I Have a border router that does a bunch of firewall features for our network, mostly I am just blocking certain ports (135, 139, 445, etc) I want to start making a chain for each of our server specifying what is allowed to come in and out of them, I can get everything just fine except one thing:

If on the server I want to go to windows updates or any other site I connect to destination port 80 and I have this allowed, but when the reply comes back it comes to a random local port, on linux I can see what the range of local ports are, does anyone know what the local ports are on a windows machine?

By the way I am using iptables.

You probbaly just need to allow a rule to allow establised and related connections - ie:
iptables -A INPUT -m state --state RELATED,ESTABLISHED -p tcp -j ACCEPT