The first two lines are ICMP "destination unreachable" messages, which are usually sent to you by a router to inform your computer that something you've sent out was unable to find the destination. This is completely normal, and it's A Good Thing, part of how networking works. 
You should probably allow ICMP destination unreachable messages through (research iptables limits to throttle them to something like 10 / minute), else you'll find that some internet applications (web browsers, etc) will just stall for long stints of time while waiting for a reply to some outbound request to certain things
The third and last lines are to TCP port 1433 which, IIRC (I feel confident) belongs to Microsoft SQL Server. This would likely be hackers/script kiddies/etc on your network or on the internet attempting to scan your computer to see if you have Microsoft SQL Server running so that they can try to brute force a password or exploit some vulnerability to take over your system. This is completely normal - any computer connected to the internet will have people trying to connect to random ports.
Actually, every failed connection attempt in that log (sans the two ICMP type 3 packets) probably falls into the latter case. It doesn't matter what services you run; as long as your computer is connected to the internet, you will be receiving connection attempts to just about every common service port in existence, perhaps even thousands a day (as is the case with one of my servers)
That is why iptables implements state management, etc. My suggestion for you is to use DROP instead of REJECT when building your ruleset
You should probably allow ICMP destination unreachable messages through (research iptables limits to throttle them to something like 10 / minute), else you'll find that some internet applications (web browsers, etc) will just stall for long stints of time while waiting for a reply to some outbound request to certain things
The third and last lines are to TCP port 1433 which, IIRC (I feel confident) belongs to Microsoft SQL Server. This would likely be hackers/script kiddies/etc on your network or on the internet attempting to scan your computer to see if you have Microsoft SQL Server running so that they can try to brute force a password or exploit some vulnerability to take over your system. This is completely normal - any computer connected to the internet will have people trying to connect to random ports.
Actually, every failed connection attempt in that log (sans the two ICMP type 3 packets) probably falls into the latter case. It doesn't matter what services you run; as long as your computer is connected to the internet, you will be receiving connection attempts to just about every common service port in existence, perhaps even thousands a day (as is the case with one of my servers)
That is why iptables implements state management, etc.
My suggestion for you is to use DROP instead of REJECT when building your rulesetThanks for the helpful information!
I have INPUT dropped, OUTPUT allowed, and FORWARD rejected.
If I enable UPnP, will Bitcoin use other ports as well?