Um, that was a brainfart, very sorry. I wasn’t reading the CIDR right, thinking 0.0.0.0/0 was equivalent to an Allow for an equivalent subnet notation of 255.255.255.255 … which is insane.
So those rules combined say : Allow No IPs, and then Allow only my one address (full 32 bits).
What I’m not understanding (and this was the gist of my OP) is if the order of the rules matter. I’d assume not, since the Block All rule here follows the Allow One IP rule.