indiDing
Your logic is flawed.
Here's a simple example:
Let's say you have a third-party app that requires an internet connection to function properly. Let's assume that you don't trust this app, and you've (somehow) figured out that it only uses 2 servers: server A and server B.
If you want to block the app from talking to server A, go ahead, but keep in mind that your app can still talk to server B, and servers A and B can talk with each other. There is no way for you to stop servers A and B from communicating with each other. There is also no way for you to know what is actually running on the servers unless you have a direct physical access to them. Even if people running those servers would "open-source" stuff that is running on their servers you are still trusting these people. There is no way for you to figure out if they are lying or not
That's why you either allow the app to connect to both A and B, or you disallow everything.
Badness enumeration does not work.