Mac OSX Server - AFP Firewalling
Solution 1:
Unfortunately, no... the relevant ipfw rules are all IP/portnumber based and are completely ignorant of protocol specific info like share names.... this means you can either allow all or nothing for the AFP service on the server.
Obviously, if you have 2 servers, just kill outside access for that one server, but then you probably wouldn't be asking the question.
A workaround hack would be to fire up a VM on the server that gets a totally different IP address and then use ipfw to allow/deny as appropriate. Is that an option for you?