Linux has had the ability for the kernel to ignore packets since Alan Cox ported BSD-like ipfw functionality in 1994. Ipchains and iptables soon replaced that.
For UNIX variants (Linux, BSD, Solaris, AIX, and MacOS), the kernel handles firewalling, and coding a specific app for it would be time-intensive and won't give that much more in results.
Application-level firewalling (keeping malware from coming out) is a different level altogether, but there are a number of solutions already in place for this. SELinux, for example.
What Comodo can do is write a plug-in for a management console that would enforce enterprise-wide policies on UNIX boxes, which would use existing modules (ipfw, ipchains, iptables).