#!/bin/bash
/bin/echo "Firewall rules starting up now..."
/sbin/modprobe ipt_MASQUERADE
/usr/local/sbin/iptables -F
/usr/local/sbin/iptables -t nat
/usr/local/sbin/iptables -t mangle -F
/usr/local/sbin/iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
/bin/echo 1 > /proc/sys/net/ipv4/ip_forward
/usr/local/sbin/iptables -A OUTPUT --dport 3128 -j DENY
/usr/local/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
/usr/local/sbin/iptables -t nat -A PREROUTING -i eth2 -p tcp --dport 80 -j REDIRECT --to-port 3128

I would like to know the rule to block ports outbound.

I am trying to block port 3128 my squid/proxy port.
    

Soo, ehm, you want to prevent outbound packets from squid ?
If you don't want that squid is sending packets, then why start squid at
all.

Well, if that's what you really want to :
iptables -A OUTPUT -p tcp --sport 3128 -j REJECT --reject-with tcp-reset
or simply
iptables -A OUTPUT -p tcp --sport 3128 -j DROP


Or don't you want users from the outside (internet) to connect ?

# Drops everything by default
iptables -P INPUT DROP

# Accepts anything coming in on your LAN interface,
# but you may want something more secure.
iptables -A INPUT -i <if_lan> -j ACCEPT


Rob