I want to run many snippets of untrusted and unknown code on an Ubuntu machine hosted on Digital Ocean. For safety reasons, I would like to record and block any external calls made by any of the code snippets. I'm sure this is a very basic question but I did some cursory searching and am not sure how to do it. I'm sure there must be a standard Unix way. I need to be able to SSH to the box, but that's it. I want to turn external connections back on after I'm done testing.
I realize there are many concerns regarding running untrusted code beyond external http calls. But this is the aspect I want to focus on in this question.