I have been through opinion and opinion on what the "best" software firewall is, but it seems to me that I yet have to see anyone first ask whether or not the computer is connecting through a NAT. I am set up behind a WRT54GL. Yup, I still am using G, but with DD-WRT running on it, I have been happy.
So with that as a first line of defense, I am trying to find a solid software firewall to supplement it which will never automatically create rules for incoming AND outgoing (It is my present understanding that the MS firewall does not provide both) - I want to clear or deny any network communication initially and precisely with the software SUSPENDING the connection, not denying it and then having to go back to allow and run everything that lead up to that point all over again, and I don't want a bunch of bloat-ware coming along for the ride - I think it should be nice, tight and to the point, right?. Am I missing anything? If so, what? If not, any suggestions?