ntpd running as non-root, but outgoing packets match as uid 0
For a program to use a port less then 1024 it must be root. Many applications like NTP will start, open the port as root, and then drop privileges to some defined account for everything else.
There are mistake in Your iptables rule:
iptables -A OUTPUT -m owner --uid-owner ntp -p udp --dport 123 -j ACCEPT
If You use --uid-owner it is necessary to define uid - numeric value.
For the program name You need another option: --cmd-owner. Correct rule is:
iptables -A OUTPUT -m owner --cmd-owner ntp -p udp --dport 123 -j
Detailed explanation You may read in great book by Oskar Andreasson.