I would avoid filtering the INPUT based solely on source port. In theory, an attacker could send a packet from, say, the LDAP port to any other port on your system, effectively bypassing your firewall.
By the way, instead of writing the iptables rules manually, you may want to use a frontend such as shorewall.