You are specifying "--dport" which is the destination port number. So, you are saying that your firewall should accept output packets coming from any port on your system just so long as they're going to TCP 4662, UDP 4665, or UDP 4672 ports at the destination. But many clients and almost all servers use different port numbers than those, so you won't be able to transmit to them. Even if a client keeps the default port configuration, the configured TCP port is only the one they use for incoming connections. Any connection attempt they make to you will have a different port number on their end, so these rules would prevent you from replying.
Did you maybe mean "--sport" for the source port number? That would change the rules so that your firewall would accept output packets to any destination port, but only if they originate from the specified ports on your system. That might make a little more sense, except it will limit your abilitiy to initiate TCP connections. For UDP, aMule sends from the same ports as it receives from, so the rule will allow aMule to send UDP to everyone. However, for TCP, aMule accepts connections on the port you configure (4662 by default) but it makes outgoing connections using an arbitrary port number. It can't use the same port number for accepting incoming connections as it uses to make outgoing connections.
So, I don't see a way to craft a rule which allows all aMule TCP communications in and out but disallows other programs from sending TCP packets out. I'm not an iptables expert by any means, so maybe somebody who's more familiar with it can correct me if I'm wrong. Maybe there's an extension to iptables which controls packets based on the originating program. I see in the
iptables documentation that there's a way to control packets based on the user ID of the originating program. If you set up a special user account on your system and run aMule from there, that would do what you want.
