PHP

Where can I download universal firewall settings or a convenient description of ports / services in order to write universal rules for workstations myself?

Good afternoon. For a long time, there has been an idea to firewall user workstations with an application-level firewall, write (download) fairly universal rules like “prohibit everything” (with the exception of those ports that are required for applications to work - for example, ref. 80,21,443 for a browser, 23 for a telnet client etc., but at the same time to ban all sorts of photoshop bonjours and other ABBY goodies on the LAN)

1. I would like to have 2 zones in the firewall - the local network and the Internet, and that the sets of rules for these two zones are different. This was once implemented in Kerio Personal Firewall, where it was possible to prohibit any activity for the Internet, but allow it for LAN or set rules for LAN, for example. What firewalls now allow you to configure the policy in this form?

2. instead of writing the rules yourself with catching all the ports that are needed for Windows to work with active directories, smb, network printing services and others, it would be nice to have a site where settings for specific firewalls are published that can be imported, or at least described in detail all the necessary Windows services, as well as ports of various popular applications. the default settings for working with system services are not always good (smb is opened from the external interface, etc.)

are there already solutions to the above problems or do you have to write everything yourself and no one exchanges their work anywhere?