So here's the final setup I decided to use.
1. Save the current set of iptables rules to a file like so...
sudo iptables-save > /home/<username>/iptables.rules
It will create a file with contents that look like this...
# Generated by iptables-save v1.4.21 on Tue Dec 22 09:20:40 2015
*filter
:INPUT ACCEPT [158:22069]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [76:122960]
COMMIT
# Completed on Tue Dec 22 09:20:40 2015
2. Create a simple script to edit the rules and reload the rules. I created a script file named set-fw (short for set-firewall), which will load the iptables.rules file in the nano editor. When you exit the editor, it will reload the iptables.rules and echo the current rules. Here is the script...
nano /home/<username>/iptables.rules
iptables-restore < /home/<username>/iptables.rules
iptables -L
3. Run the script...
sudo ./set-fw
and add the first rule which is a line that looks like this...
-A OUTPUT -d 128.95.160.0/24 -j DROP
The file should now look like this...
# Generated by iptables-save v1.4.21 on Tue Dec 22 09:20:40 2015
*filter
:INPUT ACCEPT [158:22069]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [76:122960]
-A OUTPUT -d 128.95.160.0/24 -j DROP
COMMIT
# Completed on Tue Dec 22 09:20:40 2015
4. Exit the editor, saving the file in the process. You should see the current rules displayed, like this...
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DROP all -- 128.95.160.0/24 anywhere
5. In order to make these setting persistent, in case the system reboots, modify the network configuration to load the iptables.rules any time the interface is started, such as a reboot. Add this line to file /etc/network/interfaces...
pre-up iptables-restore < /home/<username>/iptables.rules
The interfaces file should look something like this...
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
pre-up iptables-restore < /home/<username>/iptables.rules
All I have to do is either add a line for a new project, or comment out a line if I no longer want it blocked. To comment the line, just put a # at the beginning of the line.
Again, if there's any better way, let me know.
NOTE: Pay attention to which chain you use. INPUT requires the -s (source) option and OUTPUT requires the -d (destination) option. Miss that part and you might accidentally upload WUs