Firewall Block with Exception



I want to create a firewall rule that blocks all with the exception of a few IPs.

1) How can that be done ?

2) Is there a way to know which rules are effective based on a set of conditions like port number or IP ?.

