination on the server will be 123. So, the opposite of what you currently have. Do this instead:
# iptables -S
-P INPUT DROP
-P FORWARD DROP
-P OUTPUT DROP
-A INPUT -i eth0 -p udp -m udp --sport 123 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 123 -j ACCEPT
EDIT: From comment questions:
For the INPUT chain --sport 123
means the port on the remote machine, and for the OUTPUT chain --dport 123
means the port on the remote machine.
One rule can work on multiple network interfaces by not specifying a network interface, although I do not understand why you would want to do that. So (untested):
-A INPUT -p udp -m udp --sport 123 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 123 -j ACCEPT