Heya Guus,
Not sure how much this is going to help you... I am pretty sure you can block them all besides 8 and 0 to just allow yourself to ping to and from the machine. I myself have a webserver running with all of them blocked, the webserver also runs some smtp, ftp (on a port other than 21) and has to connect to a sql machine and I haven't had any problems with any of those services connecting. I am pretty sure it won't effect NAT but as I've never done it I can't be sure. Hope this helps a little.

Greg