I highly recommend using uMatrix[1][2] if you're very privacy-conscious. It's the full-blown everything-at-your-fingertips console.
By default, it blocks third-party scripts/cookies/XHRs/frames (with an additional explicit blacklist). You then manually whitelist on a matrix which types of requests from which domains you want to allow. Your preferences are saved.
It is a bit annoying the first time you visit any new domain, because you need to go through a bootstrapping whitelist process to make it work. After a while I find I do it almost automatically though.
I use it in conjunction with uBlock Origin and Disconnect, and it still catches the vast majority of things. As a nice side-effect, I find I keep pretty up-to-date with new SAAS companies coming out!
---
[1] https://chrome.google.com/webstore/detail/umatrix/ogfcmafjal...
I'd prefer a solution that does not just work for a specific browser, but instead blocks all traffic regardless of browser, application, virtual machine, ...
That's just putting rules into /etc/hosts ?
edit - answered my own question :) Yes it will.
I use Little Snitch[1] (and its sibling Micro Snitch[2]) for filtering connections at the system level. I don't interact with it too often though, because I rarely install new apps.
Not to say /etc/hosts doesn't work, these days I just find I prefer things with better UX.
---
Little Snitch is for MacOS. As a linux user I desperately looked for an equivalent and found none. Douane was suggested. It's no good. What a sorry state of affair. We need a simple app-level filtering solution.