A firewall really doesn't do anything on a default installation, as there are no ports open to the outside world, and if you are behind a router, it's a belt + suspenders type of activity.
it's just like the poster earlier that tried to block Opera from accessing the Internet. Web browsers and many other programs use random high ports for out going connections, so it's pretty hard to block a port if you don't know which one it is using, and it changes every time you use a program, have a look at this example:
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 192.168.1.215:43915 22.214.171.124:5222 ESTABLISHED
tcp 0 0 192.168.1.215:56053 192.168.1.235:22 ESTABLISHED
tcp 0 0 127.0.0.1:7634 127.0.0.1:53732 TIME_WAIT
tcp 1 0 192.168.1.215:44341 126.96.36.199:80 CLOSE_WAIT
tcp 1 0 192.168.1.215:51431 188.8.131.52:80 CLOSE_WAIT
I've bolded the outgoing ports, these change every time a program is opened.
For outgoing connections it is easier to block the dport rather then the source port.
sudo iptables -A OUTPUT --dport 80 -j DROP
Will block opera (and other web browsers) =)
There are two mistakes one can make along the road to truth...not going all the way, and not starting.
--Prince Gautama Siddharta