Setting up rutabaga as a server also created a set of firewall rules that look like this:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:www
DROP all -- anywhere anywhere
LOG all -- anywhere anywhere limit: avg 5/min burst 5 LOG level debug prefix `iptables denied: '

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

These rules effectively block all outgoing traffic. In my quest for knowledge I discovered that Hardy has a simplified CLI to iptables called ufw. Details here. It looks like it's as simple as this:
sudo ufw allow 80