Are you referring to Portmaster? https://github.com/safing/portmaster/
If so, it "is currently not available for macOS". https://docs.safing.io/portmaster/install/status/mac
It is at least open source unlike others: https://github.com/safing/portmaster
Think out of the box: Just don't let the app connect to an IP it has not resolved a domain name for.
That's what we can do with the Portmaster (https://github.com/safing/portmaster). Check it out!
> bypasses any system resolvers configured on the host
With the Portmaster (https://github.com/safing/portmaster) we actually tackle this problem by notifying software (eg. Firefox) or blocking their connections, forcing them back to plain DNS, which we can redirect and handle. Take a look!
With the Portmaster (https://github.com/safing/portmaster) we're going in that direction, but it will take a couple more years to be able to go that deep. Have a look!