It should but why not use
Code:
iptables -A INPUT -p tcp --dport 22 -j DROP
iptables -A FORWARD -p tcp -d xxx.xxx.xxx.xxx --dport 22 -j ACCEPT
iptables -A FORWARD -p tcp -d xxx.xxx.xxx.xxx --dport 0:1024 -j DROP
As that is (to my mind) cleaner. Also I can't help wondering why you're not blocking UDP, the high ports on xxx.xxx.xxx.xxx or any ports other than 22 on the gateway.