Block all network traffic from/to laptop except explicit apps/protocols/targets?

networking firewall windows-xp traffic remote

Solution 1:

Most of the major firewall software packages are two products in one. They are application gateways and packet filters.

The rules you are talking about for allowing/disallowing specific applications is part of an application gateway. What you need to do is find the settings for the packet filter part of the firewall. If you post what firewall you are using someone might be able to guide you on how to setup the packet filter rules for that package.

Alternatively you can look specifically at a packet filter only firewall. GhostWall is one I've used in the past and can say is fairly easy to set up and doesn't have any negative effects on performance. It works by configuring a list of "rules" that state exactly what types of packets (and their destination/source addresses) are allowed through, these rules are processed in order, so you just specify your allow list of known IPs that you want to use, and then make your final rule "and block everything else". (Or you specify your block list, and make the last rule "allow everything else")

You will always struggle to prevent all unwanted traffic, because you either have to allow stuff, and block what you don't want, and there will always be something you haven't blocked. Or you block everything by default and only allow specifically what you do what, but you'll spend ages configuring it for all the websites you want to use (unless you use a very small subset of the web like your work VPN or something and that's all you need).

I would suggest looking at two plugins for your browser:

1) An ad blocker of some kind. This will reduce the ad traffic on any site you browse.
2) NoScripts. This will block scripts on all sites you visit until you allow them. This often has the effect of the site falling back to their simpler HTML only version which will more often than not require less downloading.

Finally, you could consider looking at a hosts file blacklist. The hosts file is a list of IP address and domains and how they should be resolved and can be used to blacklist certain sites that you don't want visited. If you Google around you should be able to find a community maintained hosts file that blacklists all the major ad servers.

Related

A linux version of cygwin?
How to create a Windows 10 bootable USB from installed Windows (not ISO)? [duplicate]
How can I enable dark mode on Firefox on Windows 7 so that the settings page has a dark mode?
Install linux from within windows 7
How to lock screen 30 minutes after unlock [duplicate]
Ubuntu 14.04 to 16.04 Upgrade failed
chromium is not generating voice
Converting WEBM to MP3
Ubuntu 16.04 blank screen after boot, AMD APU
Block internet if vpn connection drops
Using update-alternatives to change plymouth theme only affects shutdown animation, startup is left unchanged
What is Gparted doing when scanning for partitions?