You can use the netfilter "owner" module/extension to create the appropriate rules to match traffic from a specific user (on the Linux system where the user resides).
sudo iptables -I OUTPUT -m owner --uid-owner <USERNAME> -p tcp -m tcp -d destination-address --dport destination-port-number -j REJECT
But once the IP traffic leaves the system there is no concept of "username/owner" in TCP/IP traffic anymore, packets only contain protocol, IP-address and port numbers and have no user identification that you could use as a reliable basis for firewall rules on a remote system or in an intermediate firewall.
The historic solution for that was the ident protocol and identd service (RFC 931 and descendant RFC 1413) running on the source IP-address of an incoming connection, which would return a username associated with a particular TCP connection. That is what allowed username based authentication in the hosts.[allow|deny] access controls.
I don't know of anyone that either still supports or trusts the ident service anymore and even the RFC is quite explicit in section 6 on the security considerations "The Identification Protocol is not intended as an authorization or
access control protocol", so don't go there.
