"IPv6 wishes to solve this for you."
Indeed it does. Under IPv4, devices (and games, and whatever else) need to "punch holes in your router" and so many people simply enable the "let devices punch holes in my router" feature in their router. (Well, probably not. Actually, many people simply do nothing because their ISP pre-configured the router with this "on" in order to reduce its customer support burden.) This, however, lets *any* device punch holes, not just the one or two that you wanted.
Under IPv6, there's no need for such a feature to exist in your router, so people will get into the habit of using the router's firewall configuration instead and that ought to result in exceptions being made on a case-by-case basis.