There is a tool called iptables that lets you do that, although, you wont get a messagebox asking if you want to allow it or not.
But you only open ports for the applications that need it anyway, just block all other ports.
You can still surf the web as usual, it only blocks outcoming connections if you want.
Unfortunatly I have never really learned to use this tool so i cant help you with that, but there are lots of how to's on the web
There are also GUI's for this tool. One example is firestarter.