If I choose "block all incoming connections", does it mean all ports are closed?

Block all incoming connections will prevent legitimate network connection , attempts including all forms of file sharing in OSX , remote access connections with SSH or SFTP & any other similar network service that allows for Mac network connections from trusted logins .

If certain features like file sharing is left turned on , but block all incoming connections with the firewall the Mac will still show up on network scans , but nobody would be able to connect to it .An article for it : macOS Sierra: Firewall pane of Security & Privacy System Preferences

Stealth mode : In firewall options , select to prevent the Mac from responding to probing requests that can be used to reveal its existence . The Mac still answers requests from authorised apps but unauthorised requests such as ICMP ( ping ) get no response .

An article for stealth mode : OS X Yosemite: Prevent others from discovering your Mac

For open ports , type network utility > select port scan > enter IP address to scan for open ports > click on scans you will notice it will start to scan , wait for a while if any ports are opened , it will show .You can stop port scanning .

An article for it : macOS Sierra: Check for open TCP ports

Are you on a Public network, or are you behind a router?

Do you have any of the Sharing services enabled in Sharing System Preferences.

If you are behind a Router, that is a firewall and it is blocking access to your Mac from the outside world.

If you have no sharing services enabled, you have no ports open.

The firewall is only useful if you are on a Public network and you need to use the sharing services.

It doesn't look like that Modem provides any routing, so you do not have a router. You are directly connected to the Internet.

A Router would create another network, passing desired traffic in and out through the modem, but isolating the rest of the internet from your Mac. A router isn't necessary if you only have one computer connected to the Internet, but they also act as a hardware firewall if you have one.

Without any sharing services enabled, there are no ports listening for traffic from outside, so they would ignore any attempts to hack in.

Here is a short article discussing use of a Firewall on OS X: http://www.howtogeek.com/205108/your-mac’s-firewall-is-off-by-default-do-you-nee d-to-enable-it/

And, here is Apple's article on the built-in Application Firewall: OS X: About the application firewall - Apple Support

Meryudok wrote:

So router would be good as hardware firewall if I'd have ports open and hacking attempts could be made?

But if all sharing services are shut down, block all incoming connections and Stealth Mode are enabled, this means no one can from outside hack in as there are no open ports? And that would mean I don't have a need for router?

Yes, I would agree with that.

As to the Firewall and its settings, you may get other opinions. A lot of people think a Firewall is a security device because Windows is so full of holes (or used to be), it was defaulted to On in Windows. However, it is just a network management tool. The settings you have would certainly make your Mac less interesting to someone cruising the net for something to hack into.