Windows Firewall Inbound Ruling – Powershell Script

firstly, sorry about the wording of this, i struggle to explain myself easily sometimes but will try my hardest here.

I’m trying to create a PS script that creates a windows firewall rule, blocking the port “6672” for a certain .exe file on an INBOUND connection but lets me have the option to whitelist certain IPs.

The way to do this manually means i have to block the port (6672) for my .exe file completely to ALL IP’s then add a range leaving out the IP’s i want to whitelist.

For Example if i want to add “192.168.0.3” i have to set a range on the rule for “0.0.0.0” to “192.168.0.2” then another for “192.168.0.4” to “255.255.255.255”. The reason i have to do it this was it that in windows firewall it looks like you cannot whitelist single IP’s from a block rule and block rules override any allow rules.

So back to my original point, I’m really struggling for ideas on how to resolve this at the moment as i can’t find a workaround. Is there a way anybody knows of to be able to exclude certain IP’s from a rule or how to make an allow rule be prioritised over a block rule?

Thanks for the time to read this