pre-up iptables -A OUTPUT -p tcp -m owner –uid-owner username -j ACCEPT

or just delete the original /etc/network/interfaces statement?

What’s pre-up do? Couldn’t find anything on it in Google.

As of yet, I haven’t been successful in getting your original DROP statement to work–and I did change the username variable.

Note: You could also disable the user’s browser permissions but this would have the negative effect of disallowing user access to locally saved web pages. You could also disallow user access to the Internet via the PC firewall such as Firestarter /etc/host/deny for outbound traffic, or at a gateway firewall if the user account was on it’s own PC.